[rancid] Re: Does the clogin -x flag work if ssh is the transport?

Peter Serwe peter.serwe at gmail.com
Wed Dec 31 05:38:23 UTC 2008


clogin -x doesn't care what the transport is, as long as it's functional.

If you spec ssh as the transport against a non-ssh router (yes, they exist),
it won't work.  If you spec telnet as the transport and it's an ssh only router,
it won't work.  (Nice line wraps ;))

Irrespective, if clogin <router> works, then certain clogin -x
<commandfile> <router>
works the exact same way, provided the command file is in the format
of one command
per line, and the commands are valid for the router, in which case
clogin will log in, execute
the command file, and log out of the router.

Below is a sample commandfile I used to address all routers of a
certain type in my
environment during the 2 hour presentation I did on building and using rancid:

no events
conf t
snmp-server contact "Tier 3 NOC"
snmp-server contact phone "xxx-xxx-xxxx"
snmp-server contact email "t3noc at domain.tld"
no snmp-server chassis-id
exit
wr mem





On Tue, Dec 30, 2008 at 8:40 PM, Oglum AVD <oglumavd at gmail.com> wrote:
> Hi Chris;
>
> I never used -x flag but I always test it with following command to ensure
> device/config is functioning properly;
> /var/lib/rancid/bin/clogin  -c 'show clock' test-c3560-acc-sw1
>
> Configuration example on Ubunto 8.x;
> adduser rancid ¨Crancid /var/lib/rancid
> su rancid
> /var/lib/rancid/bin/rancid-cvs
> cd /var/lib/rancid
> rancid-run
> chmod 777 /var/lib/rancid/.cloginrc
> chown -R rancid /etc/cvsweb
> =====================================================
> /etc/postfix/main.cf
> removed;
> myemail at email.com, , localhost.localdomain, localhost
> /etc/init.d/postfix restart
> =====================================================
> 1. Add to Hosts file;
> nano /etc/hosts
> example; 172.16.30.1 test-c3560-acc-sw1
>
> 2. Add device password to .cloginrc
> nano /root/.cloginrc
> example follows;
> add user test-c3560-acc-sw1 testacc
> add userpassword test-c3560-acc-sw1 password
> add password test-c3560-acc-sw1 password enablepassword
> add method test-c3560-acc-sw1 {ssh}
>
> 3. Edit to  Router.db
> nano /var/lib/rancid/switches/router.db
> nano /var/lib/rancid/CVS/switches/router.db
> example; test-c3560-acc-sw1:cisco:up
>
> -- Run it;
> ./bin/rancid-run -r test-c3560-acc-sw1
> Test:
> /var/lib/rancid/bin/clogin  -c 'show clock' test-c3560-acc-sw1
> ./clogin test-c3560-acc-sw1
> /usr/lib/rancid/bin/clogin  -c 'write term' test-c3560-acc-sw1 >
> /var/lib/rancid/backups/test.cfg
> -- Configure CVSWeb -
> /etc/cvsweb/cvsweb.conf
> Basedir=/usr/local/rancid; expert basedir
> path=/usr/local/rancid/bin:/usr/local/bin:/usr/lib/usr/bin:/usr/bin
> CVSROOT=$basedir/CVS
> CVSWEBs;
> /etc/cvsweb
> /usr/share/cvsweb
> /usr/lib/cgi-bin/cvsweb
> /usr/share/doc/cvsweb
> =====================================
> # run config differ hourly
> 1 * * * * /usr/lib/rancid/rancid-run
> # clean out config differ logs
> 50 23 * * * /usr/bin/find /var/lib/rancid/logs -type f -mtime +2 -exec rm {}
> \;
> -----------------------------------------------------------------------------------------------------
> I hope this helps
>
> Dean
>
>
>
> On Mon, Dec 29, 2008 at 4:03 PM, Chris Knight <boheme at gmail.com> wrote:
>>
>> Howdy,
>>
>>  I am new to rancid, and I apologize if this is considered a newbie
>> question.  I am trying to use rancid to send a set of canned commands
>> to a Cisco ASA.  I have installed rancid 2.3.2a7 onto a RHEL5.2 box
>> running a 2.6.18-92.1.22.el5 kernel.  I have configured .cloginrc and
>> tested that I can log into the ASA using clogin.
>>
>>  After verifying that I could log into the ASA via clogin, I
>> constructed a very simple command file, that contains only two
>> commands "show ver" and "show run".  I invoke this command file with
>> this command line:
>>
>>  ./bin/clogin asa-office -x test.cmd
>>
>>  What appears to happen is that clogin does in fact log into the ASA,
>> and then it stalls.  If I let it sit for five minutes, nothing
>> happens.  So, I type 'exit'.  Now clogin appears to be invoking
>> telnet, and if I let that sit for a few minutes it times out:
>>
>> [rancid at zack ~]$ ./bin/clogin asa-office -x test.cmd
>> asa-office
>> spawn ssh -c 3des -x -l proxyit asa-office
>> proxyit at asa-office's password:
>> Type help or '?' for a list of available commands.
>> hq> enable
>> Password: *************
>> hq#
>> hq# exit
>>
>> Logoff
>>
>> Connection to asa-office closed by remote host.
>> Connection to asa-office closed.
>> -x
>> spawn telnet -x
>> telnet> enable
>> ?Invalid command
>> telnet>
>> Error: TIMEOUT reached
>> can not find channel named "exp6"
>>    while executing
>> "send "\r""
>>    ("foreach" body line 129)
>>    invoked from within
>> "foreach router [lrange $argv $i end] {
>>    set router [string tolower $router]
>>    # attempt at platform switching.
>>    set platform ""
>>    send_user ..."
>>    (file "./bin/clogin" line 712)
>> [rancid at zack ~]$
>>
>>
>>  Is there a trick to being able to use the -x flag to invoke a list
>> of commands when using ssh instead of telnet?
>>
>> -Chris
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>



-- 
¥Ô©`¥¿©`


More information about the Rancid-discuss mailing list