[rancid] Re: New device on .cloginrc

Wagner Pereira wpereira at pop-sp.rnp.br
Tue Apr 13 19:46:57 UTC 2010


You were right concerning to the rsa key.

I ran the "crypto key generate rsa" command in my Cisco router, choosing 
1024 bits. It worked.

But now the error changed, as follows (it seems like the ssh connection 
method was not tried):

spawn telnet
telnet: Unable to connect to remote host: No route to host

Error: Couldn't login:

What's next?


Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
Tel. (11) 3091-8901

Em 13/4/2010 10:41, Ryan West escreveu:
>> -----Original Message-----
>> Sent: Tuesday, April 13, 2010 9:34 AM
>> To: rancid-discuss at shrubbery.net
>> Subject: [rancid] Re: New device on .cloginrc
>> Hi, Marty.
>> It sounds wrong, I suppose, because the Rancid is still running over
>> other device perfectly.
>> Then, I ran this:
>> ----------------------
>> /home/rancid/bin/clogin
>> spawn telnet
>> Trying
>> telnet: Unable to connect to remote host: Connection refused
>> spawn ssh -c 3des -x -l root
>> ssh_rsa_verify: RSA modulus too small: 512<  minimum 768 bits
>> key_verify failed for server_host_key
>> Error: Couldn't login:
>> ----------------------
> Try googling the ss_rsa_verify output.  I imagine the device you're connecting to is rather old, you should try to run a 1024 bit key at the minimum.  I would recommend using a 2048 bit key if you can, but if it's an older device, be prepared to wait a while.  You may be able to change how RANCID connects to the device, but I think you would be off gen'ing a new key on the device instead.
> -ryan

More information about the Rancid-discuss mailing list