[rancid] Re: New device on .cloginrc
Wagner Pereira
wpereira at pop-sp.rnp.br
Tue Apr 13 19:46:57 UTC 2010
Ryan,
You were right concerning to the rsa key.
I ran the "crypto key generate rsa" command in my Cisco router, choosing
1024 bits. It worked.
But now the error changed, as follows (it seems like the ssh connection
method was not tried):
---------------------
/home/rancid/bin/clogin 10.0.0.2
10.0.0.2
spawn telnet 10.0.0.2
Trying 10.0.0.2...
telnet: Unable to connect to remote host: No route to host
Error: Couldn't login: 10.0.0.2
---------------------
What's next?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
Em 13/4/2010 10:41, Ryan West escreveu:
>
>
>> -----Original Message-----
>> Sent: Tuesday, April 13, 2010 9:34 AM
>> To: rancid-discuss at shrubbery.net
>> Subject: [rancid] Re: New device on .cloginrc
>>
>> Hi, Marty.
>>
>> It sounds wrong, I suppose, because the Rancid is still running over
>> other device perfectly.
>>
>> Then, I ran this:
>> ----------------------
>> /home/rancid/bin/clogin 10.0.0.2
>> 10.0.0.2
>> spawn telnet 10.0.0.2
>> Trying 10.0.0.2...
>> telnet: Unable to connect to remote host: Connection refused
>> spawn ssh -c 3des -x -l root 10.0.0.2
>> ssh_rsa_verify: RSA modulus too small: 512< minimum 768 bits
>> key_verify failed for server_host_key
>>
>> Error: Couldn't login: 10.0.0.2
>> ----------------------
>>
> Try googling the ss_rsa_verify output. I imagine the device you're connecting to is rather old, you should try to run a 1024 bit key at the minimum. I would recommend using a 2048 bit key if you can, but if it's an older device, be prepared to wait a while. You may be able to change how RANCID connects to the device, but I think you would be off gen'ing a new key on the device instead.
>
> -ryan
>
More information about the Rancid-discuss
mailing list