[rancid] Re: About the .cloginrc file
Wagner Pereira
wpereira at pop-sp.rnp.br
Tue Mar 9 18:43:53 UTC 2010
Ok, John.
You meant that I should let this line as follows?
add user 10.0.0.1 rancid
There's another thing: I noticed that, after I've created my first group
on rancid.conf file, the Rancid generated itself a directory with the
same name that my group and, inside that directory, a empty router.db file.
I ask you:
1. Should I configure that empty file manually or
2. Copy the router.db.5 file's content into this empty file?
OR
run some command (because there is a router.db,v file created on
/home/rancid/var/rancid/CVS/switches-PoP-SP directory)?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
john heasley escreveu:
> Tue, Mar 09, 2010 at 09:57:12AM -0300, Wagner Pereira:
>
>> Hi, all.
>>
>> I would like to ensure that my .cloginrc file is correctly written. Can
>> someone help me out? Thanks a lot.
>>
>> ============================
>> add password 10.0.0.1 {vty_pass} {ena_pass}
>>
>> add user 10.0.0.1 $USER
>>
>
> this is the default; not necessary and afaik its $env(USER).
>
>
>> add userprompt 10.0.0.1 {"Username:"}
>>
>> # add userpassword <router name glob> <user password>
>> # The password for user if different than the password set
>> # using 'add password'.
>>
>> add passprompt 10.0.0.1 {"Password:"}
>>
>> add method * {telnet} {ssh}
>>
>> add enableprompt 10.0.0.1 {"Password:"}
>>
>> add cyphertype 10.0.0.1 3des
>>
>> # customer x
>> # these routers ask for a username and password. we automatically get
>> # enable access after successful authentication.
>> add user *.custx.net roger
>> add password *.custx.net {doger}
>> add autoenable *.custx.net 1
>>
>> # customer y
>> # this is the normal cisco login. a password followed by and enable
>> password.
>> # try ssh first, then rlogin.
>> add password *.custy.net {vector} {victor}
>> add method *.custy.net ssh rlogin
>>
>> # customer z; they use ssh only.
>> add user *.custz.net shirley
>> add password *.custz.net {jive} {surely}
>> add method *.custz.net ssh
>>
>> # the route-server's do not provide enable access. cmdline -noenable
>> # equivalent.
>> add noenable route-server* 1
>>
>> # all our routers, i.e.: everything else
>> add password * {clearance} {clarence}
>>
>> # set ssh encryption type, dflt: 3des
>> add cyphertype * {3des}
>>
>> # set the username prompt to "router login:"
>> #add userprompt * {"router login:"}
>>
>> # ssh identity for a juniper; used with jlogin
>> add identity my.juniper $env(HOME)/.ssh/juniper
>>
>> # riverstone / enterasys / cabletron (rivlogin) example
>> # these boxes are 'back-to-front' from cisco (i.e., ask
>> # for vty password always, then tac+/radius if configured).
>> #
>> # vty password and last resort (enable) password for rivlogin
>> add password rs3000 {vtypass} {lastresort}
>> # if using tac+ or radius login, include these lines
>> add user rs3000 {monster}
>> add userpassword rs3000 {scary}
>> ============================
>>
>> --
>>
>> Wagner Pereira
>>
>> PoP-SP/RNP - Ponto de Presen?a da RNP em S?o Paulo
>> CCE/USP - Centro de Computa??o Eletr?nica da Universidade de S?o Paulo
>> http://www.pop-sp.rnp.br
>> Tel. (11) 3091-8901
>>
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
More information about the Rancid-discuss
mailing list