[rancid] Re: It appears that Rancid is working now!

Wagner Pereira wpereira at pop-sp.rnp.br
Tue Mar 9 22:12:24 UTC 2010


Bingo, Lance!

I can't access my device either by telnet or ssh from my Rancid server: 
Connection refused

In fact, I have only one "frontend" server (which is not the Rancid 
server) from what I gain access via telnet/ssh.

Maybe there is an ACL blocking this server. I will see this tomorrow, 
carefully.

I really appreciate your help.

Hugs,

-- 

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901



Lance Vermilion escreveu:
> that tells me that 10.0.0.1 will not allow your server to telnet/ssh 
> to it.from CLI can you telnet/ssh to 10.0.0.1 from the rancid server?
>
> On Tue, Mar 9, 2010 at 3:00 PM, Wagner Pereira <wpereira at pop-sp.rnp.br 
> <mailto:wpereira at pop-sp.rnp.br>> wrote:
>
>     Lance,
>
>     Below it is what I did. Is there some additional test that I can make?
>
>     cp /usr/local/rancid/tar/rancid-2.3.2/.cloginrc /home/rancid/
>
>     And i did run
>
>     /home/rancid/bin/clogin -c "sh run" 10.0.0.1
>
>     10.0.0.1
>     spawn telnet 10.0.0.1
>     Trying 10.0.0.1...
>     telnet: Unable to connect to remote host: Connection refused
>     spawn ssh -c 3des -x -l rancid 10.0.0.1
>     ssh: connect to host 10.0.0.1 port 22: Connection refused
>
>     Error: Connection Refused (ssh): 10.0.0.1
>
>     -- 
>
>     Wagner Pereira
>
>     PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
>     CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
>     http://www.pop-sp.rnp.br
>     Tel. (11) 3091-8901
>
>
>
>     Lance Vermilion escreveu:
>
>         Wagner,
>
>         I echo what I said before. make sure the .cloginrc is in the
>         home directory for the rancid user (sometimes: /home/rancid/)
>         and you ONLY need the following in your .cloginrc
>
>         add user 10.0.0.1 admin
>         add password 10.0.0.1 {vty_pass} {ena_pass}
>         add method 10.0.0.1 {telnet} {ssh}
>
>         best of luck from here.
>
>
>         On Tue, Mar 9, 2010 at 2:37 PM, Wagner Pereira
>         <wpereira at pop-sp.rnp.br <mailto:wpereira at pop-sp.rnp.br>
>         <mailto:wpereira at pop-sp.rnp.br
>         <mailto:wpereira at pop-sp.rnp.br>>> wrote:
>
>            Hi, Ryan.
>
>            I did read ALL the README file, believe me!
>
>            And that's my .cloginrc file, copied from the cloginrc.sample:
>
>            =====================
>            add password 10.0.0.1 {vty_pass} {ena_pass}
>
>            add user 10.0.0.1 admin
>
>            add userprompt 10.0.0.1 {"Username:"}
>
>            add passprompt 10.0.0.1 {"Password:"}
>
>            add method 10.0.0.1 {telnet} {ssh}
>
>            add enableprompt 10.0.0.1 {"Password:"}
>
>            add cyphertype 10.0.0.1 {3des}
>
>            #add password sl-bb*-dc cow24
>            #add password sl-gw*-dc geeks
>            #add password sl*       hank    dog
>            #add password at*       pete    cow
>            #add password sdn*      mujahid horse
>            #add password icm*      peter
>            #add password *         anything
>            #
>            #add user sl-gw*-dc     twit
>            #add user sdn*          sdn_auto
>            #add user sdn-bb*       ops_eng
>            #add user *             $env(USER)
>
>            # customer x
>            # these routers ask for a username and password.  we
>         automatically get
>            # enable access after successful authentication.
>            add user *.custx.net <http://custx.net> <http://custx.net>
>                    roger
>            add password *.custx.net <http://custx.net>
>         <http://custx.net>        {doger}
>            add autoenable *.custx.net <http://custx.net>
>         <http://custx.net>      1
>
>
>            # customer y
>            # this is the normal cisco login.  a password followed by
>         and enable
>            password.
>            # try ssh first, then rlogin.
>            add password *.custy.net <http://custy.net>
>         <http://custy.net>        {vector}           {victor}
>            add method *.custy.net <http://custy.net>
>         <http://custy.net>          ssh rlogin
>
>
>            # customer z; they use ssh only.
>            add user *.custz.net <http://custz.net> <http://custz.net>
>                    shirley
>            add password *.custz.net <http://custz.net>
>         <http://custz.net>        {jive}             {surely}
>            add method *.custz.net <http://custz.net>
>         <http://custz.net>          ssh
>
>
>            # the route-server's do not provide enable access.  cmdline
>         -noenable
>            # equivalent.
>            add noenable route-server*      1
>
>            # all our routers, i.e.: everything else
>            add password *                  {clearance}     {clarence}
>
>            # set ssh encryption type, dflt: 3des
>            add cyphertype *                {3des}
>
>            # set the username prompt to "router login:"
>            #add userprompt *               {"router login:"}
>
>            # ssh identity for a juniper; used with jlogin
>            add identity    my.juniper      $env(HOME)/.ssh/juniper
>
>            # riverstone / enterasys / cabletron (rivlogin) example
>            # these boxes are 'back-to-front' from cisco (i.e., ask
>            # for vty password always, then tac+/radius if configured).
>            #
>            # vty password and last resort (enable) password for rivlogin
>            add password rs3000             {vtypass}       {lastresort}
>            # if using tac+ or radius login, include these lines
>            add user rs3000                 {monster}
>            add userpassword rs3000         {scary}
>            =====================
>
>            --
>
>            Wagner Pereira
>
>            PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
>            CCE/USP - Centro de Computação Eletrônica da Universidade
>         de São Paulo
>            http://www.pop-sp.rnp.br
>            Tel. (11) 3091-8901
>
>
>
>            Ryan West escreveu:
>            > Locate .cloginrc
>            >
>            > Have you created it yet or copied the sample that comes
>         with the
>            install to your environment.  I hate to say this again, but
>         ALL of
>            this is covered in the tutorials that were posted.
>            >
>            > -ryan
>            >
>            >
>            >> -----Original Message-----
>            >> From: Wagner Pereira [mailto:wpereira at pop-sp.rnp.br
>         <mailto:wpereira at pop-sp.rnp.br>
>            <mailto:wpereira at pop-sp.rnp.br
>         <mailto:wpereira at pop-sp.rnp.br>>]
>            >> Sent: Tuesday, March 09, 2010 3:34 PM
>            >> To: Ryan West
>            >> Cc: Rancid Mailing List
>            >> Subject: Re: [rancid] It appears that Rancid is working now!
>            >>
>            >> Ryan,
>            >>
>            >> I did that:
>            >>
>            >> su - rancid && cat .cloginrc && rancid-run
>            >> rancid at servicos2:~$
>            >>
>            >> and I did run this:
>            >>
>            >> /home/rancid/bin/clogin -c "sh run" 10.0.0.1
>            >>
>            >> This is the result:
>            >>
>            >> Error: password file (/home/rancid/.cloginrc) does not exist
>            >>
>            >> --
>            >>
>            >> Wagner Pereira
>            >>
>            >> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
>            >> CCE/USP - Centro de Computação Eletrônica da Universidade de
>            São Paulo
>            >> http://www.pop-sp.rnp.br
>            >> Tel. (11) 3091-8901
>            >>
>            >>
>            >>
>            >> Ryan West escreveu:
>            >>
>            >>> Wagner,
>            >>>
>            >>>
>            >>>
>            >>>> -----Original Message-----
>            >>>> Sent: Tuesday, March 09, 2010 3:16 PM
>            >>>> To: Rancid Mailing List
>            >>>> Subject: [rancid] It appears that Rancid is working now!
>            >>>>
>            >>>> Hey, Rancid's guys!
>            >>>>
>            >>>> Can I start to celebrate? See below:
>            >>>>
>            >>>> rancid-server# cat switches-PoP-SP.20100309.170101
>            >>>>
>            >>>> starting: Tue Mar 9 17:01:01 BRT 2010
>            >>>>
>            >>>> cvs add: scheduling file `10.0.0.1' for addition
>            >>>> cvs add: use `cvs commit' to add this file permanently
>            >>>>
>         /home/rancid/var/rancid/CVS/switches-PoP-SP/configs/10.0.0.1
>         <http://10.0.0.1>
>            <http://10.0.0.1>,v
>
>            >>>> <--  10.0.0.1
>            >>>> initial revision: 1.1
>            >>>> Added 10.0.0.1
>            >>>>
>            >>>>
>            >>>>
>            >>>> Trying to get all of the configs.
>            >>>> 10.0.0.1 clogin error: Error: password file
>         (/root/.cloginrc)
>            >>>> does not exist
>            >>>>
>            >>>>
>            >>> su - rancid && cat .cloginrc && rancid-run
>            >>>
>            >>> -ryan
>            >>>
>            >>>
>            _______________________________________________
>            Rancid-discuss mailing list
>            Rancid-discuss at shrubbery.net
>         <mailto:Rancid-discuss at shrubbery.net>
>         <mailto:Rancid-discuss at shrubbery.net
>         <mailto:Rancid-discuss at shrubbery.net>>
>
>            http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
>


More information about the Rancid-discuss mailing list