[rancid] Re: It appears that Rancid is working now!
Wagner Pereira
wpereira at pop-sp.rnp.br
Tue Mar 9 22:12:24 UTC 2010
Bingo, Lance!
I can't access my device either by telnet or ssh from my Rancid server:
Connection refused
In fact, I have only one "frontend" server (which is not the Rancid
server) from what I gain access via telnet/ssh.
Maybe there is an ACL blocking this server. I will see this tomorrow,
carefully.
I really appreciate your help.
Hugs,
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
Lance Vermilion escreveu:
> that tells me that 10.0.0.1 will not allow your server to telnet/ssh
> to it.from CLI can you telnet/ssh to 10.0.0.1 from the rancid server?
>
> On Tue, Mar 9, 2010 at 3:00 PM, Wagner Pereira <wpereira at pop-sp.rnp.br
> <mailto:wpereira at pop-sp.rnp.br>> wrote:
>
> Lance,
>
> Below it is what I did. Is there some additional test that I can make?
>
> cp /usr/local/rancid/tar/rancid-2.3.2/.cloginrc /home/rancid/
>
> And i did run
>
> /home/rancid/bin/clogin -c "sh run" 10.0.0.1
>
> 10.0.0.1
> spawn telnet 10.0.0.1
> Trying 10.0.0.1...
> telnet: Unable to connect to remote host: Connection refused
> spawn ssh -c 3des -x -l rancid 10.0.0.1
> ssh: connect to host 10.0.0.1 port 22: Connection refused
>
> Error: Connection Refused (ssh): 10.0.0.1
>
> --
>
> Wagner Pereira
>
> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
> CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
> http://www.pop-sp.rnp.br
> Tel. (11) 3091-8901
>
>
>
> Lance Vermilion escreveu:
>
> Wagner,
>
> I echo what I said before. make sure the .cloginrc is in the
> home directory for the rancid user (sometimes: /home/rancid/)
> and you ONLY need the following in your .cloginrc
>
> add user 10.0.0.1 admin
> add password 10.0.0.1 {vty_pass} {ena_pass}
> add method 10.0.0.1 {telnet} {ssh}
>
> best of luck from here.
>
>
> On Tue, Mar 9, 2010 at 2:37 PM, Wagner Pereira
> <wpereira at pop-sp.rnp.br <mailto:wpereira at pop-sp.rnp.br>
> <mailto:wpereira at pop-sp.rnp.br
> <mailto:wpereira at pop-sp.rnp.br>>> wrote:
>
> Hi, Ryan.
>
> I did read ALL the README file, believe me!
>
> And that's my .cloginrc file, copied from the cloginrc.sample:
>
> =====================
> add password 10.0.0.1 {vty_pass} {ena_pass}
>
> add user 10.0.0.1 admin
>
> add userprompt 10.0.0.1 {"Username:"}
>
> add passprompt 10.0.0.1 {"Password:"}
>
> add method 10.0.0.1 {telnet} {ssh}
>
> add enableprompt 10.0.0.1 {"Password:"}
>
> add cyphertype 10.0.0.1 {3des}
>
> #add password sl-bb*-dc cow24
> #add password sl-gw*-dc geeks
> #add password sl* hank dog
> #add password at* pete cow
> #add password sdn* mujahid horse
> #add password icm* peter
> #add password * anything
> #
> #add user sl-gw*-dc twit
> #add user sdn* sdn_auto
> #add user sdn-bb* ops_eng
> #add user * $env(USER)
>
> # customer x
> # these routers ask for a username and password. we
> automatically get
> # enable access after successful authentication.
> add user *.custx.net <http://custx.net> <http://custx.net>
> roger
> add password *.custx.net <http://custx.net>
> <http://custx.net> {doger}
> add autoenable *.custx.net <http://custx.net>
> <http://custx.net> 1
>
>
> # customer y
> # this is the normal cisco login. a password followed by
> and enable
> password.
> # try ssh first, then rlogin.
> add password *.custy.net <http://custy.net>
> <http://custy.net> {vector} {victor}
> add method *.custy.net <http://custy.net>
> <http://custy.net> ssh rlogin
>
>
> # customer z; they use ssh only.
> add user *.custz.net <http://custz.net> <http://custz.net>
> shirley
> add password *.custz.net <http://custz.net>
> <http://custz.net> {jive} {surely}
> add method *.custz.net <http://custz.net>
> <http://custz.net> ssh
>
>
> # the route-server's do not provide enable access. cmdline
> -noenable
> # equivalent.
> add noenable route-server* 1
>
> # all our routers, i.e.: everything else
> add password * {clearance} {clarence}
>
> # set ssh encryption type, dflt: 3des
> add cyphertype * {3des}
>
> # set the username prompt to "router login:"
> #add userprompt * {"router login:"}
>
> # ssh identity for a juniper; used with jlogin
> add identity my.juniper $env(HOME)/.ssh/juniper
>
> # riverstone / enterasys / cabletron (rivlogin) example
> # these boxes are 'back-to-front' from cisco (i.e., ask
> # for vty password always, then tac+/radius if configured).
> #
> # vty password and last resort (enable) password for rivlogin
> add password rs3000 {vtypass} {lastresort}
> # if using tac+ or radius login, include these lines
> add user rs3000 {monster}
> add userpassword rs3000 {scary}
> =====================
>
> --
>
> Wagner Pereira
>
> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
> CCE/USP - Centro de Computação Eletrônica da Universidade
> de São Paulo
> http://www.pop-sp.rnp.br
> Tel. (11) 3091-8901
>
>
>
> Ryan West escreveu:
> > Locate .cloginrc
> >
> > Have you created it yet or copied the sample that comes
> with the
> install to your environment. I hate to say this again, but
> ALL of
> this is covered in the tutorials that were posted.
> >
> > -ryan
> >
> >
> >> -----Original Message-----
> >> From: Wagner Pereira [mailto:wpereira at pop-sp.rnp.br
> <mailto:wpereira at pop-sp.rnp.br>
> <mailto:wpereira at pop-sp.rnp.br
> <mailto:wpereira at pop-sp.rnp.br>>]
> >> Sent: Tuesday, March 09, 2010 3:34 PM
> >> To: Ryan West
> >> Cc: Rancid Mailing List
> >> Subject: Re: [rancid] It appears that Rancid is working now!
> >>
> >> Ryan,
> >>
> >> I did that:
> >>
> >> su - rancid && cat .cloginrc && rancid-run
> >> rancid at servicos2:~$
> >>
> >> and I did run this:
> >>
> >> /home/rancid/bin/clogin -c "sh run" 10.0.0.1
> >>
> >> This is the result:
> >>
> >> Error: password file (/home/rancid/.cloginrc) does not exist
> >>
> >> --
> >>
> >> Wagner Pereira
> >>
> >> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
> >> CCE/USP - Centro de Computação Eletrônica da Universidade de
> São Paulo
> >> http://www.pop-sp.rnp.br
> >> Tel. (11) 3091-8901
> >>
> >>
> >>
> >> Ryan West escreveu:
> >>
> >>> Wagner,
> >>>
> >>>
> >>>
> >>>> -----Original Message-----
> >>>> Sent: Tuesday, March 09, 2010 3:16 PM
> >>>> To: Rancid Mailing List
> >>>> Subject: [rancid] It appears that Rancid is working now!
> >>>>
> >>>> Hey, Rancid's guys!
> >>>>
> >>>> Can I start to celebrate? See below:
> >>>>
> >>>> rancid-server# cat switches-PoP-SP.20100309.170101
> >>>>
> >>>> starting: Tue Mar 9 17:01:01 BRT 2010
> >>>>
> >>>> cvs add: scheduling file `10.0.0.1' for addition
> >>>> cvs add: use `cvs commit' to add this file permanently
> >>>>
> /home/rancid/var/rancid/CVS/switches-PoP-SP/configs/10.0.0.1
> <http://10.0.0.1>
> <http://10.0.0.1>,v
>
> >>>> <-- 10.0.0.1
> >>>> initial revision: 1.1
> >>>> Added 10.0.0.1
> >>>>
> >>>>
> >>>>
> >>>> Trying to get all of the configs.
> >>>> 10.0.0.1 clogin error: Error: password file
> (/root/.cloginrc)
> >>>> does not exist
> >>>>
> >>>>
> >>> su - rancid && cat .cloginrc && rancid-run
> >>>
> >>> -ryan
> >>>
> >>>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> <mailto:Rancid-discuss at shrubbery.net>
> <mailto:Rancid-discuss at shrubbery.net
> <mailto:Rancid-discuss at shrubbery.net>>
>
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
>
More information about the Rancid-discuss
mailing list