[rancid] authentication groups on .cloginrc file

Alejandro Sanchez Alejandro.Sanchez at sitel.com
Fri Jul 29 11:38:10 UTC 2011


Hi team

I am desperated.

Still having issues with the authentication:

 

I have the following:

 

Add autoenable * 1

Add user * alex

Add pass * alexpass

 

Add autoenable * 0

Add user x.x.x.x alex

Add pass x.x.x.x alexpass alexenapass

 

The problem is that the second group is not being executed, so this box, is not being checked

 

Any ideas?

 

Alex 

________________________________

De: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] En nombre de Alejandro Sanchez
Enviado el: miércoles, 27 de julio de 2011 17:02
Para: rancid-discuss at shrubbery.net
Asunto: Re: [rancid] authentication groups on .cloginrc file

 

Team,

Any ideas on this?

 

Best Regards

 

Alejandro Sánchez Lucas
Network Specialist 

SITEL EMEA GNS

 

________________________________

De: Alejandro Sanchez 
Enviado el: jueves, 21 de julio de 2011 10:22
Para: 'Jeremy Bresley'; rancid-discuss at shrubbery.net
Asunto: RE: [rancid] authentication groups on .cloginrc file

 

Its partly solved now.

The problem I have is that, half of my boxes have tacacs and the others have normal user/pass. How can I set up the other generic access instead of adding device per device?

 

So 2 generic access, one tacacs, that I already did but I need the other non-tacacs one

 

Many thanks 

 

Alejandro Sánchez Lucas
Network Specialist 

SITEL EMEA GNS

________________________________

De: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] En nombre de Jeremy Bresley
Enviado el: miércoles, 20 de julio de 2011 17:20
Para: rancid-discuss at shrubbery.net
Asunto: Re: [rancid] authentication groups on .cloginrc file

 

Yes, the cloginrc is parsed in order.  So you can put your defaults as a * entry at the bottom of the file, and have your more specific entries above it.  

Something like:

add user router123 localuser1

add user router* tacacsuser1

add user * tacacsuser2

router123 would use localuser1, all other devices matching router* would use tacacsuser1, and everything else would use tacacsuser2.  Passwords/autoenable settings can be done this way as well.

Jeremy

On 7/20/2011 9:37 AM, Alejandro Sanchez wrote: 

Hi guys,

 

Is there a way to create different ways of authentication?

I have some devices that have tacacs and some just user/pass

 

Also I have some that have autoenable.

 

Thanks

 

Best Regards

 

Alejandro Sánchez Lucas
Network Specialist 

SITEL EMEA GNS

 

**CONFIDENTIAL NOTICE** 
This e-mail and any files transmitted with it may contain PRIVILEGED or CONFIDENTIAL information and may be read or used only by the intended recipient. If you are not the intended recipient of the e-mail or any of its attachments, please be advised that you have received this e-mail in error and that any use, dissemination, distribution, forwarding, printing, or copying of this e-mail or any attached files is strictly prohibited. If you have received this e-mail in error, please immediately purge it and all attachments and notify the sender by reply e-mail.

 
 
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

 

**CONFIDENTIAL NOTICE** 
This e-mail and any files transmitted with it may contain PRIVILEGED or CONFIDENTIAL information and may be read or used only by the intended recipient. If you are not the intended recipient of the e-mail or any of its attachments, please be advised that you have received this e-mail in error and that any use, dissemination, distribution, forwarding, printing, or copying of this e-mail or any attached files is strictly prohibited. If you have received this e-mail in error, please immediately purge it and all attachments and notify the sender by reply e-mail.

**CONFIDENTIAL NOTICE** 
This e-mail and any files transmitted with it may contain PRIVILEGED or CONFIDENTIAL information and may be read or used only by the intended recipient.  If you are not the intended recipient of the e-mail or any of  its attachments, please be advised that you have received this e-mail in error and that any use, dissemination, distribution, forwarding, printing, or copying of this e-mail or any attached files is strictly prohibited.  If you have received this e-mail in error, please immediately purge it and all attachments and notify the sender by reply e-mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20110729/c7a77660/attachment.html>


More information about the Rancid-discuss mailing list