[rancid] Nexus 7000 series backup issues.

heasley heas at shrubbery.net
Thu Aug 30 22:17:30 UTC 2012


Thu, Aug 30, 2012 at 08:19:43PM +0000, heasley:
> > Okay I figured it out. On my Nexus 7000 version of NXOS 5.1(3) if you remove
> > the banner motd completely the system defaults to the following " #User
> > Access Verification#Using keyboard-interactive authentication." Which of
> > course includes the "#" symbol preventing the rancid from logging in
> > properly. As soon as I set a new banner motd then the problem goes away. 

I tried to come up with a way around this, such as this:

Index: bin/clogin.in
===================================================================
--- bin/clogin.in	(revision 2618)
+++ bin/clogin.in	(working copy)
@@ -567,6 +567,12 @@
 				  }
 				  exp_continue
 				}
+	"#User Access Verification# {
+				  # NXOS 5.1(3) on 7000, perhaps earlier and on
+				  # other Nexus, has this default banner, which
+				  # breaks autoenable.
+				  exp_continue
+				}
 	-re "$prompt"		{
 				  set prompt_match $expect_out(0,string);
 				  break;

but that is not reliable.  If the timing were off, which is very likely, it
would fail.  I suppose it could be anchored at the beginning of the line,
but we can't expect that Cisco will not randomly change its placement or
format.  If it were possible to know the full prompt with certainty before
login, that could be avoided.

A possibility is to alter the regex for the prompt to expect at least one
printable character preceeding it.  Something like "^[^ ]*[^ ] ?#", but I
am always weary of how such changes will affect other platforms.

Another possibility is that folks complain to cisco and either use a banner
or do not use autoenable until it is fixed.

Suggestions?


More information about the Rancid-discuss mailing list