[rancid] jlogin not using ssh key
Hinote, Willie Scott. (MSFC-IS40)[NICS]
willie.s.hinote at nasa.gov
Wed Nov 28 17:52:32 UTC 2012
I appreciate the reply. Unfortunately this did not work exactly as prescribed but I did find a solution. For anyone else who may be experiencing this issue you need to have at least one character entered on the add password line. During testing I tried a number of different letters, numbers and symbols; all worked. Even adding up to 6 characters worked with no errors (I am sure more would work but I did not test). If you add the braces you must include a character between the braces and spaces do not work with or without the braces. My test Juniper is running JUNOS 10.4R2.6. My lab equipment is limited so I am not able to test with other JUNOS versions to see if it is version specific.
I tested by executing:
/usr/libexec/rancid/rancid-run JUNIPER
/usr/libexec/rancid/jlogin router X.X.X.X
/usr/libexec/rancid/jlogin -f /opt/rancid/.cloginrc router X.X.X.X
All tests completed without errors.
.cloginrc
--
add identity X.X.X.X /opt/rancid/.ssh/id_rsa
add password X.X.X.X 1
add method X.X.X.X ssh
Hopefully this helps anyone else who may be stuck on this issue.
-----Original Message-----
From: heasley [mailto:heas at shrubbery.net]
Sent: Wednesday, November 28, 2012 11:16 AM
To: Hinote, Willie Scott. (MSFC-IS40)[NICS]
Cc: rancid-discuss at shrubbery.net
Subject: Re: [rancid] jlogin not using ssh key
Wed, Nov 28, 2012 at 10:53:22AM -0600, Hinote, Willie Scott. (MSFC-IS40)[NICS]:
> I have setup SSH keys on a Juniper device. The keys work when I SSH as the RANCID user to the Juniper but do not work when I execute rancid-run or execute jlogin without the -p flag. I have modified my .cloginrc to use an identity file.
>
> .cloginrc
> --
> add identity X.X.X.X /opt/rancid/.ssh/id_rsa
>
> Only the add identity line exists for this IP. No other add lines are in the .cloginrc.
>
> When I execute:
> /usr/libexec/rancid/jlogin -f /opt/rancid/.cloginrc X.X.X.X
>
> I receive error:
> Error: no password for router in /opt/rancid/.cloginrc. X.X.X.X
>
> When I execute:
> /usr/libexec/rancid/rancid-run JUNIPER
>
> I see errors in logs:
> X.X.X.X jlogin error: Error: no password for X.X.X.X in /opt/rancid/.cloginrc.
> X.X.X.X: missed cmd(s) ***Lots of commands***
> X.X.X.X: End of run not found
>
> If I execute:
> /usr/libexec/rancid/jlogin -p router X.X.X.X
>
> It logs me in with no errors.
>
> Are there any other options that need to be added to the .cloginrc file? Has anyone else successfully used SSH keys with Juniper devices?
it does insist on a pwd; just add an empty one
add password glob {}
More information about the Rancid-discuss
mailing list