[rancid] Cisco ASA 5505 configs
Gene Lim
gene.lim at apc.sg
Thu Jul 18 07:48:52 UTC 2013
Dear Heasley
Thank you for advicing. Tried using the -d option with below logs. Could you
advice further on how may I troubleshoot this ? Please assist.
/.cloginrc
add method 192.168.1.84 ssh
add user 192.168.1.84 admin
add password 192.168.1.84 {adminpwd} {enablepwd}
bin/clogin -d 192.168.1.84
192.168.1.84
spawn ssh -c 3des -x -l admin 192.168.1.84
parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {3229}
Gate keeper glob pattern for '^<-+ More -+>[^
]*' is '<* More *>*'. Activating booster.
Gate keeper glob pattern for '(Connection refused|Secure connection [^
]+ refused)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(Connection closed by|Connection to [^
]+ closed)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(Host key not found |The authenticity of host
.* be established).* \(yes/no\)\?' is ''. Not usable, disabling the
performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED.*
\(yes/no\)\?' is 'HOST IDENTIFICATION HAS CHANGED* (yes/no)\?'. Activating
booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED[^
]+' is 'HOST IDENTIFICATION HAS CHANGED*'. Activating booster.
Gate keeper glob pattern for 'Offending key for .* \(yes/no\)\?' is
'Offending key for * (yes/no)\?'. Activating booster.
Gate keeper glob pattern for '(denied|Sorry)' is ''. Not usable, disabling
the performance booster.
Gate keeper glob pattern for '% (Bad passwords|Authentication failed)' is
''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'Enter Selection: ' is 'Enter Selection: '.
Activating booster.
Gate keeper glob pattern for 'Last login:' is 'Last login:'. Activating
booster.
Gate keeper glob pattern for '@[^
]+ ([Pp]assword|passwd|Enter password for [^ :]+):' is ''. Not usable,
disabling the performance booster.
Gate keeper glob pattern for 'Enter passphrase.*: ' is 'Enter passphrase*:
'. Activating booster.
Gate keeper glob pattern for '(Username|Login|login|user name|User):' is ''.
Not usable, disabling the performance booster.
Gate keeper glob pattern for '([Pp]assword|passwd|Enter password for [^
:]+):' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(>|#| \(enable\))' is ''. Not usable,
disabling the performance booster.
expect: does "" (spawn_id exp4) match regular expression "^<-+ More
-+>[^\n\r]*"? Gate "<* More *>*"? gate=no
"(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE
only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only)
gate=yes re=no
expect: does "" (spawn_id exp4) match glob pattern "unknown host\r"? no
expect: does "" (spawn_id exp4) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*
\(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION
HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS
CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"?
gate=no
"(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? (No Gate, RE only) gate=yes re=no
"Press any key to continue"? no
"Enter Selection: "? Gate "Enter Selection: "? gate=no
"Last login:"? Gate "Last login:"? gate=no
"@[^\r\n]+ ([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE
only) gate=yes re=no
"Enter passphrase.*: "? Gate "Enter passphrase*: "? gate=no
"(Username|Login|login|user name|User):"? (No Gate, RE only) gate=yes re=no
"([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE only)
gate=yes re=no
"(>|#| \(enable\))"? (No Gate, RE only) gate=yes re=no
"Login invalid"? no
admin at 192.168.1.84's password:
expect: does "admin at 192.168.1.84's password: " (spawn_id exp4) match regular
expression "^<-+ More -+>[^\n\r]*"? Gate "<* More *>*"? gate=no
"(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE
only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only)
gate=yes re=no
expect: does "admin at 192.168.1.84's password: " (spawn_id exp4) match glob
pattern "unknown host\r"? no
expect: does "admin at 192.168.1.84's password: " (spawn_id exp4) match glob
pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*
\(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION
HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS
CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"?
gate=no
"(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? (No Gate, RE only) gate=yes re=no
"Press any key to continue"? no
"Enter Selection: "? Gate "Enter Selection: "? gate=no
"Last login:"? Gate "Last login:"? gate=no
"@[^\r\n]+ ([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE
only) gate=yes re=yes
expect: set expect_out(0,string) "@192.168.1.84's password:"
expect: set expect_out(1,string) "password"
expect: set expect_out(spawn_id) "exp4"
expect: set expect_out(buffer) "admin at 192.168.1.84's password:"
send: sending "clearance\r" to { exp4 }
expect: continuing expect
expect: does " " (spawn_id exp4) match regular expression "^<-+ More
-+>[^\n\r]*"? Gate "<* More *>*"? gate=no
"(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE
only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only)
gate=yes re=no
expect: does " " (spawn_id exp4) match glob pattern "unknown host\r"? no
expect: does " " (spawn_id exp4) match glob pattern "Host is unreachable"?
no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*
\(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION
HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS
CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"?
gate=no
"(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? (No Gate, RE only) gate=yes re=no
"Press any key to continue"? no
"Enter Selection: "? Gate "Enter Selection: "? gate=no
"Last login:"? Gate "Last login:"? gate=no
"@[^\r\n]+ ([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE
only) gate=yes re=no
"Enter passphrase.*: "? Gate "Enter passphrase*: "? gate=no
"(Username|Login|login|user name|User):"? (No Gate, RE only) gate=yes re=no
"([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE only)
gate=yes re=no
"(>|#| \(enable\))"? (No Gate, RE only) gate=yes re=no
"Login invalid"? no
expect: does " \r\n" (spawn_id exp4) match regular expression "^<-+ More
-+>[^\n\r]*"? Gate "<* More *>*"? gate=no
"(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE
only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only)
gate=yes re=no
expect: does " \r\n" (spawn_id exp4) match glob pattern "unknown host\r"? no
expect: does " \r\n" (spawn_id exp4) match glob pattern "Host is
unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*
\(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION
HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS
CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"?
gate=no
"(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? (No Gate, RE only) gate=yes re=no
"Press any key to continue"? no
"Enter Selection: "? Gate "Enter Selection: "? gate=no
"Last login:"? Gate "Last login:"? gate=no
"@[^\r\n]+ ([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE
only) gate=yes re=no
"Enter passphrase.*: "? Gate "Enter passphrase*: "? gate=no
"(Username|Login|login|user name|User):"? (No Gate, RE only) gate=yes re=no
"([Pp]assword|passwd|Enter password for [^ :]+):"? (No Gate, RE only)
gate=yes re=no
"(>|#| \(enable\))"? (No Gate, RE only) gate=yes re=no
"Login invalid"? no
Permission denied, please try again.
admin at 192.168.1.84's password:
expect: does " \r\nPermission denied, please try
again.\r\r\nadmin at 192.168.1.84's password: " (spawn_id exp4) match regular
expression "^<-+ More -+>[^\n\r]*"? Gate "<* More *>*"? gate=no
"(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE
only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only)
gate=yes re=no
expect: does " \r\nPermission denied, please try
again.\r\r\nadmin at 192.168.1.84's password: " (spawn_id exp4) match glob
pattern "unknown host\r"? no
expect: does " \r\nPermission denied, please try
again.\r\r\nadmin at 192.168.1.84's password: " (spawn_id exp4) match glob
pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*
\(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION
HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS
CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"?
gate=no
"(denied|Sorry)"? (No Gate, RE only) gate=yes re=yes
expect: set expect_out(0,string) "denied"
expect: set expect_out(1,string) "denied"
expect: set expect_out(spawn_id) "exp4"
expect: set expect_out(buffer) " \r\nPermission denied"
Error: Check your passwd for 192.168.1.84
Thank You
Warmest Regards,
Gene Lim
-----Original Message-----
From: heasley
Sent: Tuesday, 16 July, 2013 3:46 AM
To: Gene Lim
Subject: Re: [rancid] Cisco ASA 5505 configs
Mon, Jul 15, 2013 at 06:15:26PM +0800, Gene Lim:
> Dear Chris
>
>
>
> Thank you for the information. Yes you are right my enable password
> has the special character @ in it. However from further testing using
> changed credentials below I am still receiving the same login issue.
Please advice.
well, it would appear that adminpwd is now not being interpretted correctly.
clogin -d will show you the transcript with the password thats being sent.
>
>
> ==Version 2 with enable password==
>
> /router.db
>
> 192.168.1.84:cisco:up
>
>
>
> /.cloginrc
>
> add method 192.168.1.84 ssh
>
> add user 192.168.1.84 admin
>
> add password 192.168.1.84 {adminpwd} {enablepwd}
>
>
>
> $ bin/clogin 192.168.1.84
>
> 192.168.1.84
>
> spawn ssh -c 3des -x -l admin 192.168.1.84
>
> admin at 192.168.1.84 's password:
>
> Permission denied, please try again.
>
> admin at 192.168.1.84 's password:
>
> Error: Check your passwd for 192.168.1.84
>
>
>
> Thank You
>
> Warmest Regards,
>
> Gene Lim
>
>
>
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
More information about the Rancid-discuss
mailing list