[rancid] Can clogin prompt for a password?
heasley
heas at shrubbery.net
Thu Aug 4 15:27:53 UTC 2016
Thu, Aug 04, 2016 at 09:58:55AM -0500, Brandon Ewing:
> Greetings,
>
> Historically, I've often used clogin to execute command snippets and other
> tasks on large amounts of routers. However, now I'm in a position where we
> are using central authorization that utilizes our domain credentials.
>
> Since I'd prefer not to keep my domain password in a text file on a box that
> other people have root on, is it possible for clogin (or par) to prompt for
> a password at initial execution, instead of relying on storing the cleartext
> password on disk, or exposing the password in a history file?
Not exactly, but you could wrap it in shell that prompts then executes
*login -p $passwd
unfortunately, that will appear in ps(1). you could also use include
in the .cloginrc to include a file that the shell wrapper creates during
runtime.
its not impossible to add such a feature though; it just doesnt exist now.
of course, if you can not trust those with root ....
More information about the Rancid-discuss
mailing list