[rancid] Can clogin prompt for a password?

heasley heas at shrubbery.net
Thu Aug 4 15:27:53 UTC 2016


Thu, Aug 04, 2016 at 09:58:55AM -0500, Brandon Ewing:
> Greetings,
> 
> Historically, I've often used clogin to execute command snippets and other
> tasks on large amounts of routers.  However, now I'm in a position where we
> are using central authorization that utilizes our domain credentials.
> 
> Since I'd prefer not to keep my domain password in a text file on a box that
> other people have root on, is it possible for clogin (or par) to prompt for
> a password at initial execution, instead of relying on storing the cleartext
> password on disk, or exposing the password in a history file?

Not exactly, but you could wrap it in shell that prompts then executes
	*login -p $passwd
unfortunately, that will appear in ps(1).  you could also use include
in the .cloginrc to include a file that the shell wrapper creates during
runtime.

its not impossible to add such a feature though; it just doesnt exist now.

of course, if you can not trust those with root ....



More information about the Rancid-discuss mailing list