[rancid] Trying to Backup Juniper SRX Firewall

JP xq1xq1xq1 at gmail.com
Tue Dec 20 16:27:43 UTC 2016 

Thanx for the guidance

I created a new group and user:

Set system login class NOC permissions view
Set system login class NOC permissions view-configuration
Set system login user rancid uid 2002
Set system login user rancid class NOC


I then changed the password for this new user:

edit groups global system login user rancid
set authentication plain-text-password


I then applied the new group:

set apply-groups global

Now it works as designed

Thanx everyone!

On Tue, Dec 20, 2016 at 8:27 AM, heasley <heas at shrubbery.net> wrote:

> Tue, Dec 20, 2016 at 08:09:02AM -0600, JP:
> > I have configured RANCID to backup my Cisco switches.
> >
> > using these commands:
> >
> > /usr/libexec/rancid/clogin -c 'write term' x.x.x.45 > 45.cfg
> > /usr/libexec/rancid/clogin -c 'write term' x.x.x..41 > 41.cfg
> >
> >
> > This works as designed
> >
> > I have a Juniper SRX-210 firewall that I want to backup.
> >
> > I am using this command to backup the config:
> >
> > /usr/libexec/rancid/clogin -c 'set cli screen-length 0;show
> configuration'
> > x.x.x.200 > 200.cfg
> >
> >
> > I think that the problem is that the prompt is not recognized and the
> > commands are not executed after login:
> >
> > [rancid at tools rancid]$ /usr/libexec/rancid/clogin -c 'set cli
> screen-length
> > 0;show configuration' x.x.x.200
> > x.x.x.200
> > spawn ssh -c 3des -x -l root x.x.x.200
> >
> >
> >
> > This system is for the use of authorized users only.
> > Individuals using this computer system without
> > authority, or in excess of their authority, are subject
> > to having all of their activities on this system
> > monitored and recorded by system personnel.  In the
> > course of monitoring individuals improperly using this
> > system, or in the course of system maintenance, the
> > activities of authorized users may also be monitored.
> > Anyone using this system expressly consents to such
> > monitoring and is advised that if such monitoring
> > reveals possible evidence of criminal activity, system
> > personnel may provide the evidence of such monitoring
> > to law enforcement officials.
> >
> >
> > Password:
> > --- JUNOS 12.1X46-D50.4 built 2016-04-17 11:15:31 UTC
> > root at SRX210%
> >
> > Error: TIMEOUT reached
> >
> >
> >
> > The rancid logs for the firewall are empty
> >
> > Does anyone have any words of wisdom to resolve?
>
> dont use the root user for one.  two, if its junos, configure it as a
> juniper, then the command will be jlogin.  also see plogin.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20161220/bfd2e81d/attachment.html>

More information about the Rancid-discuss mailing list