[rancid] Logging in with ssh keys vs username passwords

Eric W. Bates ericx at whoi.edu
Tue Dec 5 23:45:09 UTC 2017


On 12/5/2017 6:38 PM, heasley wrote:
> Tue, Dec 05, 2017 at 10:50:54PM +0000, Remsik,Robert:
>> Hello!
>>
>>
>> I've got a couple network devices that support either username/password OR sshkeys, but not both, for management access.  Is there a way to have rancid use an ssh key in the .clogit file or another way to
>>
>>
>> I'm trying to setup sshing into network devices via ssh keys (bypassing username/passwords) and I'm not coming up with anything.  Is this possible?
>>
> 
> yes, see cloginrc(5).

We prefer keys so at the very bottom of my .cloginrc I have:

# these are the broadest defaults at the bottom. These are used if
# nothing matches above.
#
# In theory, we use ssh key wherever we can and it just gets us in.
# ./bin/clogin will barf if you don't provide a value for the password
# field
add user        *               {rancid}
add password    *               {not-a-real-password}
add method      *               {ssh}
add autoenable  *               {1}
add identity    *               {/usr/local/rancid3/.ssh/id_rsa}


> 
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4188 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20171205/89b6851c/attachment.bin>


More information about the Rancid-discuss mailing list