[rancid] Logging in with ssh keys vs username passwords

Remsik,Robert Robert.Remsik at colostate.edu
Thu Dec 7 23:23:52 UTC 2017


That was the trick.  Thank you very much.  :D







Robert Remsik

Telecom

Desk Phone: 970 491 7120

Robert.Remsik at colostate.edu


________________________________
From: Rancid-discuss <rancid-discuss-bounces at shrubbery.net> on behalf of Eric W. Bates <ericx at whoi.edu>
Sent: Tuesday, December 5, 2017 4:45 PM
To: rancid-discuss at shrubbery.net
Subject: Re: [rancid] Logging in with ssh keys vs username passwords

On 12/5/2017 6:38 PM, heasley wrote:
> Tue, Dec 05, 2017 at 10:50:54PM +0000, Remsik,Robert:
>> Hello!
>>
>>
>> I've got a couple network devices that support either username/password OR sshkeys, but not both, for management access.  Is there a way to have rancid use an ssh key in the .clogit file or another way to
>>
>>
>> I'm trying to setup sshing into network devices via ssh keys (bypassing username/passwords) and I'm not coming up with anything.  Is this possible?
>>
>
> yes, see cloginrc(5).

We prefer keys so at the very bottom of my .cloginrc I have:

# these are the broadest defaults at the bottom. These are used if
# nothing matches above.
#
# In theory, we use ssh key wherever we can and it just gets us in.
# ./bin/clogin will barf if you don't provide a value for the password
# field
add user        *               {rancid}
add password    *               {not-a-real-password}
add method      *               {ssh}
add autoenable  *               {1}
add identity    *               {/usr/local/rancid3/.ssh/id_rsa}


>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20171207/90942d3c/attachment.html>


More information about the Rancid-discuss mailing list