[rancid] ASA-5585 Enable mode

heasley heas at shrubbery.net
Tue Jan 2 22:32:00 UTC 2018 

Mon, Jan 01, 2018 at 06:41:56PM -0800, Azher:
> In the ASA version 9.8.X , there are sending out the "Last login: " and the
> "Last failed Login: " as default. There is no way to disable this.
> 
> I tried adding following lines in .cloginrc but no luck:
> 
> add prompt sslvpna {"sslvpna>"}
> add enableprompt sslvpna {"sslvpna>"}
> 
> Is there a way to skip login: for this specific device ?
> 
> Thanks
> -Azher

Does this work?

Index: bin/clogin.in
===================================================================
--- bin/clogin.in	(revision 3754)
+++ bin/clogin.in	(working copy)
@@ -248,6 +248,12 @@
 				  send_user "\nError: Check your passwd for $router\n"
 				  catch {close}; catch {wait}; return 1
 				}
+	-nocase -re "last login:"	{
+				  exp_continue
+				}
+	-nocase -re "failed login:"	{
+				  exp_continue
+				}
 	"Login failed"		{
 				  send_user "\nError: Check your passwd for $router\n"
 				  catch {close}; catch {wait}; return 1
@@ -267,9 +273,6 @@
 				  send "K\r"
 				  exp_continue
 				}
-	-re "Last login:"	{
-				  exp_continue
-				}
 	-re "Press the <tab> key \[^\r\n]+\[\r\n]+"	{
 				  exp_continue
 				}


> 
> 
> On Sun, Dec 31, 2017 at 1:19 PM, heasley <heas at shrubbery.net> wrote:
> 
> > Thu, Dec 28, 2017 at 06:42:46PM -0800, Azher:
> > > Hi All,
> > >
> > > Our current Cisco ASA devices "ASA5550" , 8.4(7)30, work fine with
> > RANCID.
> > >
> > > Same config does not work for ASA-5585, 9.8(1). I am not sure why it is
> > > sending "admin" twice and later it sends "enable" at the prompt .... Any
> > > suggestions ?
> > >
> > > add user sslvpnb admin
> > > add password sslvpnb pass1 pass2
> > > add autoenable sslvpnb 0
> > > add method sslvpnb ssh
> > >
> > > [rancid at rancid ~]$ more var/asa/router.db
> > > sslvpn1;cisco;up
> > > sslvpn2;cisco;up
> > > sslvpna;cisco;up
> > > sslvpnb;cisco;up
> > >
> > > [rancid at rancid ~]$ clogin sslvpnb
> > > sslvpnb
> > > spawn ssh -c aes128-ctr,aes128-cbc,3des-cbc -x -l admin sslvpnb
> > > admin at sslvpnb's password:
> > > User admin logged in to sslvpnb
> > > Logins over the last 44 days: 29.  Last login: 18:09:41 PST Dec 28 2017
> > > from 68.181.191.19
> > > Failed logins since the last login: 0.  Last failed login: 06:47:32 PST
> > Dec
> > > 28 2017 from 68.181.191.19
> >
> > its sending admin again because it sees "login:" before a prompt.  why
> > is it displaying this?
> >
> > > Type help or '?' for a list of available commands.
> > > sslvpnb> admin
> > >          ^
> > > ERROR: % Invalid input detected at '^' marker.
> > >
> > > Error: Unrecognized command, check your enable command
> > > sslvpnb> admin
> > >          ^
> > > ERROR: % Invalid input detected at '^' marker.
> > > sslvpnb> enable
> > > Password:
> > > Invalid password
> > > Password:
> > > Invalid password
> > > Password:
> > > Invalid password
> > > Access denied.
> > > sslvpnb>
> > >
> > >
> > > Thanks
> > > -Azher
> >
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> >
> >

More information about the Rancid-discuss mailing list