[rancid] proxy-login rancid collection

Gary T. Giesen ggiesen at giesen.me
Fri Jan 29 22:34:33 UTC 2021


I'm circling back to this as I thought I had another option that didn't 
pan out ($$$). Have you had any opportunity to make progress on this?

I also run multi-context ASAs as well as Firepower devices so being able 
to execute arbitrary commands would be better. That being said, for 95% 
of what I'm going to use this for, only being able to execute clogin 
scripts would be fine. We currently run the usercmd patch but hoping for 
something a little cleaner (and the curly braces are giving me 
heartburn, thanks to trying to generate the configs using jinja)

Cheers,

GTG

On 2020-06-24 7:55 p.m., Lance Vermilion wrote:
> Another use case is when trying to get a text based backup on newer 
> devices managed by the FMC. You ssh to the FireOS Linux portion and 
> then go into a support she'll to get access to the ASA CLI where you 
> can get access to the config. This config provides a quick small file 
> so you can do searches in configs.
>
> There are also cases in certain environments where a customer might 
> only allow you direct access to certain devices and then expects you 
> to jump through to other devices.
>
> On Wed, May 13, 2020, 12:21 PM heasley <heas at shrubbery.net 
> <mailto:heas at shrubbery.net>> wrote:
>
>     Mon, May 11, 2020 at 03:39:19PM -0400, Gary T. Giesen:
>     >
>     > Did this ever get implemented? I have looked through a bunch of
>     release notes and mail list archives but I could not find any
>     further mention of it.
>
>     I have nothing usable yet.  I will work on that next.  There are
>     two hack
>     that were contributed on the ML that might suit you for the immediate.
>
>     > Thanks,
>     >
>     > GTG
>     >
>     > On Wednesday, March 25, 2015 12:14 EDT, heasley
>     <heas at shrubbery.net <mailto:heas at shrubbery.net>> wrote:
>     >  Many have asked for this and it will probably be the primary
>     addition to
>     > rancid 3.3, but I do not have a use for it, so although I've
>     digested most
>     > of the maillist discussion on the topic ('out of band access
>     script change',
>     > 'download configs from on router through another', etc), I'm not
>     sure that
>     > I'd include all the relevant features, therefore i want to
>     solicit input.
>     >
>     > I am tempted to limit the utility to executing other login
>     scripts, ie:
>     > the assumption that it through a device supported by one of
>     rancid's login
>     > scripts, rather than an arbitrary unix command.
>     >
>     > Please feel free to reply to me directly or to the list.
>     > _______________________________________________
>     > Rancid-discuss mailing list
>     > Rancid-discuss at shrubbery.net <mailto:Rancid-discuss at shrubbery.net>
>     > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>     <http://www.shrubbery.net/mailman/listinfo/rancid-discuss>
>     >
>     >
>     >
>
>     _______________________________________________
>     Rancid-discuss mailing list
>     Rancid-discuss at www.shrubbery.net
>     <mailto:Rancid-discuss at www.shrubbery.net>
>     https://www.shrubbery.net/mailman/listinfo/rancid-discuss
>     <https://www.shrubbery.net/mailman/listinfo/rancid-discuss>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20210129/0f37a5cf/attachment.htm>


More information about the Rancid-discuss mailing list