Discussion:
[rancid] About the .cloginrc file
Wagner Pereira
2010-03-09 12:57:12 UTC
Permalink
Hi, all.

I would like to ensure that my .cloginrc file is correctly written. Can
someone help me out? Thanks a lot.

============================
add password 10.0.0.1 {vty_pass} {ena_pass}

add user 10.0.0.1 $USER

add userprompt 10.0.0.1 {"Username:"}

# add userpassword <router name glob> <user password>
# The password for user if different than the password set
# using 'add password'.

add passprompt 10.0.0.1 {"Password:"}

add method * {telnet} {ssh}

add enableprompt 10.0.0.1 {"Password:"}

add cyphertype 10.0.0.1 3des

# customer x
# these routers ask for a username and password. we automatically get
# enable access after successful authentication.
add user *.custx.net roger
add password *.custx.net {doger}
add autoenable *.custx.net 1

# customer y
# this is the normal cisco login. a password followed by and enable
password.
# try ssh first, then rlogin.
add password *.custy.net {vector} {victor}
add method *.custy.net ssh rlogin

# customer z; they use ssh only.
add user *.custz.net shirley
add password *.custz.net {jive} {surely}
add method *.custz.net ssh

# the route-server's do not provide enable access. cmdline -noenable
# equivalent.
add noenable route-server* 1

# all our routers, i.e.: everything else
add password * {clearance} {clarence}

# set ssh encryption type, dflt: 3des
add cyphertype * {3des}

# set the username prompt to "router login:"
#add userprompt * {"router login:"}

# ssh identity for a juniper; used with jlogin
add identity my.juniper $env(HOME)/.ssh/juniper

# riverstone / enterasys / cabletron (rivlogin) example
# these boxes are 'back-to-front' from cisco (i.e., ask
# for vty password always, then tac+/radius if configured).
#
# vty password and last resort (enable) password for rivlogin
add password rs3000 {vtypass} {lastresort}
# if using tac+ or radius login, include these lines
add user rs3000 {monster}
add userpassword rs3000 {scary}
============================
--
Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
john heasley
2010-03-09 18:18:24 UTC
Permalink
Post by Wagner Pereira
Hi, all.
I would like to ensure that my .cloginrc file is correctly written. Can
someone help me out? Thanks a lot.
============================
add password 10.0.0.1 {vty_pass} {ena_pass}
add user 10.0.0.1 $USER
this is the default; not necessary and afaik its $env(USER).
Post by Wagner Pereira
add userprompt 10.0.0.1 {"Username:"}
# add userpassword <router name glob> <user password>
# The password for user if different than the password set
# using 'add password'.
add passprompt 10.0.0.1 {"Password:"}
add method * {telnet} {ssh}
add enableprompt 10.0.0.1 {"Password:"}
add cyphertype 10.0.0.1 3des
# customer x
# these routers ask for a username and password. we automatically get
# enable access after successful authentication.
add user *.custx.net roger
add password *.custx.net {doger}
add autoenable *.custx.net 1
# customer y
# this is the normal cisco login. a password followed by and enable
password.
# try ssh first, then rlogin.
add password *.custy.net {vector} {victor}
add method *.custy.net ssh rlogin
# customer z; they use ssh only.
add user *.custz.net shirley
add password *.custz.net {jive} {surely}
add method *.custz.net ssh
# the route-server's do not provide enable access. cmdline -noenable
# equivalent.
add noenable route-server* 1
# all our routers, i.e.: everything else
add password * {clearance} {clarence}
# set ssh encryption type, dflt: 3des
add cyphertype * {3des}
# set the username prompt to "router login:"
#add userprompt * {"router login:"}
# ssh identity for a juniper; used with jlogin
add identity my.juniper $env(HOME)/.ssh/juniper
# riverstone / enterasys / cabletron (rivlogin) example
# these boxes are 'back-to-front' from cisco (i.e., ask
# for vty password always, then tac+/radius if configured).
#
# vty password and last resort (enable) password for rivlogin
add password rs3000 {vtypass} {lastresort}
# if using tac+ or radius login, include these lines
add user rs3000 {monster}
add userpassword rs3000 {scary}
============================
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presen?a da RNP em S?o Paulo
CCE/USP - Centro de Computa??o Eletr?nica da Universidade de S?o Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Wagner Pereira
2010-03-09 18:43:53 UTC
Permalink
Ok, John.

You meant that I should let this line as follows?
add user 10.0.0.1 rancid

There's another thing: I noticed that, after I've created my first group
on rancid.conf file, the Rancid generated itself a directory with the
same name that my group and, inside that directory, a empty router.db file.

I ask you:
1. Should I configure that empty file manually or
2. Copy the router.db.5 file's content into this empty file?

OR

run some command (because there is a router.db,v file created on
/home/rancid/var/rancid/CVS/switches-PoP-SP directory)?
--
Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
Post by john heasley
Post by Wagner Pereira
Hi, all.
I would like to ensure that my .cloginrc file is correctly written. Can
someone help me out? Thanks a lot.
============================
add password 10.0.0.1 {vty_pass} {ena_pass}
add user 10.0.0.1 $USER
this is the default; not necessary and afaik its $env(USER).
Post by Wagner Pereira
add userprompt 10.0.0.1 {"Username:"}
# add userpassword <router name glob> <user password>
# The password for user if different than the password set
# using 'add password'.
add passprompt 10.0.0.1 {"Password:"}
add method * {telnet} {ssh}
add enableprompt 10.0.0.1 {"Password:"}
add cyphertype 10.0.0.1 3des
# customer x
# these routers ask for a username and password. we automatically get
# enable access after successful authentication.
add user *.custx.net roger
add password *.custx.net {doger}
add autoenable *.custx.net 1
# customer y
# this is the normal cisco login. a password followed by and enable
password.
# try ssh first, then rlogin.
add password *.custy.net {vector} {victor}
add method *.custy.net ssh rlogin
# customer z; they use ssh only.
add user *.custz.net shirley
add password *.custz.net {jive} {surely}
add method *.custz.net ssh
# the route-server's do not provide enable access. cmdline -noenable
# equivalent.
add noenable route-server* 1
# all our routers, i.e.: everything else
add password * {clearance} {clarence}
# set ssh encryption type, dflt: 3des
add cyphertype * {3des}
# set the username prompt to "router login:"
#add userprompt * {"router login:"}
# ssh identity for a juniper; used with jlogin
add identity my.juniper $env(HOME)/.ssh/juniper
# riverstone / enterasys / cabletron (rivlogin) example
# these boxes are 'back-to-front' from cisco (i.e., ask
# for vty password always, then tac+/radius if configured).
#
# vty password and last resort (enable) password for rivlogin
add password rs3000 {vtypass} {lastresort}
# if using tac+ or radius login, include these lines
add user rs3000 {monster}
add userpassword rs3000 {scary}
============================
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presen?a da RNP em S?o Paulo
CCE/USP - Centro de Computa??o Eletr?nica da Universidade de S?o Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Loading...