My particular need is when I have multiple contexts on a Cisco ASA. While
I can easily setup rancid to get the config for each individual context,
there is a special 'system' area that cannot be accessed directly. It can
only be accessed by logging into one of the contexts, then changing to the
system area. (This system area handles the physical interfaces, and the
allocation of these interfaces to the individual contexts.) To get from
the context to the system area is a single command, 'changeto system'. I
don't need to enter any additional credentials. The prompt will also
change.

I am using the 'usercmd' patch to accomplish this now, in rancid 2.3.6.
Here is what my .cloginrc looks like:

# Backup system context
# 'asa1-system.its.uidaho.edu' is just a name for rancid. No DNS or
address is needed.
# The magic happens one line below: login to asa1-system.its.uidaho.edu
via {clogin} for {my-context-enabled-device}
# When logged in, change to system context and backup
add method asa1-system.its.uidaho.edu {usercmd}
add usercmd asa1-system.its.uidaho.edu {clogin}
{asa1-accessfw.its.uidaho.edu}
add usercmd_chat asa1-system.its.uidaho.edu {#} {changeto system\r} {#}
{terminal pager 0\r}



The router.db files looks like:

asa1-system.its.uidaho.edu:cisco:up:System Context, Added by me on
7-24-2014
asa1-accessfw.its.uidaho.edu:cisco:up:Added by me on 7-16-2014



Here is the output showing the prompts and responses.

[***@netman-collect rancid]$ ssh ***@asa1-accessfw
Warning: Permanently added 'asa1-accessfw,129.101.252.62' (RSA) to the
list of known hosts.
***@asa1-accessfw's password:
Type help or '?' for a list of available commands.
lib-asa1/ACCESSFW/act/pri> en
Password: *********
lib-asa1/ACCESSFW/act/pri# changeto system
lib-asa1/act/pri#


Hope this helps, Skye.