Discussion:
[rancid] .cloginrc add method hostname {ssh:-port} for mtlogin/mtrancid?
Lukasz Sokol
2015-06-02 11:21:34 UTC
Permalink
Hi,
I dug : http://www.shrubbery.net/pipermail/rancid-discuss/2009-January/003604.html

and tried adding that to my rancid (2.3.8 from Debian packages) .cloginrc,

but my mtlogin still tries connecting to port 22 :

***@george:~$ bin/mtlogin hostname
hostname
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l user+ct hostname
ssh: connect to host hostname port 22: Connection refused
can not find channel named "exp6"
while executing
"expect eof"
invoked from within
"expect {
"Connection refused" {
catch {close}; catch {wait};
sleep 0.3
expect eof
send_user "\nError: Connection Refused\n"; wait; retu..."
(procedure "login" line 71)
invoked from within
"login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile"
("foreach" body line 87)
invoked from within
"foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"

# Figure out prompt.
set prompt "] >..."
(file "bin/mtlogin" line 479)

and so same does rancid-run...

Can I try to teach mtrancid/mtlogin to spec a non-standard port?

Lukasz
heasley
2015-06-02 21:28:17 UTC
Permalink
Post by Lukasz Sokol
Hi,
I dug : http://www.shrubbery.net/pipermail/rancid-discuss/2009-January/003604.html
and tried adding that to my rancid (2.3.8 from Debian packages) .cloginrc,
...
Post by Lukasz Sokol
Can I try to teach mtrancid/mtlogin to spec a non-standard port?
install rancid 3.2.

also, you probably just want {ssh:port} for ssh. -port is a telnetism.
Lukasz Sokol
2015-06-03 07:48:24 UTC
Permalink
Post by heasley
Post by Lukasz Sokol
Hi,
I dug : http://www.shrubbery.net/pipermail/rancid-discuss/2009-January/003604.html
and tried adding that to my rancid (2.3.8 from Debian packages) .cloginrc,
...
Post by Lukasz Sokol
Can I try to teach mtrancid/mtlogin to spec a non-standard port?
install rancid 3.2.
i see, anyone hosting packages for Debian ? :)
Post by heasley
also, you probably just want {ssh:port} for ssh. -port is a telnetism.
that isn't working either, as expected:

~$ cat .cloginrc
add user * username
add password * r4n60mk3y57r0k35
add method * ssh
add identity * /var/lib/rancid/.ssh/id_ssa_for_mt_backup
add method hostname {ssh:65122}
~$ bin/mtlogin hostname
hostname
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct hostname
ssh: connect to host hostname port 22: Connection refused
...

Thanks anyway,

Lukasz
Alan McKinnon
2015-06-03 07:56:40 UTC
Permalink
Post by Lukasz Sokol
Post by heasley
Post by Lukasz Sokol
Hi,
I dug : http://www.shrubbery.net/pipermail/rancid-discuss/2009-January/003604.html
and tried adding that to my rancid (2.3.8 from Debian packages) .cloginrc,
...
Post by Lukasz Sokol
Can I try to teach mtrancid/mtlogin to spec a non-standard port?
install rancid 3.2.
i see, anyone hosting packages for Debian ? :)
Post by heasley
also, you probably just want {ssh:port} for ssh. -port is a telnetism.
~$ cat .cloginrc
add user * username
add password * r4n60mk3y57r0k35
add method * ssh
add identity * /var/lib/rancid/.ssh/id_ssa_for_mt_backup
These 4 override everything below as * matches everything. The rule is
"first match wins", so move them t the end of the file where they will
act as a default
Post by Lukasz Sokol
add method hostname {ssh:65122}
~$ bin/mtlogin hostname
hostname
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct hostname
ssh: connect to host hostname port 22: Connection refused
...
Thanks anyway,
Lukasz
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
***@gmail.com
Lukasz Sokol
2015-06-03 14:07:39 UTC
Permalink
On 03/06/15 08:56, Alan McKinnon wrote:
[...]
Post by Alan McKinnon
Post by Lukasz Sokol
~$ cat .cloginrc
add user * username
add password * r4n60mk3y57r0k35
add method * ssh
add identity * /var/lib/rancid/.ssh/id_ssa_for_mt_backup
These 4 override everything below as * matches everything. The rule is
"first match wins", so move them t the end of the file where they will
act as a default
Thanks!

but as heasley said, rancid 3 onwards :J

***@george:~$ bin/mtlogin hostname
hostname

Error: unknown connection method: ssh:65122

will get there, eventually :)
Post by Alan McKinnon
Post by Lukasz Sokol
add method hostname {ssh:65122}
~$ bin/mtlogin hostname
hostname
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct hostname
ssh: connect to host hostname port 22: Connection refused
...
Thanks anyway,
Lukasz
Lukasz
heasley
2015-06-03 15:08:09 UTC
Permalink
Post by Lukasz Sokol
hostname
Error: unknown connection method: ssh:65122
will get there, eventually :)
grumble. it needs to match the port below; i think this change is the
missing bit. sorry

Index: bin/mtlogin.in
===================================================================
--- bin/mtlogin.in (revision 3124)
+++ bin/mtlogin.in (working copy)
@@ -277,7 +277,7 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile.
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
set cmd $sshcmd
Lukasz Sokol
2015-06-03 15:42:09 UTC
Permalink
Post by heasley
Post by Lukasz Sokol
hostname
Error: unknown connection method: ssh:65122
will get there, eventually :)
grumble. it needs to match the port below; i think this change is the
missing bit. sorry
Index: bin/mtlogin.in
===================================================================
--- bin/mtlogin.in (revision 3124)
+++ bin/mtlogin.in (working copy)
@@ -277,7 +277,7 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile.
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
set cmd $sshcmd
I found the relevant line next to the previous backport,
but this change causes all ssh contacts to fail even the 'up' test.

what is wrong with compare ?

lukasz
heasley
2015-06-03 16:06:44 UTC
Permalink
Post by Lukasz Sokol
I found the relevant line next to the previous backport,
but this change causes all ssh contacts to fail even the 'up' test.
What do you mean by 'up test'? show us actual error transcripts. If I
remove the '+ct' bit from the username, I can connect and pass
authentication to a cisco.
Post by Lukasz Sokol
what is wrong with compare ?
match allows the glob; ssh* -> ssh, ssh:nnn
Lukasz Sokol
2015-06-03 16:15:18 UTC
Permalink
Post by heasley
I found the relevant line next to the previous backport, but this
change causes all ssh contacts to fail even the 'up' test.
What do you mean by 'up test'? show us actual error transcripts. If
I remove the '+ct' bit from the username, I can connect and pass
authentication to a cisco.
With the patch, after rancid-run I get an email that the run was unsuccessful.
Post by heasley
what is wrong with compare ?
match allows the glob; ssh* -> ssh, ssh:nnn
mtlogin -d to a host that worked before the patch :

***@george:~$ bin/mtlogin -d workinghost
workinghost
Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?' is 'HOST IDENTIFICATION HAS CHANGED* (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED[^
]+' is 'HOST IDENTIFICATION HAS CHANGED*'. Activating booster.
Gate keeper glob pattern for 'Offending key for .* \(yes/no\)\?' is 'Offending key for * (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'Login:' is 'Login:'. Activating booster.
Gate keeper glob pattern for '[Pp]assword:' is '?assword:'. Activating booster.
Gate keeper glob pattern for '^Confirm seeing above note' is 'Confirm seeing above note'. Activating booster.
Gate keeper glob pattern for '] > ' is '] > '. Activating booster.

expect: does "" (spawn_id exp0) match glob pattern "Connection refused"? no
"Unknown host\r\n"? no
"Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"? gate=no
"Login:"? Gate "Login:"? gate=no
"[Pp]assword:"? Gate "?assword:"? gate=no
"^Confirm seeing above note"? Gate "Confirm seeing above note"? gate=no
"Password incorrect"? no
"] > "? Gate "] > "? gate=no
"denied"? no
"\r\n"? no

# it appears stuck so
# I pressed ^D here

expect: read eof
expect: set expect_out(spawn_id) "exp0"
expect: set expect_out(buffer) ""
send: spawn id exp0 not open
while executing
"send_user "\nError: Couldn't login\n""
invoked from within
"expect {
"Connection refused" {
catch {close}; catch {wait};
sleep 0.3
expect eof
send_user "\nError: Connection Refused\n"; wait; retu..."
(procedure "login" line 72)
invoked from within
"login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile"
("foreach" body line 87)
invoked from within
"foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"

# Figure out prompt.
set prompt "] >..."
(file "bin/mtlogin" line 480)


Hope this helps
Lukasz

( I'll test more tomorrow, GMT/BST timezone)
heasley
2015-06-03 16:36:21 UTC
Permalink
Post by Lukasz Sokol
Post by heasley
I found the relevant line next to the previous backport, but this
change causes all ssh contacts to fail even the 'up' test.
What do you mean by 'up test'? show us actual error transcripts. If
I remove the '+ct' bit from the username, I can connect and pass
authentication to a cisco.
With the patch, after rancid-run I get an email that the run was unsuccessful.
Post by heasley
what is wrong with compare ?
match allows the glob; ssh* -> ssh, ssh:nnn
workinghost
seems that you truncated the output here; the spawn, etc are missing. we'd
need to see the output leading up to this.
Post by Lukasz Sokol
Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?' is 'HOST IDENTIFICATION HAS CHANGED* (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED[^
]+' is 'HOST IDENTIFICATION HAS CHANGED*'. Activating booster.
Gate keeper glob pattern for 'Offending key for .* \(yes/no\)\?' is 'Offending key for * (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'Login:' is 'Login:'. Activating booster.
Gate keeper glob pattern for '[Pp]assword:' is '?assword:'. Activating booster.
Gate keeper glob pattern for '^Confirm seeing above note' is 'Confirm seeing above note'. Activating booster.
Gate keeper glob pattern for '] > ' is '] > '. Activating booster.
expect: does "" (spawn_id exp0) match glob pattern "Connection refused"? no
"Unknown host\r\n"? no
"Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"? gate=no
"Login:"? Gate "Login:"? gate=no
"[Pp]assword:"? Gate "?assword:"? gate=no
"^Confirm seeing above note"? Gate "Confirm seeing above note"? gate=no
"Password incorrect"? no
"] > "? Gate "] > "? gate=no
"denied"? no
"\r\n"? no
# it appears stuck so
# I pressed ^D here
expect: read eof
expect: set expect_out(spawn_id) "exp0"
expect: set expect_out(buffer) ""
send: spawn id exp0 not open
while executing
"send_user "\nError: Couldn't login\n""
invoked from within
"expect {
"Connection refused" {
catch {close}; catch {wait};
sleep 0.3
expect eof
send_user "\nError: Connection Refused\n"; wait; retu..."
(procedure "login" line 72)
invoked from within
"login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile"
("foreach" body line 87)
invoked from within
"foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"
# Figure out prompt.
set prompt "] >..."
(file "bin/mtlogin" line 480)
Hope this helps
Lukasz
( I'll test more tomorrow, GMT/BST timezone)
Lukasz Sokol
2015-06-04 09:42:01 UTC
Permalink
Hi,
Post by heasley
seems that you truncated the output here; the spawn, etc are missing. we'd
need to see the output leading up to this.
No I did not - it just did not print it there. here are 2 runs : one on the host
that used to work (workinghost) and one on the host with shifted port (shiftedhost):

(shiftedhost has the method {ssh:65122} in .cloginrc )

~$ bin/mtlogin workinghost
workinghost

(here it just hung, printed NOTHING, with -d the output is exactly as I pasted last time,
no spawn line...)


~bin/mtlogin -d shiftedhost
shiftedhost
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct shiftedhost

# is it me or it still does not add '-p 65122' here?

parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {6388}
Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?' is 'HOST IDENTIFICATION HAS CHANGED* (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED[^
]+' is 'HOST IDENTIFICATION HAS CHANGED*'. Activating booster.
Gate keeper glob pattern for 'Offending key for .* \(yes/no\)\?' is 'Offending key for * (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'Login:' is 'Login:'. Activating booster.
Gate keeper glob pattern for '[Pp]assword:' is '?assword:'. Activating booster.
Gate keeper glob pattern for '^Confirm seeing above note' is 'Confirm seeing above note'. Activating booster.
Gate keeper glob pattern for '] > ' is '] > '. Activating booster.

expect: does "" (spawn_id exp6) match glob pattern "Connection refused"? no
"Unknown host\r\n"? no
"Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"? gate=no
"Login:"? Gate "Login:"? gate=no
"[Pp]assword:"? Gate "?assword:"? gate=no
"^Confirm seeing above note"? Gate "Confirm seeing above note"? gate=no
"Password incorrect"? no
"] > "? Gate "] > "? gate=no
"denied"? no
"\r\n"? no
ssh: connect to host shiftedhost port 22: Connection refused

expect: does "ssh: connect to host shiftedhost port 22: Connection refused\r\r\n" (spawn_id exp6) match glob pattern "Connection refused"? yes
expect: set expect_out(0,string) "Connection refused"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) "ssh: connect to host shiftedhost port 22: Connection refused"
can not find channel named "exp6"
while executing
"expect eof"
invoked from within
"expect {
"Connection refused" {
catch {close}; catch {wait};
sleep 0.3
expect eof
send_user "\nError: Connection Refused\n"; wait; retu..."
(procedure "login" line 72)
invoked from within
"login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile"
("foreach" body line 87)
invoked from within
"foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"

# Figure out prompt.
set prompt "] >..."
(file "bin/mtlogin" line 480)

without the patch:

~$ bin/mtlogin.orig -d workinghost
workinghost
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct workinghost

(and the rest is working then, skipping.)
Lukasz Sokol
2015-06-04 10:43:06 UTC
Permalink
I added

send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n"

under the regex and now I'm seeing:

~$ bin/mtlogin.patched shftedhost
shiftedhost
prog: ssh -p 65122
methcmd: ssh
suffix:
port:
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct shiftedhost
ssh: connect to host shiftedhost port 22: Connection refused

So it /does/ get the -p 65122 from somewhere above?

for comparison, when running with workinghost:

~$ bin/mtlogin workinghost
workinghost
prog: ssh
methcmd: ssh
suffix:
port:
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct workinghost

So If i say the $cmd to be $prog...

set $cmd $prog

it works! for both cases (default and specified port)

Patch inline below.

--- mtlogin.orig 2015-06-03 17:08:33.642852694 +0100
+++ mtlogin 2015-06-04 11:37:31.085409961 +0100
@@ -323,10 +323,12 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile. backported from trunk.
+ # also if port given in method, use it
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
- set cmd $sshcmd
+ send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n" # debug line
+ set cmd $prog
if {"$port" != ""} {
set cmd "$cmd -p $port"
}

Please review..
heasley
2015-06-05 00:13:58 UTC
Permalink
Post by Lukasz Sokol
I added
send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n"
~$ bin/mtlogin.patched shftedhost
shiftedhost
prog: ssh -p 65122
methcmd: ssh
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct shiftedhost
ssh: connect to host shiftedhost port 22: Connection refused
So it /does/ get the -p 65122 from somewhere above?
~$ bin/mtlogin workinghost
workinghost
prog: ssh
methcmd: ssh
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct workinghost
So If i say the $cmd to be $prog...
set $cmd $prog
it works! for both cases (default and specified port)
I am confused. I sent diffs from the trunk, but this and the related parts
are unchanged since 3.0. I'll send you a fresh version to test in a
separate email; one that is complete with cloginrc:sshcmd support.
Post by Lukasz Sokol
Patch inline below.
--- mtlogin.orig 2015-06-03 17:08:33.642852694 +0100
+++ mtlogin 2015-06-04 11:37:31.085409961 +0100
@@ -323,10 +323,12 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile. backported from trunk.
+ # also if port given in method, use it
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
- set cmd $sshcmd
+ send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n" # debug line
+ set cmd $prog
if {"$port" != ""} {
set cmd "$cmd -p $port"
}
Please review..
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Lukasz Sokol
2015-06-05 07:53:20 UTC
Permalink
Post by heasley
Post by Lukasz Sokol
I added
send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n"
~$ bin/mtlogin.patched shftedhost
shiftedhost
prog: ssh -p 65122
methcmd: ssh
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct shiftedhost
ssh: connect to host shiftedhost port 22: Connection refused
So it /does/ get the -p 65122 from somewhere above?
~$ bin/mtlogin workinghost
workinghost
prog: ssh
methcmd: ssh
spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l username+ct workinghost
So If i say the $cmd to be $prog...
set $cmd $prog
it works! for both cases (default and specified port)
I am confused. I sent diffs from the trunk, but this and the related parts
are unchanged since 3.0. I'll send you a fresh version to test in a
separate email; one that is complete with cloginrc:sshcmd support.
This is against

***@george:~$ bin/rancid -V
rancid 2.3.8

together with the backport of ssh ident file support as you've backported it then for me...
(I applied it manually back then)
Post by heasley
Post by Lukasz Sokol
Patch inline below.
--- mtlogin.orig 2015-06-03 17:08:33.642852694 +0100
+++ mtlogin 2015-06-04 11:37:31.085409961 +0100
@@ -323,10 +323,12 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile. backported from trunk.
+ # also if port given in method, use it
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
- set cmd $sshcmd
+ send_user "prog: $prog\n methcmd: $methcmd\n suffix: $suffix \nport: $port\n" # debug line
+ set cmd $prog
if {"$port" != ""} {
set cmd "$cmd -p $port"
}
Please review..
Will answer to that one.

Lukasz Sokol
2015-06-03 16:04:17 UTC
Permalink
Post by Lukasz Sokol
Post by heasley
Post by Lukasz Sokol
hostname
Error: unknown connection method: ssh:65122
will get there, eventually :)
grumble. it needs to match the port below; i think this change is the
missing bit. sorry
Index: bin/mtlogin.in
===================================================================
--- bin/mtlogin.in (revision 3124)
+++ bin/mtlogin.in (working copy)
@@ -277,7 +277,7 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile.
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
set cmd $sshcmd
I found the relevant line next to the previous backport,
but this change causes all ssh contacts to fail even the 'up' test.
what is wrong with compare ?
lukasz
would this mean that the default ssh method would need to be {ssh:22} with this change?
so that the one with {ssh:65122} will be an exception ?

or might the order of 'regexp {...} methcmd suffix port' matter then?

sorry for stabbing in the dark :)

lukasz
Michael Newton
2015-06-03 16:42:25 UTC
Permalink
If you’re looking to connect to a custom port number, this is what we do. Not sure if you can use it or not, but thought it might help someone.

/var/rancid/foo/router.db:
host.example.com:2222;hp;up;HP switch 22

host.example.com:3222;aruba;up;Aruba switch 32


/var/rancid/.cloginrc:
add sshcmd * {/usr/local/bin/sshport}


/usr/local/bin/sshport:
#!/bin/sh

#host is the last argument passed

FULLHOST=${!#}

#check it for the colon

if [ -z "${FULLHOST##*:*}" ]

then

#stuff left of colon

HOST=${FULLHOST%:*}

#stuff right of colon

PORT=${FULLHOST#*:}

else

HOST=$FULLHOST

PORT=22

fi

#now remove the original host from the arguments list

#??? magic!

ARGS=( "$@" )

unset ARGS[${#ARGS[@]}-1]

ARGS=${ARGS[@]}

/usr/bin/ssh -p $PORT $ARGS $HOST





--

Michael Newton
Director, Product Development
Point of Presence Technologies


From: Rancid-discuss on behalf of Lukasz Sokol
Date: Wednesday, June 3, 2015 at 9:04 AM
To: "rancid-***@shrubbery.net"
Subject: Re: [rancid] .cloginrc add method hostname {ssh:-port} for mtlogin/mtrancid?

On 03/06/15 16:42, Lukasz Sokol wrote:
On 03/06/15 16:08, heasley wrote:
Wed, Jun 03, 2015 at 03:07:39PM +0100, Lukasz Sokol:
***@george:~$ bin/mtlogin hostname
hostname

Error: unknown connection method: ssh:65122

will get there, eventually :)

grumble. it needs to match the port below; i think this change is the
missing bit. sorry

Index: bin/mtlogin.in
===================================================================
--- bin/mtlogin.in (revision 3124)
+++ bin/mtlogin.in (working copy)
@@ -277,7 +277,7 @@
send_user "\nError: telnet failed: $reason\n"
return 1
}
- } elseif ![string compare $prog "ssh"] {
+ } elseif [string match "ssh*" $prog] {
# ssh to the router & try to login with or without an identfile.
regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port
set cmd $sshcmd


I found the relevant line next to the previous backport,
but this change causes all ssh contacts to fail even the 'up' test.

what is wrong with compare ?

lukasz

would this mean that the default ssh method would need to be {ssh:22} with this change?
so that the one with {ssh:65122} will be an exception ?

or might the order of 'regexp {...} methcmd suffix port' matter then?

sorry for stabbing in the dark :)

lukasz
heasley
2015-06-03 18:30:18 UTC
Permalink
If you’re looking to connect to a custom port number, this is what we do. Not sure if you can use it or not, but thought it might help someone.
host.example.com:2222;hp;up;HP switch 22
host.example.com:3222;aruba;up;Aruba switch 32
indeed, if your client supports that. but the port will appear in the
RCS filename, if i am not mistaken.

Lukasz, I'd still like to know why the patch isnt working for you. I
suspect that your issue is unrelated.
Michael Newton
2015-06-03 18:34:53 UTC
Permalink
Yes it does; we are pulling configs from remote client sites via NAT, not local machines, so we want the port number in the file name anyway.


--

Michael Newton
Director, Product Development
Point of Presence Technologies


From: heasley
Date: Wednesday, June 3, 2015 at 11:30 AM
To: Michael Newton
Cc: Lukasz Sokol, "rancid-***@shrubbery.net"
Subject: Re: [rancid] .cloginrc add method hostname {ssh:-port} for mtlogin/mtrancid?

Wed, Jun 03, 2015 at 04:42:25PM +0000, Michael Newton:
If you’re looking to connect to a custom port number, this is what we do. Not sure if you can use it or not, but thought it might help someone.

/var/rancid/foo/router.db:
host.example.com:2222;hp;up;HP switch 22

host.example.com:3222;aruba;up;Aruba switch 32

indeed, if your client supports that. but the port will appear in the
RCS filename, if i am not mistaken.
Lukasz Sokol
2015-06-04 09:24:10 UTC
Permalink
Post by heasley
If you’re looking to connect to a custom port number, this is what we do. Not sure if you can use it or not, but thought it might help someone.
host.example.com:2222;hp;up;HP switch 22
host.example.com:3222;aruba;up;Aruba switch 32
indeed, if your client supports that. but the port will appear in the
RCS filename, if i am not mistaken.
For this reason I'd rather have it working the 'right way', unless I have my script method
explicitly call that device on that port ...
Post by heasley
Lukasz, I'd still like to know why the patch isnt working for you. I
suspect that your issue is unrelated.
.
Yeah sorry I will send reply to previous message shortly.

Lukasz
Loading...