Discussion:
[rancid] hlogin script to ProCurve 2650
Steve Ousley
2008-08-04 16:14:54 UTC
Permalink
Hi



We are just trying to add some ProCurve switches to RANCID. I have got
various PIX and ASA's on rancid, but this is my first attempt at a HP
device.



I have setup the method for this as {telnet} above the add method * line so
it tries to use telnet rather than ssh for this device.



When I run hlogin <device name> I see the following:



nagios-1:/usr/local/rancid/var/mkone# hlogin <device name>

<device name>

spawn hpuifilter -- telnet <device name>

Trying <ip>...

Connected to <device name>

Escape character is '^]'.

ProCurve J4899B Switch 2650

Software revision H.10.50



Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved.



RESTRICTED RIGHTS LEGEND



Use, duplication, or disclosure by the Government is subject to
restrictions

as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data
and

Computer Software clause at 52.227-7013.



HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303



<company> procurve



Press any key to continuePassword:

ProCurve Switch 2650#





To me, this looks to be all ok (after testing with telnet straight away),
however, when I get to this point, the session seems to die, and I cannot do
anything on the switch, then the connection times out after a short while
and disconnects.



I have tried manually telnetting to the device, and can run commands on the
switch no problems (sh run etc), and get output.



Also, is there any way to use rancid to connect to a device on multiple
ports? For instance I would like to get rancid to get configurations from 2
switches, where the gateway forwards the relevant port to the relevant
switch. Eg telnet 1.2.3.4 on port 23 telnet 1.2.3.4 on port 45.



Regards



Steve Ousley - SO620-RIPE

Nuco Technologies Ltd

<mailto:***@host-it.co.uk> ***@host-it.co.uk

<http://www.nucotechnologies.com/> www.nucotechnologies.com

Tel. 0870 165 1300



Nuco Technologies Ltd is a company registered in England and Wales
with company number 04470751
Mr. James W. Laferriere
2008-08-04 19:09:08 UTC
Permalink
Hello Steve ,
Post by Steve Ousley
Hi
We are just trying to add some ProCurve switches to RANCID. I have got
various PIX and ASA's on rancid, but this is my first attempt at a HP
device.
I have setup the method for this as {telnet} above the add method * line so
it tries to use telnet rather than ssh for this device.
nagios-1:/usr/local/rancid/var/mkone# hlogin <device name>
<device name>
spawn hpuifilter -- telnet <device name>
Trying <ip>...
Connected to <device name>
Escape character is '^]'.
ProCurve J4899B Switch 2650
Software revision H.10.50
Copyright (C) 1991-2007 Hewlett-Packard Co. All Rights Reserved.
RESTRICTED RIGHTS LEGEND
Use, duplication, or disclosure by the Government is subject to
restrictions
as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data
and
Computer Software clause at 52.227-7013.
HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303
<company> procurve
ProCurve Switch 2650#
To me, this looks to be all ok (after testing with telnet straight away),
however, when I get to this point, the session seems to die, and I cannot do
anything on the switch, then the connection times out after a short while
and disconnects.
Please see both of the attachments . One is a patch to Rancid's hlogin
command that will appease the 'Press any key' gods , Tho Mr. john heasley has a
better approach that would basically do the same thing . The second is a method
to get a ProCurve (of the version specified) back from Menu Mode . Tho it does
not look like you need that help .
Post by Steve Ousley
I have tried manually telnetting to the device, and can run commands on the
switch no problems (sh run etc), and get output.
Also, is there any way to use rancid to connect to a device on multiple
ports? For instance I would like to get rancid to get configurations from 2
switches, where the gateway forwards the relevant port to the relevant
switch. Eg telnet 1.2.3.4 on port 23 telnet 1.2.3.4 on port 45.
I'm no help to you here , Also be patient , wait a good while before
getting upset about not geeing responses , Many on this list will respond
eventually they are all extremely busy .
Post by Steve Ousley
Regards
Steve Ousley - SO620-RIPE
Nuco Technologies Ltd
<http://www.nucotechnologies.com/> www.nucotechnologies.com
Tel. 0870 165 1300
Nuco Technologies Ltd is a company registered in England and Wales
with company number 04470751
Hth , JimL
--
+------------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network&System Engineer | 2133 McCullam Ave | Give me Linux |
| ***@baby-dragons.com | Fairbanks, AK. 99701 | only on AXP |
+------------------------------------------------------------------+
Steve Ousley
2008-08-05 08:16:24 UTC
Permalink
-----Original Message-----
From: Mr. James W. Laferriere [mailto:***@baby-dragons.com]
Sent: 04 August 2008 20:09
To: Steve Ousley
Cc: rancid
Subject: Re: [rancid] hlogin script to ProCurve 2650
Post by Mr. James W. Laferriere
Please see both of the attachments . One is a patch to Rancid's hlogin
command that will appease the 'Press any key' gods ,
Post by Mr. James W. Laferriere
Tho Mr. john heasley has a better approach that would basically do the same
thing . The second is a method to get a ProCurve
Post by Mr. James W. Laferriere
(of the version specified) back from Menu Mode . Tho it does not look like
you need that help .

Thanks for this James, I will have a look at this, as you say, doesn't look
like the switch is in menu mode, so that doesn't look to be what I need to
do. I may wait a week or so, to see if anything else appears (It is not
critical that this switch gets backed up immediately), if not, maybe apply
the patch (is it possible to undo this, or should I backup the rancid
directory?).
Post by Mr. James W. Laferriere
I'm no help to you here , Also be patient , wait a good while before
getting upset about not geeing responses ,
Post by Mr. James W. Laferriere
Many on this list will respond eventually they are all extremely busy .
Yep, I understand this, I usually take no answer as an "I don't know the
answer", and as this is probably a bit of a strange request, I can see that
it may also be requested by a few others. We shall see what happens with
this one I suppose. :)

Thanks again.

Steve
Emmanuel Halbwachs
2008-08-06 16:08:34 UTC
Permalink
Hello,
Post by Steve Ousley
We are just trying to add some ProCurve switches to RANCID. I have
got various PIX and ASA?s on rancid, but this is my first attempt at
a HP device.
By the way, as an HP Procurve user, this patch from John Heasley was
extremely useful :

http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002720.html

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Steve Ousley
2008-08-06 16:58:12 UTC
Permalink
Hi All

I have had a look at this patch, and edited the "hlogin" script as per the
patch, however now I get a different problem, when I hlogin <device name> I
simply see it state "Invalid Password" 3 times, and then the session
terminate with "unable to login", followed by the connection closing
immediately.

Any body else seen this at all?

Regards

Steve Ousley - SO620-RIPE
Nuco Technologies Ltd
***@host-it.co.uk
www.nucotechnologies.com
Tel. 0870 165 1300

Nuco Technologies Ltd is a company registered in England and Wales
with company number 04470751


-----Original Message-----
From: Emmanuel Halbwachs [mailto:***@obspm.fr]
Sent: 06 August 2008 17:09
To: Steve Ousley
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] hlogin script to ProCurve 2650

Hello,
Post by Steve Ousley
We are just trying to add some ProCurve switches to RANCID. I have
got various PIX and ASA?s on rancid, but this is my first attempt at
a HP device.
By the way, as an HP Procurve user, this patch from John Heasley was
extremely useful :

http://www.shrubbery.net/pipermail/rancid-discuss/2008-January/002720.html

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Steve Ousley
2008-08-07 12:01:19 UTC
Permalink
This post might be inappropriate. Click to display it.
Emmanuel Halbwachs
2008-08-07 12:20:53 UTC
Permalink
Hello,
Post by Steve Ousley
however nothing has changed, when running something like sh run (works when
I manually telnet in) it just hangs, then disconnects. It looks like hlogin
is not handing over the control of the shell to me with the interact
command, however I could be well off with this one.
Well, it works straight ahead here.
I'm using Debian etch's rancid

Paquet : rancid-core
Version : 2.3.1-1

with John Heasley's patch I cited previously.

Example of output :

# /usr/lib/rancid/bin/hlogin -v shhhh -e shhhh -c "sh run" sw-m-b15-27-1

sw-m-b15-27-1
spawn hpuifilter -- telnet sw-m-b15-27-1
Trying 145.238.***.***...
Connected to sw-m-b15-27-1.obspm.fr.
Escape character is '^]'.
ProCurve J4899B Switch 2650
Firmware revision H.08.83

Copyright (C) 1991-2005 Hewlett-Packard Co. All Rights Reserved.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the Government is subject to restrictions
as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and
Computer Software clause at 52.227-7013.

HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303

Password:


sw-m-b15-27-1> enable
Password:
sw-m-b15-27-1#
sw-m-b15-27-1# no page
sw-m-b15-27-1# sh run

Running configuration:

; J4899B Configuration Editor; Created on release #H.08.83

hostname "sw-m-b15-27-1"


[etc. the whole configuration]

sw-m-b15-27-1#exit
sw-m-b15-27-1> exit
Do you want to log out [y/n]? y

Connection closed by foreign host.
#

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Steve Ousley
2008-08-07 12:33:00 UTC
Permalink
Hi Emmanuel

I am using the source from rancid's site, however this is hosted on Debian
Etch (I didn't realise it was in apt).

I have tried running hlogin with the command you pasted below (with the
passwords changed for the right ones) and I simply get an error:
-bash: <password>: event not found

I have also tried without the either the -v and -e parts, and also with both
of these removed, but with the -c "sh run", and it logs into the switch no
problems, however it still fails to do anything once it has logged in.

The only difference I can see from your output to mine is that yours gives
you the > prompt and then enables where the one I have here simply goes
straight to the #prompt (enabled I assume).

I have also tried this with -noenable and -autoenable, but with the same
result.

Regards

Steve Ousley - SO620-RIPE
Nuco Technologies Ltd
***@host-it.co.uk
www.nucotechnologies.com
Tel. 0870 165 1300

Nuco Technologies Ltd is a company registered in England and Wales
with company number 04470751


-----Original Message-----
From: Emmanuel Halbwachs [mailto:***@obspm.fr]
Sent: 07 August 2008 13:21
To: Steve Ousley
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Re: hlogin script to ProCurve 2650

Hello,
Post by Steve Ousley
however nothing has changed, when running something like sh run (works when
I manually telnet in) it just hangs, then disconnects. It looks like hlogin
is not handing over the control of the shell to me with the interact
command, however I could be well off with this one.
Well, it works straight ahead here.
I'm using Debian etch's rancid

Paquet : rancid-core
Version : 2.3.1-1

with John Heasley's patch I cited previously.

Example of output :

# /usr/lib/rancid/bin/hlogin -v shhhh -e shhhh -c "sh run" sw-m-b15-27-1

sw-m-b15-27-1
spawn hpuifilter -- telnet sw-m-b15-27-1
Trying 145.238.***.***...
Connected to sw-m-b15-27-1.obspm.fr.
Escape character is '^]'.
ProCurve J4899B Switch 2650
Firmware revision H.08.83

Copyright (C) 1991-2005 Hewlett-Packard Co. All Rights Reserved.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the Government is subject to
restrictions
as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data
and
Computer Software clause at 52.227-7013.

HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303

Password:


sw-m-b15-27-1> enable
Password:
sw-m-b15-27-1#
sw-m-b15-27-1# no page
sw-m-b15-27-1# sh run

Running configuration:

; J4899B Configuration Editor; Created on release #H.08.83

hostname "sw-m-b15-27-1"


[etc. the whole configuration]

sw-m-b15-27-1#exit
sw-m-b15-27-1> exit
Do you want to log out [y/n]? y

Connection closed by foreign host.
#

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Emmanuel Halbwachs
2008-08-07 12:47:58 UTC
Permalink
Post by Steve Ousley
Post by Emmanuel Halbwachs
I'm using Debian etch's rancid
Paquet : rancid-core
Version : 2.3.1-1
Oops, sorry, on this box it's still sarge (Debian oldstable). The
version for etch is :

$ aptitude show rancid-core
Paquet : rancid-core
[...]
Version : 2.3.1-4

Anyway, you're using shruberry's source.
Post by Steve Ousley
(I didn't realise it was in apt).
Yes, in the non-free section.
Post by Steve Ousley
The only difference I can see from your output to mine is that yours gives
you the > prompt and then enables where the one I have here simply goes
straight to the #prompt (enabled I assume).
My usage of rancid is very limited: I have an empty ~root/.cloginrc,
thus no configuration. I only use the command-line options and use
{c,h}login in shell loops.

My advice would be first to restart from scratch : install Debian's
plain rancid on an etch box, apply the patch and then test hlogin
with an empty .cloginrc.

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Steve Ousley
2008-08-07 13:34:32 UTC
Permalink
Hi Emmanuel

I have just tried this with the debian mirror version of rancid, and I have
exactly the same issue there, even with the patch applied. I don’t even
know how to debug this problem.

Steve Ousley - SO620-RIPE
Nuco Technologies Ltd
***@host-it.co.uk
www.nucotechnologies.com
Tel. 0870 165 1300

Nuco Technologies Ltd is a company registered in England and Wales
with company number 04470751


-----Original Message-----
From: Emmanuel Halbwachs [mailto:***@obspm.fr]
Sent: 07 August 2008 13:48
To: Steve Ousley
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Re: hlogin script to ProCurve 2650
Post by Steve Ousley
Post by Emmanuel Halbwachs
I'm using Debian etch's rancid
Paquet : rancid-core
Version : 2.3.1-1
Oops, sorry, on this box it's still sarge (Debian oldstable). The
version for etch is :

$ aptitude show rancid-core
Paquet : rancid-core
[...]
Version : 2.3.1-4

Anyway, you're using shruberry's source.
Post by Steve Ousley
(I didn't realise it was in apt).
Yes, in the non-free section.
Post by Steve Ousley
The only difference I can see from your output to mine is that yours gives
you the > prompt and then enables where the one I have here simply goes
straight to the #prompt (enabled I assume).
My usage of rancid is very limited: I have an empty ~root/.cloginrc,
thus no configuration. I only use the command-line options and use
{c,h}login in shell loops.

My advice would be first to restart from scratch : install Debian's
plain rancid on an etch box, apply the patch and then test hlogin
with an empty .cloginrc.

HTH,
--
Emmanuel Halbwachs
Resp. Réseau/Sécurité Observatoire de Paris-Meudon
tel : (+33)1 45 07 75 54 5 Place Jules Janssen
fax : (+33)1 45 07 76 13 F 92195 MEUDON CEDEX
Loading...