[rancid] clogin password

Discussion:

Smirnoff Alexander

2008-07-25 06:27:42 UTC

Hello!

I have a lot of cisco devices, and RANCID collect configurations from
them. I use this clogin configuration:

#all routers

add user * user

add password * password enablepassword

But some devices not ask Username - only password. How I can setup
clogin , for trying directly password,

then router not ask username, without selecting all this routers int
.cloginrc?

--
Regards,
Alexandr Smirnov

john heasley

2008-07-25 17:27:02 UTC

Permalink

Post by Smirnoff Alexander
Hello!
I have a lot of cisco devices, and RANCID collect configurations from
#all routers
add user * user
add password * password enablepassword
But some devices not ask Username - only password. How I can setup
clogin , for trying directly password,

If the passwords are the same, then this should work. if it doesn't
ask for a username, one simply won't be given.

Post by Smirnoff Alexander
then router not ask username, without selecting all this routers int
.cloginrc?

i don't understand that last bit.

Smirnoff Alexander

2008-07-29 07:07:27 UTC

Permalink

I try to explain more. For example I have 3 cisco routers. All have same
password and username, but one router ask only password. Now I use this
.clorginrc:

#all routers
add user * user
add password * password enablepassword

And RANCID can login only to 2 cisco's what ask username, third cisco
ask only password, and RANCID can't login.

What I need to change in .cloginrc for login to third Cisco?

-----Original Message-----
From: john heasley [mailto:***@shrubbery.net]
Sent: Friday, July 25, 2008 9:27 PM
To: Smirnoff Alexander
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] clogin password

If the passwords are the same, then this should work. if it doesn't
ask for a username, one simply won't be given.

Post by Smirnoff Alexander
then router not ask username, without selecting all this routers int
.cloginrc?

i don't understand that last bit.

Dale Shaw

2008-07-29 14:44:26 UTC

Permalink

Hi,

Post by Smirnoff Alexander
I try to explain more. For example I have 3 cisco routers. All have same
password and username, but one router ask only password. Now I use this
#all routers
add user * user
add password * password enablepassword
And RANCID can login only to 2 cisco's what ask username, third cisco
ask only password, and RANCID can't login.
What I need to change in .cloginrc for login to third Cisco?

I think you probably want:

add user * {alexander}
add userpassword * {alexanderpasswd}
add password * {vtypasswd} {enablepwd}

If the router gives a Username: prompt, it'll enter Username:
alexander and Password: alexanderpasswd, then go into enable mode with
"enablepwd". If it doesn't prompt for Username:, it'll just enter
"vtypasswd", then go into enable mode with "enablepwd".

cheers,
Dale

john heasley

2008-07-29 15:11:17 UTC

Permalink

Post by Dale Shaw
Hi,

add user * {alexander}
add userpassword * {alexanderpasswd}
add password * {vtypasswd} {enablepwd}
alexander and Password: alexanderpasswd, then go into enable mode with

if alexanderpasswd/userpassword does not exist, it should use vtypasswd

Post by Dale Shaw
"enablepwd". If it doesn't prompt for Username:, it'll just enter
"vtypasswd", then go into enable mode with "enablepwd".
cheers,
Dale
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

Smirnoff Alexander

2008-07-31 09:29:45 UTC

Permalink

Thanx a lot - it really what I need.

-----Original Message-----
From: ***@gmail.com [mailto:***@gmail.com] On Behalf Of Dale
Shaw
Sent: Tuesday, July 29, 2008 6:44 PM
To: Smirnoff Alexander
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Re: clogin password

Hi,

On Tue, Jul 29, 2008 at 12:07 AM, Smirnoff Alexander

Martin, Seth

2008-07-29 14:31:47 UTC

Permalink

You need to configure your line statements to use login local (assuming
the users are setup in ios and not using remote AAA)

Should be at the bottom of your routers configuration

line vty 0 4
login local

_____________________________________________________________________
Seth Martin
- Desk: 239-949-4450 x6705 - Cell: 239-588-0681 - Fax: 239-495-5181 -

-----Original Message-----
From: rancid-discuss-***@shrubbery.net
[mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Smirnoff
Alexander
Sent: Tuesday, July 29, 2008 3:07 AM
To: rancid-***@shrubbery.net
Subject: [rancid] Re: clogin password

I try to explain more. For example I have 3 cisco routers. All have same
password and username, but one router ask only password. Now I use this
.clorginrc:

#all routers
add user * user
add password * password enablepassword

And RANCID can login only to 2 cisco's what ask username, third cisco
ask only password, and RANCID can't login.

What I need to change in .cloginrc for login to third Cisco?

-----Original Message-----
From: john heasley [mailto:***@shrubbery.net]
Sent: Friday, July 25, 2008 9:27 PM
To: Smirnoff Alexander
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] clogin password

If the passwords are the same, then this should work. if it doesn't
ask for a username, one simply won't be given.

Post by Smirnoff Alexander
then router not ask username, without selecting all this routers int
.cloginrc?

i don't understand that last bit.

Gregory W Zill

2008-07-29 14:38:24 UTC

Permalink

Further, in the .cloginrc file, the generic lines you currently have
will serve two out of three routers, so for the third, specifically add

add user router201 admin
add password router201 g00dpa55w0rd

where your routers might be distinguished as
router101
router102
router 201

The router101 and router 102 will follow the * entries you have and the
router201 will follow the more specific entries.

Post by Martin, Seth
You need to configure your line statements to use login local (assuming
the users are setup in ios and not using remote AAA)
Should be at the bottom of your routers configuration
line vty 0 4
login local
_____________________________________________________________________
Seth Martin
- Desk: 239-949-4450 x6705 - Cell: 239-588-0681 - Fax: 239-495-5181 -
-----Original Message-----
Alexander
Sent: Tuesday, July 29, 2008 3:07 AM
Subject: [rancid] Re: clogin password
I try to explain more. For example I have 3 cisco routers. All have same
password and username, but one router ask only password. Now I use this
#all routers
add user * user
add password * password enablepassword
And RANCID can login only to 2 cisco's what ask username, third cisco
ask only password, and RANCID can't login.
What I need to change in .cloginrc for login to third Cisco?
-----Original Message-----
Sent: Friday, July 25, 2008 9:27 PM
To: Smirnoff Alexander
Subject: Re: [rancid] clogin password

If the passwords are the same, then this should work. if it doesn't
ask for a username, one simply won't be given.

Post by Smirnoff Alexander
then router not ask username, without selecting all this routers int
.cloginrc?

i don't understand that last bit.
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

--
gregory w zill, mba, cissp
Information Security Engineer
Managed Services Team
-----------------------------
Solutionary, Inc.
Making Security Manageable
v: 402-361-3066

Smirnoff Alexander

2008-07-30 05:17:18 UTC

Permalink

Huh, really i have not 3 , but ~1000 cisco routers, and in this case i
need describe all routers what don't ask Username: in .cloginrc , or
setup AAA on routers - it's a though task , and i want avoid it by such
.cloginrc configuration what consider all devices - with Username and
without.

-----Original Message-----
From: Gregory W Zill [mailto:***@solutionary.com]
Sent: Tuesday, July 29, 2008 6:38 PM
To: Smirnoff Alexander
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Re: clogin password

Further, in the .cloginrc file, the generic lines you currently have
will serve two out of three routers, so for the third, specifically add

add user router201 admin
add password router201 g00dpa55w0rd

where your routers might be distinguished as
router101
router102
router 201

The router101 and router 102 will follow the * entries you have and the
router201 will follow the more specific entries.

Post by Martin, Seth
You need to configure your line statements to use login local

(assuming

Post by Martin, Seth
the users are setup in ios and not using remote AAA)
Should be at the bottom of your routers configuration
line vty 0 4
login local
_____________________________________________________________________
Seth Martin
- Desk: 239-949-4450 x6705 - Cell: 239-588-0681 - Fax: 239-495-5181 -
-----Original Message-----
Alexander
Sent: Tuesday, July 29, 2008 3:07 AM
Subject: [rancid] Re: clogin password
I try to explain more. For example I have 3 cisco routers. All have same
password and username, but one router ask only password. Now I use this
#all routers
add user * user
add password * password enablepassword
And RANCID can login only to 2 cisco's what ask username, third cisco
ask only password, and RANCID can't login.
What I need to change in .cloginrc for login to third Cisco?
-----Original Message-----
Sent: Friday, July 25, 2008 9:27 PM
To: Smirnoff Alexander
Subject: Re: [rancid] clogin password

If the passwords are the same, then this should work. if it doesn't
ask for a username, one simply won't be given.

Post by Smirnoff Alexander
then router not ask username, without selecting all this routers int
.cloginrc?

--
gregory w zill, mba, cissp
Information Security Engineer
Managed Services Team
-----------------------------
Solutionary, Inc.
Making Security Manageable
v: 402-361-3066