davidw at certaintysolutions.com
Fri Dec 5 22:28:23 UTC 2003
Since we're getting excited about cool software, consider using conserver
(http://www.conserver.com) to manage your serial ports. I agree that
in-band access to network gear isn't ideal, and it would be really cool
if rancid would support connections via an intermediate device.
Given that conserver's interface is pretty simple, I suspect that *login
could be easily modified to utilize something like conserver (or direct
ssh to a serial port, as you suggest), but I haven't looked at it.
Perhaps this is something the user community could request for a future
OH yes...you're completely correct that rancid is a great tool...I don't
know what I'd do without it!
On Sat, Dec 06, 2003 at 08:17:14AM +1000, Andrew Pollock wrote:
> I stumbled upon RANCID the other day, and boy is it the bees knees. I've
> written something functionally similar (I haven't looked at RANCID's innards
> yet) but this looks pretty spiffy. We use what I've written to drag configs
> out of Cisco routers, switches and PIXes, and check them into CVS.
> One thing that we do is not allow telnet access to our switches. They're all
> connected to Cyclades console access servers, and my script SSHes to the
> Cyclades to get onto the console of the switch. Any thoughts on including
> the ability to connect to a device via an intermediate device?
> To my knowledge, you can't setup RSA/DSA key access to a port on a Cyclades,
> which is a bit of a bummer, and to work around the issues with trying to
> authenticate to the Cyclades and then authenticate to the device on the
> Cyclades' port, I've just disabled authentication on the port, so if you SSH
> to the port, you land immediately on the console of the switch, and are
> asked to authenticate to it. In an ideal world, it would be good to have
> port-based authentication switched on...
David Williamson | "Wine is light, held
Certainty Solutions, Inc. | together by water."
davidw at certaintysolutions.com | -Galileo
More information about the Rancid-discuss