can you use SecurID with rancid?
Colin Whittaker
colin.whittaker at heanet.ie
Tue May 10 07:33:57 UTC 2005
On Mon, May 09, 2005 at 08:23:01PM -0700, Mark Boolootian wrote:
> All good points, but where am I left if I want to protect my network
> gear with OTPs and still run rancid? It seems they are mutually
> incompatible. I can create a single instance of a reusable password to be
> used for rancid logins, but that doesn't improve the situation.
Hi Mark,
We use RSASecurIDs and Ciscos ACS TACACS+ software to do OTP passwords
for all of our networking device. Rancid uses a fixed password account
on ACS but is restricted to excuting only those commands it needs and as
soon as I get arround to it I will also use ACS to restrict where the
rancid user can login from.
Colin
--
Colin Whittaker colin.whittaker at heanet.ie Tel: +353 1 6609040
HEAnet NOC noc at heanet.ie iNOC-DBA: 1213*752
More information about the Rancid-discuss
mailing list