afort at choqolat.org
Sun Nov 27 23:10:18 UTC 2005
> Thanks all your responces, sounds like, i guess, that i should just run a
> priv 15 user... might as well save user/passwords then too if somebody
> gains access to the rancid user they'll have the login/pass from cloginrc
> anyway and thats not even encrypted ;)
the recommended way is to use TAC+, and TAC+ command authori[sz]ation,
so the rancid user can't go to configuration mode. you may find the
tac_plus.conf stanza you need in the mailing list archives somewhere.
if not, the command list is in bin/rancid towards the end. keep in mind
you'll need "exit" in that list, also.
More information about the Rancid-discuss