[rancid] Re: Using privilege command enhancements for least privilege configuration

Lance rancid at gheek.net
Mon Jul 23 21:43:15 UTC 2007


Joshua,

Why not try this.

# add autoenable <router name glob> <1/0>
#       This is used if you are automatically enabled by the login
process.

# The prompt that will be expected will be a # as if you 
# were already in enable mode or privilege 15 when you login.
add autoenable cisco_router 1


# Expects a prompt as if you were privilege 0 or > as your prompt.
# this is the default setting.
add autoenable cisco_router 0

-Lance

> -------- Original Message --------
> Subject: [rancid] Using privilege command enhancements for least
> privilege configuration
> From: Joshua Sidwell <jsidwell at perisys.net>
> Date: Mon, July 23, 2007 11:00 am
> To: rancid-discuss at shrubbery.net
> 
> Hello all, has anyone tried to rewrite the rancid.in file to
> accommodate a
> custom privilege level that just allows the commands in rancid.in? Or
> is a
> rewrite not even necessary if when I logon using that account I am
> already
> in enable mode?<hr>_______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss



More information about the Rancid-discuss mailing list