From phantox at gmail.com Thu Nov 1 17:11:48 2007 From: phantox at gmail.com (PhaNtoX) Date: Thu, 1 Nov 2007 12:11:48 -0500 Subject: [rancid] Dell Powerconnects Message-ID: Has anyone written a module to get rancid to work with the dell power connect switches? We have a few dozen 3400 5300 series we would like to get working. I can provide access to a switch if this would help someone. Unfortunately I can't program or I would do this myself Kevin -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071101/5d4348c1/attachment.html From rancid at gheek.net Thu Nov 1 17:46:12 2007 From: rancid at gheek.net (Lance) Date: Thu, 01 Nov 2007 10:46:12 -0700 Subject: [rancid] Re: Dell Powerconnects Message-ID: <20071101104612.8e114e4890519e5179c192e02d6bca26.f22b65fd09.wbe@email.secureserver.net> Kevin, is it a cisco like CLI? > -------- Original Message -------- > Subject: [rancid] Dell Powerconnects > From: PhaNtoX > Date: Thu, November 01, 2007 10:11 am > To: rancid-discuss at shrubbery.net > Has anyone written a module to get rancid to work with the dell power > connect switches? > We have a few dozen 3400 5300 series we would like to get working. I can > provide access to a switch if this would help someone. > Unfortunately I can't program or I would do this myself > Kevin

_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From phantox at gmail.com Thu Nov 1 20:22:42 2007 From: phantox at gmail.com (PhaNtoX) Date: Thu, 1 Nov 2007 15:22:42 -0500 Subject: [rancid] Fwd: Dell Powerconnects In-Reply-To: References: <20071101172518.GF22095@shrubbery.net> Message-ID: Just tried this and it doesn't seem to be working im getting this in my logs. Trying to get all of the configs. 172.16.10.161 dlogin error: Error: Connection Refused (ssh) 172.16.10.161: missed cmd(s): show version,show system,show running-config,show vlan,dir 0: found end 172.16.10.161: End of run not found ! ===================================== Look at the activity on the switch itself its getting a telnet connection for user unKnown my .cloginrc looks like this add autoenable 172.16.10.161 1 add user 172.16.10.161 admin add password 172.16.10.161 password my router.db looks like this 172.16.10.161:smc:up And yes this is a cisco like CLI -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071101/e5c5c62c/attachment.html From sharonabez at yahoo.com Fri Nov 2 09:19:20 2007 From: sharonabez at yahoo.com (abez sharon) Date: Fri, 2 Nov 2007 02:19:20 -0700 (PDT) Subject: [rancid] enable password usage in .cloginrc Message-ID: <832788.82122.qm@web33309.mail.mud.yahoo.com> Hi, Here is the .cloginrc file contents: >add user 192.168.1.1 tom >add userpassword 192.168.1.1 tom-password The 'rancid' user is used to execute the clogin command. the command used is 'clogin 192.168.1.1' It uses tom as the user name to connect and it also uses the tom-password to authenticate successfully. Then it executes the enable command, but is unable to find the password. Where and how can I specify the enable password in the .cloginrc file ? Thank You. Abez __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From gregoryzill at solutionary.com Fri Nov 2 12:37:20 2007 From: gregoryzill at solutionary.com (Gregory W Zill) Date: Fri, 02 Nov 2007 07:37:20 -0500 Subject: [rancid] remote cvs checkout Message-ID: <1194007040.14256.19.camel@oddjob> Can I configure a remote web server to checkout individual cisco configs in the rancid cvs for posting to a customer portal? Our rancid cvs contains both client and internal configs, so I would rather cvs checkout the individual client configs for storage under their specific portal on the remote web server. -- gregory w zill, mba, cissp Information Security Engineer Managed Devices Team ----------------------------- Solutionary, Inc. Making Security Manageable v: 402-361-3066 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071102/9861dad7/attachment.bin From rancid at gheek.net Fri Nov 2 14:24:43 2007 From: rancid at gheek.net (Lance) Date: Fri, 02 Nov 2007 07:24:43 -0700 Subject: [rancid] Re: Fwd: Dell Powerconnects Message-ID: <20071102072443.8e114e4890519e5179c192e02d6bca26.bb3beaea18.wbe@email.secureserver.net> It looks like ssh is denied or you have the wrong username/password. Make sure you can ssh with that username and password from the same machine you are running rancid from. -Lance > -------- Original Message -------- > Subject: [rancid] Fwd: Dell Powerconnects > From: PhaNtoX > Date: Thu, November 01, 2007 1:22 pm > To: rancid-discuss at shrubbery.net > Just tried this and it doesn't seem to be working im getting this in my > logs. > Trying to get all of the configs. > 172.16.10.161 dlogin error: Error: Connection Refused (ssh) > 172.16.10.161: missed cmd(s): show version,show system,show > running-config,show vlan,dir > 0: found end > 172.16.10.161: End of run not found > ! > ===================================== > Look at the activity on the switch itself its getting a telnet connection > for user unKnown > my .cloginrc looks like this > add autoenable 172.16.10.161 1 > add user 172.16.10.161 admin > add password 172.16.10.161 password > my router.db looks like this > 172.16.10.161:smc:up > And yes this is a cisco like CLI

_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From sharonabez at yahoo.com Fri Nov 2 15:00:17 2007 From: sharonabez at yahoo.com (abez sharon) Date: Fri, 2 Nov 2007 08:00:17 -0700 (PDT) Subject: [rancid] Re: enable password usage in .cloginrc In-Reply-To: <20071102072655.8e114e4890519e5179c192e02d6bca26.7e2f45eaaf.wbe@email.secureserver.net> Message-ID: <176856.9354.qm@web33312.mail.mud.yahoo.com> Hi Lance, When the .cloginrc file reads : >add user 192.168.20.16 tom >add userpassword 192.168.20.16 tom-password and I execute clogin 192.168.20.16, it outputs: Error in authentication. Error: Check your enable password. ( it fails the enable password authentication) When the .cloginrc file reads: >add user 192.168.20.16 tom >add userpassword 192.168.20.16 tom-password tom-enablepassword and I execute clogin 192.168.20.16, it outputs: Authentication failed. Error: Check your passwd for 192.168.20.16 ( it fails the first level authentication itself) Thanks ahead. --Abez --- Lance wrote: > There are examples of how to configure the .cloginrc > in the > .cloginrc.example file. > > but you are missing it after you regular password. > it should look like > this. > > add userpassword 192.168.1.1 tom-password > tom-enable > > -lance > > > -------- Original Message -------- > > Subject: [rancid] enable password usage in > .cloginrc > > From: abez sharon > > Date: Fri, November 02, 2007 2:19 am > > To: rancid-discuss at shrubbery.net > > Hi, > > Here is the .cloginrc file contents: > > >add user 192.168.1.1 tom > > >add userpassword 192.168.1.1 tom-password > > The 'rancid' user is used to execute the clogin > > command. > > the command used is 'clogin 192.168.1.1' > > It uses tom as the user name to connect and it > also > > uses the tom-password to authenticate > successfully. > > Then it executes the enable command, but is unable > to > > find the password. > > Where and how can I specify the enable password in > the > > .cloginrc file ? > > Thank You. > > Abez > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From phantox at gmail.com Fri Nov 2 15:25:28 2007 From: phantox at gmail.com (PhaNtoX) Date: Fri, 2 Nov 2007 10:25:28 -0500 Subject: [rancid] Re: Fwd: Dell Powerconnects In-Reply-To: <20071102072443.8e114e4890519e5179c192e02d6bca26.bb3beaea18.wbe@email.secureserver.net> References: <20071102072443.8e114e4890519e5179c192e02d6bca26.bb3beaea18.wbe@email.secureserver.net> Message-ID: Setup ssh on the switch, verifed I can ssh into the switch with the user and password from the rancid box. However when i try to manually kick off srancid or rancid-run im still getting on the switch. If i try kicking off flogin it connects fine however, I also modified srancid to try to use flogin vs hlogin that actually logs into the switch but fails to go anywhere else. Any other idea's "new ssh connection for user unKnown, source 172.16.10.160 (rancid box)" add autoenable 172.16.10.161 1 add method 172.16.10.161 ssh add user 172.16.10.161 admin add password 172.16.10.161 password On 11/2/07, Lance wrote: > > > It looks like ssh is denied or you have the wrong username/password. > Make sure you can ssh with that username and password from the same > machine you are running rancid from. > > -Lance > > > -------- Original Message -------- > > Subject: [rancid] Fwd: Dell Powerconnects > > From: PhaNtoX > > Date: Thu, November 01, 2007 1:22 pm > > To: rancid-discuss at shrubbery.net > > Just tried this and it doesn't seem to be working im getting this in my > > logs. > > Trying to get all of the configs. > > 172.16.10.161 dlogin error: Error: Connection Refused (ssh) > > 172.16.10.161: missed cmd(s): show version,show system,show > > running-config,show vlan,dir > > 0: found end > > 172.16.10.161: End of run not found > > ! > > ===================================== > > Look at the activity on the switch itself its getting a telnet > connection > > for user unKnown > > my .cloginrc looks like this > > add autoenable 172.16.10.161 1 > > add user 172.16.10.161 admin > > add password 172.16.10.161 password > > my router.db looks like this > > 172.16.10.161:smc:up > > And yes this is a cisco like > CLI

_______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071102/6b28b419/attachment.html From Brad.Fox at bdk.com Fri Nov 2 15:32:26 2007 From: Brad.Fox at bdk.com (Fox, Brad) Date: Fri, 2 Nov 2007 11:32:26 -0400 Subject: [rancid] Re: enable password usage in .cloginrc In-Reply-To: <176856.9354.qm@web33312.mail.mud.yahoo.com> References: <20071102072655.8e114e4890519e5179c192e02d6bca26.7e2f45eaaf.wbe@email.secureserver.net> <176856.9354.qm@web33312.mail.mud.yahoo.com> Message-ID: Abez, Try for TACACS+ add user username add password Password add autoenable 1 For non-TACACS+ add password User-PW Enable-PW add autoenable 0 If your password has any special characters such as $ put {} around the password as it treats the $ as a variable not as part of your password. Also the .cloginrc file is alpha-numeric sensative so make sure the device is not catching someone elses hostname in ./cloginrc Hope this helps Brad -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of abez sharon Sent: Friday, November 02, 2007 11:00 AM To: Lance Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: enable password usage in .cloginrc Hi Lance, When the .cloginrc file reads : >add user 192.168.20.16 tom >add userpassword 192.168.20.16 tom-password and I execute clogin 192.168.20.16, it outputs: Error in authentication. Error: Check your enable password. ( it fails the enable password authentication) When the .cloginrc file reads: >add user 192.168.20.16 tom >add userpassword 192.168.20.16 tom-password tom-enablepassword and I execute clogin 192.168.20.16, it outputs: Authentication failed. Error: Check your passwd for 192.168.20.16 ( it fails the first level authentication itself) Thanks ahead. --Abez --- Lance wrote: > There are examples of how to configure the .cloginrc > in the > .cloginrc.example file. > > but you are missing it after you regular password. > it should look like > this. > > add userpassword 192.168.1.1 tom-password > tom-enable > > -lance > > > -------- Original Message -------- > > Subject: [rancid] enable password usage in > .cloginrc > > From: abez sharon > > Date: Fri, November 02, 2007 2:19 am > > To: rancid-discuss at shrubbery.net > > Hi, > > Here is the .cloginrc file contents: > > >add user 192.168.1.1 tom > > >add userpassword 192.168.1.1 tom-password > > The 'rancid' user is used to execute the clogin > > command. > > the command used is 'clogin 192.168.1.1' > > It uses tom as the user name to connect and it > also > > uses the tom-password to authenticate > successfully. > > Then it executes the enable command, but is unable > to > > find the password. > > Where and how can I specify the enable password in > the > > .cloginrc file ? > > Thank You. > > Abez > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rancid at gheek.net Fri Nov 2 16:03:31 2007 From: rancid at gheek.net (Lance) Date: Fri, 02 Nov 2007 09:03:31 -0700 Subject: [rancid] Re: Fwd: Dell Powerconnects Message-ID: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> Login to the box via ssh tom at 172.16.10.161. After getting logged in enable. Then log off. Then use a login script to attempt to connect to the same box "172.16.10.161". Make sure to capture all the output from all of that then post back to the list and we might be able to help more. After this we can then try to debug if it is not clear enough...assuming the login script you are using supports the debug switch. -lance > -------- Original Message -------- > Subject: [rancid] Re: Fwd: Dell Powerconnects > From: PhaNtoX > Date: Fri, November 02, 2007 8:25 am > To: rancid-discuss at shrubbery.net > Setup ssh on the switch, verifed I can ssh into the switch with the user and > password from the rancid box. However when i try to manually kick off > srancid or rancid-run im still getting on the switch. If i try kicking off > flogin it connects fine however, I also modified srancid to try to use > flogin vs hlogin that actually logs into the switch but fails to go anywhere > else. Any other idea's > "new ssh connection for user unKnown, source 172.16.10.160 (rancid box)" > add autoenable 172.16.10.161 1 > add method 172.16.10.161 ssh > add user 172.16.10.161 admin > add password 172.16.10.161 password > On 11/2/07, Lance wrote: > > > > > > It looks like ssh is denied or you have the wrong username/password. > > Make sure you can ssh with that username and password from the same > > machine you are running rancid from. > > > > -Lance > > > > > -------- Original Message -------- > > > Subject: [rancid] Fwd: Dell Powerconnects > > > From: PhaNtoX > > > Date: Thu, November 01, 2007 1:22 pm > > > To: rancid-discuss at shrubbery.net > > > Just tried this and it doesn't seem to be working im getting this in my > > > logs. > > > Trying to get all of the configs. > > > 172.16.10.161 dlogin error: Error: Connection Refused (ssh) > > > 172.16.10.161: missed cmd(s): show version,show system,show > > > running-config,show vlan,dir > > > 0: found end > > > 172.16.10.161: End of run not found > > > ! > > > ===================================== > > > Look at the activity on the switch itself its getting a telnet > > connection > > > for user unKnown > > > my .cloginrc looks like this > > > add autoenable 172.16.10.161 1 > > > add user 172.16.10.161 admin > > > add password 172.16.10.161 password > > > my router.db looks like this > > > 172.16.10.161:smc:up > > > And yes this is a cisco like > > CLI

_______________________________________________ > > > Rancid-discuss mailing list > > > Rancid-discuss at shrubbery.net > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > >

_______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cgauthie at pcc.edu Fri Nov 2 17:12:57 2007 From: cgauthie at pcc.edu (Chris Gauthier) Date: Fri, 02 Nov 2007 10:12:57 -0700 Subject: [rancid] Re: Fwd: Dell Powerconnects In-Reply-To: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> References: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> Message-ID: <472B5A99.2040906@pcc.edu> A possibility that might be happening is that if, as I suspect, the switch is OEM'd from Foundry, that SSH is not fully implemented. That has been the case on some Foundry switches I have used. I do not know who the OEM for Dell's networking gear is, though. Chris Gauthier, CCNA, Network+, A+ Network Administration Team Portland Community College Portland, Oregon "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." --Leonardo da Vinci Lance wrote: > Login to the box via ssh tom at 172.16.10.161. After getting logged in > enable. Then log off. Then use a login script to attempt to connect to > the same box "172.16.10.161". Make sure to capture all the output from > all of that then post back to the list and we might be able to help > more. > > After this we can then try to debug if it is not clear enough...assuming > the login script you are using supports the debug switch. > > -lance > > >> -------- Original Message -------- >> Subject: [rancid] Re: Fwd: Dell Powerconnects >> From: PhaNtoX >> Date: Fri, November 02, 2007 8:25 am >> To: rancid-discuss at shrubbery.net >> Setup ssh on the switch, verifed I can ssh into the switch with the user and >> password from the rancid box. However when i try to manually kick off >> srancid or rancid-run im still getting on the switch. If i try kicking off >> flogin it connects fine however, I also modified srancid to try to use >> flogin vs hlogin that actually logs into the switch but fails to go anywhere >> else. Any other idea's >> "new ssh connection for user unKnown, source 172.16.10.160 (rancid box)" >> add autoenable 172.16.10.161 1 >> add method 172.16.10.161 ssh >> add user 172.16.10.161 admin >> add password 172.16.10.161 password >> On 11/2/07, Lance wrote: >> >>> It looks like ssh is denied or you have the wrong username/password. >>> Make sure you can ssh with that username and password from the same >>> machine you are running rancid from. >>> >>> -Lance >>> >>> >>>> -------- Original Message -------- >>>> Subject: [rancid] Fwd: Dell Powerconnects >>>> From: PhaNtoX >>>> Date: Thu, November 01, 2007 1:22 pm >>>> To: rancid-discuss at shrubbery.net >>>> Just tried this and it doesn't seem to be working im getting this in my >>>> logs. >>>> Trying to get all of the configs. >>>> 172.16.10.161 dlogin error: Error: Connection Refused (ssh) >>>> 172.16.10.161: missed cmd(s): show version,show system,show >>>> running-config,show vlan,dir >>>> 0: found end >>>> 172.16.10.161: End of run not found >>>> ! >>>> ===================================== >>>> Look at the activity on the switch itself its getting a telnet >>>> >>> connection >>> >>>> for user unKnown >>>> my .cloginrc looks like this >>>> add autoenable 172.16.10.161 1 >>>> add user 172.16.10.161 admin >>>> add password 172.16.10.161 password >>>> my router.db looks like this >>>> 172.16.10.161:smc:up >>>> And yes this is a cisco like >>>> >>> CLI

_______________________________________________ >>> >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>> >>>

_______________________________________________ >>> >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071102/88abba98/attachment.html From heas at shrubbery.net Fri Nov 2 17:51:15 2007 From: heas at shrubbery.net (john heasley) Date: Fri, 2 Nov 2007 10:51:15 -0700 Subject: [rancid] Re: Fwd: Dell Powerconnects In-Reply-To: <472B5A99.2040906@pcc.edu> References: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> <472B5A99.2040906@pcc.edu> Message-ID: <20071102175115.GC8105@shrubbery.net> right. the dells I've seen were actually SMC OEMs, but like *some* of the HP procurve series, this one appears that it may be a foundry. It is hard to say without seeing the config [and other output]. Fri, Nov 02, 2007 at 10:12:57AM -0700, Chris Gauthier: > A possibility that might be happening is that if, as I suspect, the > switch is OEM'd from Foundry, that SSH is not fully implemented. That > has been the case on some Foundry switches I have used. I do not know > who the OEM for Dell's networking gear is, though. > > Chris Gauthier, CCNA, Network+, A+ > Network Administration Team > Portland Community College > Portland, Oregon > > "For once you have tasted flight you will walk the earth with your eyes > turned skywards, for there you have been and there you will long to return." > --Leonardo da Vinci > > > > Lance wrote: > >Login to the box via ssh tom at 172.16.10.161. After getting logged in > >enable. Then log off. Then use a login script to attempt to connect to > >the same box "172.16.10.161". Make sure to capture all the output from > >all of that then post back to the list and we might be able to help > >more. > > > >After this we can then try to debug if it is not clear enough...assuming > >the login script you are using supports the debug switch. > > > >-lance > > > > > >>-------- Original Message -------- > >>Subject: [rancid] Re: Fwd: Dell Powerconnects > >>From: PhaNtoX > >>Date: Fri, November 02, 2007 8:25 am > >>To: rancid-discuss at shrubbery.net > >>Setup ssh on the switch, verifed I can ssh into the switch with the user > >>and > >>password from the rancid box. However when i try to manually kick off > >>srancid or rancid-run im still getting on the switch. If i try kicking off > >>flogin it connects fine however, I also modified srancid to try to use > >>flogin vs hlogin that actually logs into the switch but fails to go > >>anywhere > >>else. Any other idea's > >> "new ssh connection for user unKnown, source 172.16.10.160 (rancid box)" > >>add autoenable 172.16.10.161 1 > >>add method 172.16.10.161 ssh > >>add user 172.16.10.161 admin > >>add password 172.16.10.161 password > >>On 11/2/07, Lance wrote: > >> > >>>It looks like ssh is denied or you have the wrong username/password. > >>>Make sure you can ssh with that username and password from the same > >>>machine you are running rancid from. > >>> > >>>-Lance > >>> > >>> > >>>>-------- Original Message -------- > >>>>Subject: [rancid] Fwd: Dell Powerconnects > >>>>From: PhaNtoX > >>>>Date: Thu, November 01, 2007 1:22 pm > >>>>To: rancid-discuss at shrubbery.net > >>>>Just tried this and it doesn't seem to be working im getting this in my > >>>>logs. > >>>>Trying to get all of the configs. > >>>>172.16.10.161 dlogin error: Error: Connection Refused (ssh) > >>>>172.16.10.161: missed cmd(s): show version,show system,show > >>>>running-config,show vlan,dir > >>>>0: found end > >>>>172.16.10.161: End of run not found > >>>>! > >>>>===================================== > >>>>Look at the activity on the switch itself its getting a telnet > >>>> > >>>connection > >>> > >>>>for user unKnown > >>>>my .cloginrc looks like this > >>>>add autoenable 172.16.10.161 1 > >>>>add user 172.16.10.161 admin > >>>>add password 172.16.10.161 password > >>>>my router.db looks like this > >>>>172.16.10.161:smc:up > >>>>And yes this is a cisco like > >>>> > >>>CLI

_______________________________________________ > >>> > >>>>Rancid-discuss mailing list > >>>>Rancid-discuss at shrubbery.net > >>>>http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > >>>> > >>>

_______________________________________________ > >>> > >>Rancid-discuss mailing list > >>Rancid-discuss at shrubbery.net > >>http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > >> > > > >_______________________________________________ > >Rancid-discuss mailing list > >Rancid-discuss at shrubbery.net > >http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rdehbasteh at yahoo.com Sun Nov 4 11:10:52 2007 From: rdehbasteh at yahoo.com (roya dehbateh) Date: Sun, 4 Nov 2007 11:10:52 +0000 (GMT) Subject: [rancid] error no 4 Message-ID: <808997.68033.qm@web30906.mail.mud.yahoo.com> hi I;ve got stuck in a problem for awhile, could you help me? when I type " >> yum install .....(anything) this error is shown : cant find a valid baseurl for repo:extras couldnt retrieve mirrorlist http://mirror.fedoraproject.org/mirrorlist?repo=extras-6&arch=i386 error was Error No 4 . I dont know what should I do. Send instant messages to your online friends http://uk.messenger.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071104/bbbae19b/attachment.html From CBell at thig.com Mon Nov 5 12:15:45 2007 From: CBell at thig.com (Chris Bell) Date: Mon, 5 Nov 2007 07:15:45 -0500 Subject: [rancid] Error in logs after new install Message-ID: <5A7F36775DDD854CB1873E5F790C4D3709F5A043@mailhost.thig.com> Hello, I'm running Rancid 2.3.2a6 on Ubuntu LTS 7.04. This is a first time install for me and I've been able to fight my way through most of it (Linux is fairly new to me). I've got Rancid up and running, and it logs into the devices correctly (save one but I'll figure that out). It does not, however, write the configs to the /home/rancid/var/"mygroup"/configs/"device-ip" folder as expected. When I view the logs at /home/rancid/var/logs/, I get: cvs status: move away `10.1.0.32'; it is in the way cvs status: move away `10.1.0.33'; it is in the way etc... There are about 20 HP switches I have listed in the router.db. I've deleted the files and used rancid-run again, but it errors out the same way each time. When I view the CVS repository, there is no config. The directory and file name for the switch is there, but when checking "Head", it's blank :(. I know I'm missing something stupid but I can't figure out what it is. Permissions? I've done the chmod 600 /home/rancid/.cloginrc and chown: -R rancid:rancid /home/rancid. Thanks in advance for helping a newb. Christopher Bell Network Administrator Tower Hill Insurance Group 352-333-1734 ext 1734 CONFIDENTIAL NOTICE: This email including any attachments, contains confidential information belonging to the sender. It may also be privileged or otherwise protected by work product immunity or other legal rules. This information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or the taking of any action in reliance on the contents of this emailed information is strictly prohibited. If you have received this email in error, please immediately notify us by reply email of the error and then delete this email immediately. From gregoryzill at solutionary.com Mon Nov 5 14:40:16 2007 From: gregoryzill at solutionary.com (Gregory W Zill) Date: Mon, 05 Nov 2007 08:40:16 -0600 Subject: [rancid] log errors In-Reply-To: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> References: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> Message-ID: <1194273616.6084.21.camel@oddjob> I am consistently getting: /usr/local/rancid/bin/rename: *.new: No such file or directory for both successful *and* unsuccessful rancid-run's in the log file. Could this prevent a newly added router.db entry from succeeding? What file could I touch to eliminate this error? Thanks in advance. -- gregory w zill, mba, cissp Information Security Engineer Managed Devices Team ----------------------------- Solutionary, Inc. Making Security Manageable v: 402-361-3066 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071105/84a1c4df/attachment.bin From mashcraft at omniture.com Mon Nov 5 16:31:54 2007 From: mashcraft at omniture.com (Mike Ashcraft) Date: Mon, 5 Nov 2007 09:31:54 -0700 Subject: [rancid] Re: Error in logs after new install In-Reply-To: <5A7F36775DDD854CB1873E5F790C4D3709F5A043@mailhost.thig.com> References: <5A7F36775DDD854CB1873E5F790C4D3709F5A043@mailhost.thig.com> Message-ID: <45EB285310B55542A513F93230F0A5330271C631@EXCHANGE0.orm.omniture.com> Chris, This indicates that CVS does not think that /home/rancid/var/"mygroup"/configs/"device-ip" has the same origin as the copy in the repository. The easiest way to fix this is to remove this file and then run `cvs update` within the /home/rancid/var/"mygroup"/configs/ to check out the file. This will establish consistency with the repository. $ cd /home/rancid/var/"mygroup"/configs/ $ rm "device-ip" (repeat for all devices causing this error) $ cvs update If there are errors when running `cvs update` you will need to investigate and resolve these as well. To prevent problems like this, never move or delete files in the configs or CVS directories. Instead, modify the router.db file and let rancid manage these files. rancid will clean up configs for devices removed from the router.db file and create the appropriate files for new devices. Good luck, Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris Bell Sent: Monday, November 05, 2007 5:16 AM To: 'Rancid-discuss at shrubbery.net' Subject: [rancid] Error in logs after new install Hello, I'm running Rancid 2.3.2a6 on Ubuntu LTS 7.04. This is a first time install for me and I've been able to fight my way through most of it (Linux is fairly new to me). I've got Rancid up and running, and it logs into the devices correctly (save one but I'll figure that out). It does not, however, write the configs to the /home/rancid/var/"mygroup"/configs/"device-ip" folder as expected. When I view the logs at /home/rancid/var/logs/, I get: cvs status: move away `10.1.0.32'; it is in the way cvs status: move away `10.1.0.33'; it is in the way etc... There are about 20 HP switches I have listed in the router.db. I've deleted the files and used rancid-run again, but it errors out the same way each time. When I view the CVS repository, there is no config. The directory and file name for the switch is there, but when checking "Head", it's blank :(. I know I'm missing something stupid but I can't figure out what it is. Permissions? I've done the chmod 600 /home/rancid/.cloginrc and chown: -R rancid:rancid /home/rancid. Thanks in advance for helping a newb. Christopher Bell Network Administrator Tower Hill Insurance Group 352-333-1734 ext 1734 CONFIDENTIAL NOTICE: This email including any attachments, contains confidential information belonging to the sender. It may also be privileged or otherwise protected by work product immunity or other legal rules. This information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or the taking of any action in reliance on the contents of this emailed information is strictly prohibited. If you have received this email in error, please immediately notify us by reply email of the error and then delete this email immediately. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From cgauthie at pcc.edu Mon Nov 5 17:47:35 2007 From: cgauthie at pcc.edu (Chris Gauthier) Date: Mon, 05 Nov 2007 09:47:35 -0800 Subject: [rancid] Re: Fwd: Dell Powerconnects In-Reply-To: <20071102175115.GC8105@shrubbery.net> References: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> <472B5A99.2040906@pcc.edu> <20071102175115.GC8105@shrubbery.net> Message-ID: <472F5737.9050600@pcc.edu> Yes, some of the HP Procurve line IS actually OEM'd by Foundry, though a recent conversation at the recent Angelbeat conference enlightened me to the fact that HP is now making all of their own stuff. Chris john heasley wrote: > right. the dells I've seen were actually SMC OEMs, but like *some* of the > HP procurve series, this one appears that it may be a foundry. It is hard > to say without seeing the config [and other output]. > > Fri, Nov 02, 2007 at 10:12:57AM -0700, Chris Gauthier: > >> A possibility that might be happening is that if, as I suspect, the >> switch is OEM'd from Foundry, that SSH is not fully implemented. That >> has been the case on some Foundry switches I have used. I do not know >> who the OEM for Dell's networking gear is, though. >> >> Chris Gauthier, CCNA, Network+, A+ >> Network Administration Team >> Portland Community College >> Portland, Oregon >> >> "For once you have tasted flight you will walk the earth with your eyes >> turned skywards, for there you have been and there you will long to return." >> --Leonardo da Vinci >> >> >> >> Lance wrote: >> >>> Login to the box via ssh tom at 172.16.10.161. After getting logged in >>> enable. Then log off. Then use a login script to attempt to connect to >>> the same box "172.16.10.161". Make sure to capture all the output from >>> all of that then post back to the list and we might be able to help >>> more. >>> >>> After this we can then try to debug if it is not clear enough...assuming >>> the login script you are using supports the debug switch. >>> >>> -lance >>> >>> >>> >>>> -------- Original Message -------- >>>> Subject: [rancid] Re: Fwd: Dell Powerconnects >>>> From: PhaNtoX >>>> Date: Fri, November 02, 2007 8:25 am >>>> To: rancid-discuss at shrubbery.net >>>> Setup ssh on the switch, verifed I can ssh into the switch with the user >>>> and >>>> password from the rancid box. However when i try to manually kick off >>>> srancid or rancid-run im still getting on the switch. If i try kicking off >>>> flogin it connects fine however, I also modified srancid to try to use >>>> flogin vs hlogin that actually logs into the switch but fails to go >>>> anywhere >>>> else. Any other idea's >>>> "new ssh connection for user unKnown, source 172.16.10.160 (rancid box)" >>>> add autoenable 172.16.10.161 1 >>>> add method 172.16.10.161 ssh >>>> add user 172.16.10.161 admin >>>> add password 172.16.10.161 password >>>> On 11/2/07, Lance wrote: >>>> >>>> >>>>> It looks like ssh is denied or you have the wrong username/password. >>>>> Make sure you can ssh with that username and password from the same >>>>> machine you are running rancid from. >>>>> >>>>> -Lance >>>>> >>>>> >>>>> >>>>>> -------- Original Message -------- >>>>>> Subject: [rancid] Fwd: Dell Powerconnects >>>>>> From: PhaNtoX >>>>>> Date: Thu, November 01, 2007 1:22 pm >>>>>> To: rancid-discuss at shrubbery.net >>>>>> Just tried this and it doesn't seem to be working im getting this in my >>>>>> logs. >>>>>> Trying to get all of the configs. >>>>>> 172.16.10.161 dlogin error: Error: Connection Refused (ssh) >>>>>> 172.16.10.161: missed cmd(s): show version,show system,show >>>>>> running-config,show vlan,dir >>>>>> 0: found end >>>>>> 172.16.10.161: End of run not found >>>>>> ! >>>>>> ===================================== >>>>>> Look at the activity on the switch itself its getting a telnet >>>>>> >>>>>> >>>>> connection >>>>> >>>>> >>>>>> for user unKnown >>>>>> my .cloginrc looks like this >>>>>> add autoenable 172.16.10.161 1 >>>>>> add user 172.16.10.161 admin >>>>>> add password 172.16.10.161 password >>>>>> my router.db looks like this >>>>>> 172.16.10.161:smc:up >>>>>> And yes this is a cisco like >>>>>> >>>>>> >>>>> CLI

_______________________________________________ >>>>> >>>>> >>>>>> Rancid-discuss mailing list >>>>>> Rancid-discuss at shrubbery.net >>>>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>>>> >>>>>> >>>>>

_______________________________________________ >>>>> >>>>> >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>>> >>>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >>> >>> > > >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- Chris Gauthier, CCNA, Network+, A+ Network Administration Team Portland Community College Portland, Oregon "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." --Leonardo da Vinci -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071105/7ba1cbd8/attachment.html From heas at shrubbery.net Mon Nov 5 18:05:11 2007 From: heas at shrubbery.net (john heasley) Date: Mon, 5 Nov 2007 10:05:11 -0800 Subject: [rancid] Re: Fwd: Dell Powerconnects In-Reply-To: <472F5737.9050600@pcc.edu> References: <20071102090331.8e114e4890519e5179c192e02d6bca26.055e02f911.wbe@email.secureserver.net> <472B5A99.2040906@pcc.edu> <20071102175115.GC8105@shrubbery.net> <472F5737.9050600@pcc.edu> Message-ID: <20071105180511.GH14959@shrubbery.net> Mon, Nov 05, 2007 at 09:47:35AM -0800, Chris Gauthier: > Yes, some of the HP Procurve line IS actually OEM'd by Foundry, though a > recent conversation at the recent Angelbeat conference enlightened me to > the fact that HP is now making all of their own stuff. So, which is worse, hp or foundry? From rob at techniumcast.com Tue Nov 6 09:43:02 2007 From: rob at techniumcast.com (Rob Shepherd) Date: Tue, 06 Nov 2007 09:43:02 +0000 Subject: [rancid] DEVEL: FWSM and Vyatta support Message-ID: <47303726.9020701@techniumcast.com> Dear Rancid users, I'd like to tackle the much talked of support for FWSM multi-context configurations. I'll also try and add support for vyatta OFR PC-Based routers. I have one of these now. So far, impressed and happy with it. I'm unfamiliar with the architecture of rancid and I'm not a perl programmer, but I am a competant developer. Thus i'll need just a bit of handholding to begin with. If anybody has drawn up any ideas thus far, i'd happily start there, as I have not made a start. I will try for dynamic retreival of FWSM contexts, but I'd be happy ending up just doing a static context list(i.e. with a prepoulated list of context somehow - I don't add contexts very often). CAST your votes now..... 1. Could somebody tell me if there is a CVS server for development of rancid 2. Could somebody hint at which version to devel from. should I apply any of the patches available from the main site (I don't know what they do) 3. Please can somebody who has familiarity maybe take some timeout to point out the hunks of code that will need touching 4. Is anybody out there willing to test either of the proposed systems. As for vyatta devices, this just uses an unix SSH connection, to a custom login shell. Attached is sample output for a config retrieval. I can't imagine why I couldn't add support for this.... if somebody can cast an knowledgeable eye and point out any problems before I begin, I would appreciate it. As usual, anything which will help me is greatly appreicated. Cheers Rob -- Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd Technium CAST | LL57 4HJ | http://www.techniumcast.com rob at techniumcast.com | 01248 675024 | 077988 72480 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071106/1ca23f05/attachment.html From gregoryzill at solutionary.com Tue Nov 6 16:51:06 2007 From: gregoryzill at solutionary.com (Gregory W Zill) Date: Tue, 06 Nov 2007 10:51:06 -0600 Subject: [rancid] manual config adds Message-ID: <1194367866.9187.110.camel@oddjob> Can I manually add some one-off systems into the rancid CVS? A linux iptables config, or some DNS zone files, or other process config files for example? Using some CVS UPDATE commands I imagine, but then some manual tickling of the rancid stuff to update the versioning since rancid itself won't be talking to these one-off devices. Sorry I am such a CVS noob. Any thoughts appreciated. -- gregory w zill, mba, cissp Information Security Engineer Managed Devices Team ----------------------------- Solutionary, Inc. Making Security Manageable v: 402-361-3066 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071106/b6bc1d97/attachment.bin From mashcraft at omniture.com Tue Nov 6 17:57:13 2007 From: mashcraft at omniture.com (Mike Ashcraft) Date: Tue, 6 Nov 2007 10:57:13 -0700 Subject: [rancid] Re: manual config adds In-Reply-To: <1194367866.9187.110.camel@oddjob> References: <1194367866.9187.110.camel@oddjob> Message-ID: <45EB285310B55542A513F93230F0A5330294AC3A@EXCHANGE0.orm.omniture.com> The short answer is "yes". The F5 BigIP support I hacked could be easily modified to pull these items from a linux server via ssh by just changing the command list and using the ConfFile function to process the output. For example: ('iptables -L' => 'ConfFile'), ('cat /var/named/somedomain.db' => 'ConfFile'). This would require a custom device type and custom rancid script for each but would give you the Rancid automation you may be looking for. I would recommend a more standard implementation but it would require learning CVS: You can create a new project in your CVS repository and manually check files in/out of this project as you mentioned. This is really a CVS question so I recommend you go to the CVS documentation for details on setting this up. There is also a great CVS quick reference card available in pdf format. You can 'cheat' a little by using rancid-cvs to setup your project and sourcing rancid.conf to setup your environment but not understanding what these do could limit your abilities to expand the scope. Once you have the project setup, you can schedule a cron jobs on the server where the iptables, zone files etc, live that checks the current versions into the CVS repository over the network. If you follow the CVS model for your zone files, you would edit and test them in a sandbox (test server), check them in to CVS and then check them out on the live server as your deployment method. Good luck, Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Gregory W Zill Sent: Tuesday, November 06, 2007 9:51 AM To: rancid-discuss Subject: [rancid] manual config adds Can I manually add some one-off systems into the rancid CVS? A linux iptables config, or some DNS zone files, or other process config files for example? Using some CVS UPDATE commands I imagine, but then some manual tickling of the rancid stuff to update the versioning since rancid itself won't be talking to these one-off devices. Sorry I am such a CVS noob. Any thoughts appreciated. -- gregory w zill, mba, cissp Information Security Engineer Managed Devices Team ----------------------------- Solutionary, Inc. Making Security Manageable v: 402-361-3066 From thecomputerking at gmail.com Mon Nov 5 16:19:21 2007 From: thecomputerking at gmail.com (Riley Tompkins) Date: Mon, 5 Nov 2007 11:19:21 -0500 Subject: [rancid] Re: Error in logs after new install In-Reply-To: <5A7F36775DDD854CB1873E5F790C4D3709F5A043@mailhost.thig.com> References: <5A7F36775DDD854CB1873E5F790C4D3709F5A043@mailhost.thig.com> Message-ID: <337a72540711050819l41fd831fr718de4473e38afc7@mail.gmail.com> Maybe the archives can help? http://www.shrubbery.net/pipermail/rancid-discuss/2007-August/002446.html "I fixed my issue. I deleted all config files in my repository and did cvs update. Then run rancid-run fresh and it created new version entry and things are well now." I am a SVN man myself... Regards, -Charles On 11/5/07, Chris Bell wrote: > Hello, > > I'm running Rancid 2.3.2a6 on Ubuntu LTS 7.04. This is a first time install > for me and I've been able to fight my way through most of it (Linux is > fairly new to me). I've got Rancid up and running, and it logs into the > devices correctly (save one but I'll figure that out). > > It does not, however, write the configs to the > /home/rancid/var/"mygroup"/configs/"device-ip" folder as expected. When I > view the logs at /home/rancid/var/logs/, I get: > > cvs status: move away `10.1.0.32'; it is in the way > cvs status: move away `10.1.0.33'; it is in the way > etc... > > There are about 20 HP switches I have listed in the router.db. I've deleted > the files and used rancid-run again, but it errors out the same way each > time. When I view the CVS repository, there is no config. The directory > and file name for the switch is there, but when checking "Head", it's blank > :(. > > I know I'm missing something stupid but I can't figure out what it is. > Permissions? I've done the chmod 600 /home/rancid/.cloginrc and chown: -R > rancid:rancid /home/rancid. > > Thanks in advance for helping a newb. > > Christopher Bell > Network Administrator > Tower Hill Insurance Group > 352-333-1734 > ext 1734 > > > > > CONFIDENTIAL NOTICE: This email including any attachments, contains > confidential information belonging to the sender. It may also be > privileged or otherwise protected by work product immunity or other > legal rules. This information is intended only for the use of the > individual or entity named above. If you are not the intended > recipient, you are hereby notified that any disclosure, copying, > distribution or the taking of any action in reliance on the contents > of this emailed information is strictly prohibited. If you have > received this email in error, please immediately notify us by > reply email of the error and then delete this email immediately. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From djrobertsonusa at netscape.net Fri Nov 9 00:31:46 2007 From: djrobertsonusa at netscape.net (djrobertsonusa at netscape.net) Date: Thu, 08 Nov 2007 19:31:46 -0500 Subject: [rancid] Installation issues Message-ID: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> I am trying to install Rancid onto a Ubuntu 7.10 client system. I guess my first question is, is this system supported?? If yes then I cannot understand why I am getting the following error. I followed the installation instructions listed at this URL http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid Everything went well until I got to the step? ./configure --prefix=/usr/local/rancid/ I then get this error and cannot go forward ------------------------------------------------------------------------------------------------------------- root at laptop:/usr/local/rancid/tar/rancid-2.3.2a2# ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for gawk... gawk checking whether make sets $(MAKE)... yes checking for gmake... no checking for make... /usr/bin/make checking whether /usr/bin/make sets $(MAKE)... yes checking for gcc... gcc checking for C compiler default output file name... configure: error: C compiler cannot create executables See `config.log' for more details. --------------------------------------------------------------------------------------------------------------- I have attached the config.log file. When I look through it it does not present any clues to the issue. Please help Thanks ________________________________________________________________________ Check Out the new free AIM(R) Mail -- Unlimited storage and industry-leading spam and email virus protection. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071108/62ca3ada/attachment.html -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: Rancid-config.log.txt Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071108/62ca3ada/attachment.txt From joaje at dongenergy.dk Fri Nov 9 09:46:51 2007 From: joaje at dongenergy.dk (Joachim Jerberg Jensen) Date: Fri, 9 Nov 2007 10:46:51 +0100 Subject: [rancid] clogin on extreme X450 In-Reply-To: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> Message-ID: <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> Hi, I have problems with doing clogin into extreme X450 switches doing TACACS authentication. ExtremeXOS version 11.6.3.5 When I login it get following: [rancid at ns1 ~]$ clogin 10.2.0.31 10.2.0.31 spawn telnet 10.2.0.31 Trying 10.2.0.31... Connected to 10.2.0.31 Escape character is '^]'. telnet session telnet0 on /dev/ptyb0 login: rancid password: Login incorrect login: mypassword password: Login incorrect login: mypassword password: Login incorrect Maximum number of login attempts reached! Connection closed by foreign host. My .cloginrc file: ############## add autoenable * {1} add user * {rancid} add password * {mypassword} #add userprompt * {"login:"} #add passprompt * {"password:"} ############## It seems like it doesn't apply the password after the login, but applies the password as username instead.. I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem... I can login manually with login and password with no problem. Anyone have a hint? Best regards Joachim Jerberg Jensen From joaje at dongenergy.dk Fri Nov 9 10:45:44 2007 From: joaje at dongenergy.dk (Joachim Jerberg Jensen) Date: Fri, 9 Nov 2007 11:45:44 +0100 Subject: [rancid] Re: clogin on extreme X450 In-Reply-To: <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> Message-ID: <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> Hey, With a hint from a friend on the list, I made it work. Jlogin works like a charm :) /Joachim Jerberg Jensen -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Joachim Jerberg Jensen Sent: Friday, November 09, 2007 10:47 AM To: rancid-discuss at shrubbery.net Subject: [rancid] clogin on extreme X450 Hi, I have problems with doing clogin into extreme X450 switches doing TACACS authentication. ExtremeXOS version 11.6.3.5 When I login it get following: [rancid at ns1 ~]$ clogin 10.2.0.31 10.2.0.31 spawn telnet 10.2.0.31 Trying 10.2.0.31... Connected to 10.2.0.31 Escape character is '^]'. telnet session telnet0 on /dev/ptyb0 login: rancid password: Login incorrect login: mypassword password: Login incorrect login: mypassword password: Login incorrect Maximum number of login attempts reached! Connection closed by foreign host. My .cloginrc file: ############## add autoenable * {1} add user * {rancid} add password * {mypassword} #add userprompt * {"login:"} #add passprompt * {"password:"} ############## It seems like it doesn't apply the password after the login, but applies the password as username instead.. I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem... I can login manually with login and password with no problem. Anyone have a hint? Best regards Joachim Jerberg Jensen _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From gregoryzill at solutionary.com Fri Nov 9 13:45:11 2007 From: gregoryzill at solutionary.com (Gregory W Zill) Date: Fri, 09 Nov 2007 07:45:11 -0600 Subject: [rancid] Re: Installation issues In-Reply-To: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> Message-ID: <1194615912.6699.46.camel@oddjob.corp.solutionary.com> "sudo apt-get install g++" On Thu, 2007-11-08 at 19:31 -0500, djrobertsonusa at netscape.net wrote: > I am trying to install Rancid onto a Ubuntu 7.10 client system. I > guess my first question is, is this system supported?? > checking for gcc... gcc > checking for C compiler default output file name... configure: error: > C compiler cannot create executables -- gregory w zill, mba, cissp Information Security Engineer Managed Devices Team ----------------------------- Solutionary, Inc. Making Security Manageable v: 402-361-3066 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071109/1a74c1c9/attachment.bin From juancarloshuerta at gmail.com Mon Nov 12 19:56:56 2007 From: juancarloshuerta at gmail.com (Juan Carlos Huerta) Date: Mon, 12 Nov 2007 13:56:56 -0600 Subject: [rancid] Blogin support for Nortel 5520 Message-ID: <60e5bf4c0711121156h79832f2k755ed8504be211d5@mail.gmail.com> Hi all, Is there any support with blogin to Nortel siwtches with UI? (in my case 5520). I want to connect to it using blogin, but the problem is that when I try to ssh my switch it shows an UI (Press Ctrl+Y, use arrow keys, etc) Any idea how to do that with blogin? Thanks! -- Juan Carlos -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071112/daaf457a/attachment.html From danm at prime.gushi.org Tue Nov 13 22:38:48 2007 From: danm at prime.gushi.org (Dan Mahoney, System Admin) Date: Tue, 13 Nov 2007 17:38:48 -0500 (EST) Subject: [rancid] Required .cloginrc file? Message-ID: <20071113173639.G76536@prime.gushi.org> Hello all, Is there a command line switch that will disable the need to have a .cloginrc file? I'm using clogin to do maintenance tasks and it's being fed by a sql database, but the uid the code is running as has a nonexistent home dierctory (I could change this, don't see why I should need it). All my options come from the command line. -Dan Mahoney -- --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --------------------------- From heas at shrubbery.net Tue Nov 13 22:59:32 2007 From: heas at shrubbery.net (john heasley) Date: Tue, 13 Nov 2007 14:59:32 -0800 Subject: [rancid] Re: Required .cloginrc file? In-Reply-To: <20071113173639.G76536@prime.gushi.org> References: <20071113173639.G76536@prime.gushi.org> Message-ID: <20071113225932.GA20650@shrubbery.net> clogin -f /dev/null ? Tue, Nov 13, 2007 at 05:38:48PM -0500, Dan Mahoney, System Admin: > Hello all, > > Is there a command line switch that will disable the need to have a > .cloginrc file? > > I'm using clogin to do maintenance tasks and it's being fed by a sql > database, but the uid the code is running as has a nonexistent home > dierctory (I could change this, don't see why I should need it). All my > options come from the command line. > > -Dan Mahoney > > -- > > --------Dan Mahoney-------- > Techie, Sysadmin, WebGeek > Gushi on efnet/undernet IRC > ICQ: 13735144 AIM: LarpGM > Site: http://www.gushi.org > --------------------------- > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From danm at prime.gushi.org Tue Nov 13 23:29:22 2007 From: danm at prime.gushi.org (Dan Mahoney, System Admin) Date: Tue, 13 Nov 2007 18:29:22 -0500 (EST) Subject: [rancid] Re: Required .cloginrc file? In-Reply-To: <20071113225932.GA20650@shrubbery.net> References: <20071113173639.G76536@prime.gushi.org> <20071113225932.GA20650@shrubbery.net> Message-ID: On Tue, 13 Nov 2007, john heasley wrote: > clogin -f /dev/null ? Error: /dev/null must not be world readable/writable -Dan > > Tue, Nov 13, 2007 at 05:38:48PM -0500, Dan Mahoney, System Admin: >> Hello all, >> >> Is there a command line switch that will disable the need to have a >> .cloginrc file? >> >> I'm using clogin to do maintenance tasks and it's being fed by a sql >> database, but the uid the code is running as has a nonexistent home >> dierctory (I could change this, don't see why I should need it). All my >> options come from the command line. >> >> -Dan Mahoney >> >> -- >> >> --------Dan Mahoney-------- >> Techie, Sysadmin, WebGeek >> Gushi on efnet/undernet IRC >> ICQ: 13735144 AIM: LarpGM >> Site: http://www.gushi.org >> --------------------------- >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- "Little tramp sits in her room all day, sewing dolls! Children misbehaving in the basement, and one in the walls, doing his business God knows where! You children will be the death of me, *sniff*." 'Mommy', The People Under The Stairs --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --------------------------- From heas at shrubbery.net Wed Nov 14 01:35:22 2007 From: heas at shrubbery.net (john heasley) Date: Tue, 13 Nov 2007 17:35:22 -0800 Subject: [rancid] Re: Required .cloginrc file? In-Reply-To: References: <20071113173639.G76536@prime.gushi.org> <20071113225932.GA20650@shrubbery.net> Message-ID: <20071114013522.GT20650@shrubbery.net> Tue, Nov 13, 2007 at 06:29:22PM -0500, Dan Mahoney, System Admin: > On Tue, 13 Nov 2007, john heasley wrote: > > >clogin -f /dev/null ? > > Error: /dev/null must not be world readable/writable oh, right. sorry. create an empty file, the reading of it will have to be changed in the script. > -Dan > > > > >Tue, Nov 13, 2007 at 05:38:48PM -0500, Dan Mahoney, System Admin: > >>Hello all, > >> > >>Is there a command line switch that will disable the need to have a > >>.cloginrc file? > >> > >>I'm using clogin to do maintenance tasks and it's being fed by a sql > >>database, but the uid the code is running as has a nonexistent home > >>dierctory (I could change this, don't see why I should need it). All my > >>options come from the command line. > >> > >>-Dan Mahoney > >> > >>-- > >> > >>--------Dan Mahoney-------- > >>Techie, Sysadmin, WebGeek > >>Gushi on efnet/undernet IRC > >>ICQ: 13735144 AIM: LarpGM > >>Site: http://www.gushi.org > >>--------------------------- > >> > >>_______________________________________________ > >>Rancid-discuss mailing list > >>Rancid-discuss at shrubbery.net > >>http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > -- > > "Little tramp sits in her room all day, sewing dolls! Children > misbehaving in the basement, and one in the walls, doing his business God > knows where! You children will be the death of me, *sniff*." > > 'Mommy', The People Under The Stairs > > > --------Dan Mahoney-------- > Techie, Sysadmin, WebGeek > Gushi on efnet/undernet IRC > ICQ: 13735144 AIM: LarpGM > Site: http://www.gushi.org > --------------------------- From cmoody at qualcomm.com Wed Nov 14 01:40:58 2007 From: cmoody at qualcomm.com (Chris Moody) Date: Tue, 13 Nov 2007 17:40:58 -0800 Subject: [rancid] Re: Required .cloginrc file? In-Reply-To: <20071114013522.GT20650@shrubbery.net> References: <20071113173639.G76536@prime.gushi.org> <20071113225932.GA20650@shrubbery.net> <20071114013522.GT20650@shrubbery.net> Message-ID: <473A522A.7020305@qualcomm.com> I have a routine rebuild the .cloginrc file based on what I'm storing in the DB. -Chris john heasley wrote: > Tue, Nov 13, 2007 at 06:29:22PM -0500, Dan Mahoney, System Admin: >> On Tue, 13 Nov 2007, john heasley wrote: >> >>> clogin -f /dev/null ? >> Error: /dev/null must not be world readable/writable > > oh, right. sorry. create an empty file, the reading of it will have to > be changed in the script. > >> -Dan >> >>> Tue, Nov 13, 2007 at 05:38:48PM -0500, Dan Mahoney, System Admin: >>>> Hello all, >>>> >>>> Is there a command line switch that will disable the need to have a >>>> .cloginrc file? >>>> >>>> I'm using clogin to do maintenance tasks and it's being fed by a sql >>>> database, but the uid the code is running as has a nonexistent home >>>> dierctory (I could change this, don't see why I should need it). All my >>>> options come from the command line. >>>> >>>> -Dan Mahoney >>>> >>>> -- >>>> >>>> --------Dan Mahoney-------- >>>> Techie, Sysadmin, WebGeek >>>> Gushi on efnet/undernet IRC >>>> ICQ: 13735144 AIM: LarpGM >>>> Site: http://www.gushi.org >>>> --------------------------- >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> -- >> >> "Little tramp sits in her room all day, sewing dolls! Children >> misbehaving in the basement, and one in the walls, doing his business God >> knows where! You children will be the death of me, *sniff*." >> >> 'Mommy', The People Under The Stairs >> >> >> --------Dan Mahoney-------- >> Techie, Sysadmin, WebGeek >> Gushi on efnet/undernet IRC >> ICQ: 13735144 AIM: LarpGM >> Site: http://www.gushi.org >> --------------------------- > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > From juancarloshuerta at gmail.com Wed Nov 14 02:21:34 2007 From: juancarloshuerta at gmail.com (Juan Carlos Huerta) Date: Tue, 13 Nov 2007 20:21:34 -0600 Subject: [rancid] Re: Blogin support for Nortel 5520 In-Reply-To: <20071114015205.GX20650@shrubbery.net> References: <60e5bf4c0711121156h79832f2k755ed8504be211d5@mail.gmail.com> <20071114015205.GX20650@shrubbery.net> Message-ID: <60e5bf4c0711131821o642f40bcj1333aa7ecef9b607@mail.gmail.com> I'm working in a little modification to blogin to support this, I'll let you know any update. On Nov 13, 2007 7:52 PM, john heasley wrote: > Mon, Nov 12, 2007 at 01:56:56PM -0600, Juan Carlos Huerta: > > Hi all, > > > > Is there any support with blogin to Nortel siwtches with UI? (in my case > > 5520). I want to connect to it using blogin, but the problem is that > when I > > try to ssh my switch it shows an UI (Press Ctrl+Y, use arrow keys, etc) > > sorry, such UIs are not supported. > -- Juan Carlos -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071113/dcd21e76/attachment.html From heas at shrubbery.net Wed Nov 14 17:03:08 2007 From: heas at shrubbery.net (john heasley) Date: Wed, 14 Nov 2007 09:03:08 -0800 Subject: [rancid] Re: clogin on extreme X450 In-Reply-To: <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> Message-ID: <20071114170308.GC15223@shrubbery.net> I do not see why clogin would not have worked, unless you have a rogue userpassword else where in your cloginrc. you can add "exp_internal 1" just before the main loop to see what it is doing. Fri, Nov 09, 2007 at 11:45:44AM +0100, Joachim Jerberg Jensen: > Hey, > > With a hint from a friend on the list, I made it work. > Jlogin works like a charm :) > > /Joachim Jerberg Jensen > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Joachim Jerberg Jensen > Sent: Friday, November 09, 2007 10:47 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] clogin on extreme X450 > > Hi, > > I have problems with doing clogin into extreme X450 switches doing TACACS authentication. ExtremeXOS version 11.6.3.5 > > When I login it get following: > > [rancid at ns1 ~]$ clogin 10.2.0.31 > 10.2.0.31 > spawn telnet 10.2.0.31 > Trying 10.2.0.31... > Connected to 10.2.0.31 > Escape character is '^]'. > > telnet session telnet0 on /dev/ptyb0 > > login: rancid > password: > > Login incorrect > login: mypassword > password: > > Login incorrect > login: mypassword > password: > > Login incorrect > Maximum number of login attempts reached! > Connection closed by foreign host. > > My .cloginrc file: > > ############## > add autoenable * {1} > add user * {rancid} > add password * {mypassword} > > #add userprompt * {"login:"} > #add passprompt * {"password:"} > ############## > > It seems like it doesn't apply the password after the login, but applies the password as username instead.. > I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem... > > I can login manually with login and password with no problem. > > Anyone have a hint? > > Best regards > Joachim Jerberg Jensen > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rob at techniumcast.com Wed Nov 14 17:31:07 2007 From: rob at techniumcast.com (Rob Shepherd) Date: Wed, 14 Nov 2007 17:31:07 +0000 Subject: [rancid] DEVEL: FWSM and Vyatta support [2] Message-ID: <473B30DB.7090106@techniumcast.com> [ Copy of msg sent 06/11/2007 0943 GMT ] [ I've had no responses but I'm still keen to progress this ] [ Anybody with any thoughts please speak now ] [ Original follows ] Dear Rancid users, I'd like to tackle the much talked of support for FWSM multi-context configurations. I'll also try and add support for vyatta OFR PC-Based routers. I have one of these now. So far, impressed and happy with it. I'm unfamiliar with the architecture of rancid and I'm not a perl programmer, but I am a competant developer. Thus i'll need just a bit of handholding to begin with. If anybody has drawn up any ideas thus far, i'd happily start there, as I have not made a start. I will try for dynamic retreival of FWSM contexts, but I'd be happy ending up just doing a static context list(i.e. with a prepoulated list of context somehow - I don't add contexts very often). CAST your votes now..... 1. Could somebody tell me if there is a CVS server for development of rancid 2. Could somebody hint at which version to devel from. should I apply any of the patches available from the main site (I don't know what they do) 3. Please can somebody who has familiarity maybe take some timeout to point out the hunks of code that will need touching 4. Is anybody out there willing to test either of the proposed systems. As for vyatta devices, this just uses an unix SSH connection, to a custom login shell. Attached is sample output for a config retrieval. I can't imagine why I couldn't add support for this.... if somebody can cast an knowledgeable eye and point out any problems before I begin, I would appreciate it. As usual, anything which will help me is greatly appreicated. Cheers Rob -- Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd Technium CAST | LL57 4HJ | http://www.techniumcast.com rob at techniumcast.com | 01248 675024 | 077988 72480 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071114/d315d6f8/attachment.html From heas at shrubbery.net Wed Nov 14 17:45:01 2007 From: heas at shrubbery.net (john heasley) Date: Wed, 14 Nov 2007 09:45:01 -0800 Subject: [rancid] Re: Rancid without radius In-Reply-To: <200710051148.00114.wmuriithi@iwayafrica.com> References: <200710051148.00114.wmuriithi@iwayafrica.com> Message-ID: <20071114174501.GI15223@shrubbery.net> Fri, Oct 05, 2007 at 11:48:00AM +0300, William Muriithi: > Hallo pals, > > I have a quick question that I don't seem to find answer from google search. > We have issues setting up radius such that if radius is unavailable, the NAS > can fall back to the local account. Yeah yeah, the last option in aaa command > should be local, but for some reason, its not working. This mean we are > still using local accounts > > Now, I am attempting to backup a pix device. The backup account is local and > with enable 5 rights. The network guys have decided its not wise to give this > account enable 15 access. > > The problem is, I am not able to have rancid log in to the pix device with > enable 5 permission. Is anyone aware of how to achieve this? I would be > grateful for any pointer? My guess would be that level 5 changes the prompt to '#', which clogin will believe is already enabled. I'd just leave it with level 1 and let clogin do the enable to 15. OR, perhaps enable doesn't automatically move you from a level of >1 && <15 to level 15. I don't know, >1 && <15 have always seemed pointless, so I've never experimented. From joaje at dongenergy.dk Thu Nov 15 09:20:07 2007 From: joaje at dongenergy.dk (Joachim Jerberg Jensen) Date: Thu, 15 Nov 2007 10:20:07 +0100 Subject: [rancid] Re: clogin on extreme X450 In-Reply-To: <20071114170308.GC15223@shrubbery.net> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> <20071114170308.GC15223@shrubbery.net> Message-ID: <8DBE4A01414BDD409232EF0C48A87E1B0191322D@CLU01EX.de-prod.dk> >From: john heasley [mailto:heas at shrubbery.net] > > I do not see why clogin would not have worked, unless you have a rogue > userpassword else where in your cloginrc. you can add "exp_internal 1" > just before the main loop to see what it is doing. You are absolutely right.. So I started the expect script in debug mode.. And it seems like it does not match the first "login:" prompt, even though the regexp. should match.!? 3. time it tries to login, it matches, if I add a "sleep 1" timer just before. I also had to change the xrancid script, because the $found_end never becomes set. if (/^# Module vrrp configuration./i) { printf STDERR " End WriteTerm: $_" if ($debug); $found_end = 1; return(0); } Fortunately I don't use vrrp :-) Br Joachim Jerberg Jensen This is the debug output: [rancid at ns1 bin]$ cat scriptfile.txt Script started on Fri 09 Nov 2007 02:19:30 PM CET [rancid at ns1 bin]$ clogin 10.2.0.31 expect version 5.43.0 argv[0] = /usr/bin/expect argv[1] = -d argv[2] = /home/rancid/rancid/bin/clogin argv[3] = 10.2.0.31 set argc 1 set argv0 "/home/rancid/rancid/bin/clogin" set argv "10.2.0.31" executing commands from command file /home/rancid/rancid/bin/clogin 10.2.0.31 spawn telnet 10.2.0.31 23 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {17811} expect: does "" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does "" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no Trying 10.2.0.31... Connected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31). Escape character is '^]'. expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no telnet session telnet0 on /dev/ptyb0 login: expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? yes expect: set expect_out(0,string) "login:" expect: set expect_out(1,string) "login" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin:" send: sending "rancid\r" to { exp6 } expect: continuing expect expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no login: r expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? yes expect: set expect_out(0,string) "login:" expect: set expect_out(1,string) "login" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " \r\u001b[Klogin:" send: sending "rancid\r" to { exp6 } expect: continuing expect expect: does " r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " r" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " r" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no ancid password: expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? yes expect: set expect_out(0,string) "password:" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " rancid\r\n\rpassword:" send: sending "MYPASSWORD\r" to { exp6 } expect: continuing expect expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no Login incorrect login: MYPASSWORD expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? yes expect: set expect_out(0,string) "login:" expect: set expect_out(1,string) "login" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:" send: sending "rancid\r" to { exp6 } expect: continuing expect expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no password: expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? yes expect: set expect_out(0,string) "password:" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " MYPASSWORD\r\n\rpassword:" send: sending "MYPASSWORD\r" to { exp6 } expect: continuing expect expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no Login incorrect login: expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? yes expect: set expect_out(0,string) "login:" expect: set expect_out(1,string) "login" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:" send: sending "rancid\r" to { exp6 } expect: continuing expect expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? no "Login failed"? no "% (Bad passwords|Authentication failed)"? no "Press any key to continue."? no "Enter Selection: "? no "Last login:"? no "@[^\r\n]+ password:"? no "(Username|Login|login|user name):"? no "password:"? no "(#| $enable$)"? no "Login invalid"? no MYPASSWORD password: expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no "(Connection closed by|Connection to [^\n\r]+ closed)"? no expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no "Offending key for .* (yes/no)?"? no "(denied|Sorry)"? Fri, Nov 09, 2007 at 11:45:44AM +0100, Joachim Jerberg Jensen: > Hey, > > With a hint from a friend on the list, I made it work. > Jlogin works like a charm :) > > /Joachim Jerberg Jensen > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Joachim Jerberg Jensen > Sent: Friday, November 09, 2007 10:47 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] clogin on extreme X450 > > Hi, > > I have problems with doing clogin into extreme X450 switches doing TACACS authentication. ExtremeXOS version 11.6.3.5 > > When I login it get following: > > [rancid at ns1 ~]$ clogin 10.2.0.31 > 10.2.0.31 > spawn telnet 10.2.0.31 > Trying 10.2.0.31... > Connected to 10.2.0.31 > Escape character is '^]'. > > telnet session telnet0 on /dev/ptyb0 > > login: rancid > password: > > Login incorrect > login: mypassword > password: > > Login incorrect > login: mypassword > password: > > Login incorrect > Maximum number of login attempts reached! > Connection closed by foreign host. > > My .cloginrc file: > > ############## > add autoenable * {1} > add user * {rancid} > add password * {mypassword} > > #add userprompt * {"login:"} > #add passprompt * {"password:"} > ############## > > It seems like it doesn't apply the password after the login, but applies the password as username instead.. > I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem... > > I can login manually with login and password with no problem. > > Anyone have a hint? > > Best regards > Joachim Jerberg Jensen > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Thu Nov 15 18:39:35 2007 From: heas at shrubbery.net (john heasley) Date: Thu, 15 Nov 2007 10:39:35 -0800 Subject: [rancid] Re: clogin on extreme X450 In-Reply-To: <8DBE4A01414BDD409232EF0C48A87E1B0191322D@CLU01EX.de-prod.dk> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> <20071114170308.GC15223@shrubbery.net> <8DBE4A01414BDD409232EF0C48A87E1B0191322D@CLU01EX.de-prod.dk> Message-ID: <20071115183935.GJ6677@shrubbery.net> Thu, Nov 15, 2007 at 10:20:07AM +0100, Joachim Jerberg Jensen: > >From: john heasley [mailto:heas at shrubbery.net] > > > > I do not see why clogin would not have worked, unless you have a rogue > > userpassword else where in your cloginrc. you can add "exp_internal 1" > > just before the main loop to see what it is doing. > > You are absolutely right.. So I started the expect script in debug mode.. > And it seems like it does not match the first "login:" prompt, even though the regexp. should match.!? > > 3. time it tries to login, it matches, if I add a "sleep 1" timer just before. I see the problem. It prompts for the username, the username is sent, THEN it sends the vt code to clear the line, re-prints the username prompt [and echos part of the username], the username is sent again (since it sent the prompt again), then it echos the rest of the username and prompts for the password....but too late. ie: when the username is sent a second time, the switch consumes it as the password...hrm, how to hack this? one way would be to change the login prompt regex to "$u_prompt[^a-zA-Z0-9]" and the default u_prompt to "(Username|Login|login|user name): ?", which assumes that usernames begin with those characters and still is not fool proof since it relies upon timing/luck. Another way would be to test for (without consuming) more data from the telnet after matching the login. I'm not sure how to do that in expect...and it too is reliant upon timing/luck. Blech! I hate these extremes. you should open a customer support ticket about what a PITA it is to automate configuration on their switches....or stick a knife in their trachea. > I also had to change the xrancid script, because the $found_end never becomes set. damn it. is there any reliable end-of-config marker on these crappy-CLI switches? It used to be that all those comments were in the config, regardless of whether the subsystem was in use. > if (/^# Module vrrp configuration./i) { > printf STDERR " End WriteTerm: $_" if ($debug); > $found_end = 1; > return(0); > } > > Fortunately I don't use vrrp :-) > > Br > Joachim Jerberg Jensen > > This is the debug output: > > [rancid at ns1 bin]$ cat scriptfile.txt > Script started on Fri 09 Nov 2007 02:19:30 PM CET > [rancid at ns1 bin]$ clogin 10.2.0.31 > expect version 5.43.0 > argv[0] = /usr/bin/expect argv[1] = -d argv[2] = /home/rancid/rancid/bin/clogin argv[3] = 10.2.0.31 > set argc 1 > set argv0 "/home/rancid/rancid/bin/clogin" > set argv "10.2.0.31" > executing commands from command file /home/rancid/rancid/bin/clogin > 10.2.0.31 > spawn telnet 10.2.0.31 23 > parent: waiting for sync byte > parent: telling child to go ahead > parent: now unsynchronized from child > spawn: returns {17811} > > expect: does "" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does "" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > Trying 10.2.0.31... > Connected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31). > Escape character is '^]'. > > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > > telnet session telnet0 on /dev/ptyb0 > > login: > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? yes > expect: set expect_out(0,string) "login:" > expect: set expect_out(1,string) "login" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin:" > send: sending "rancid\r" to { exp6 } > expect: continuing expect > > expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > login: r > expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? yes > expect: set expect_out(0,string) "login:" > expect: set expect_out(1,string) "login" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) " \r\u001b[Klogin:" > send: sending "rancid\r" to { exp6 } > expect: continuing expect > > expect: does " r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " r" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " r" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > ancid > password: > expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? yes > expect: set expect_out(0,string) "password:" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) " rancid\r\n\rpassword:" > send: sending "MYPASSWORD\r" to { exp6 } > expect: continuing expect > > expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > > > Login incorrect > login: MYPASSWORD > > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? yes > expect: set expect_out(0,string) "login:" > expect: set expect_out(1,string) "login" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:" > send: sending "rancid\r" to { exp6 } > expect: continuing expect > > expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > password: > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? yes > expect: set expect_out(0,string) "password:" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) " MYPASSWORD\r\n\rpassword:" > send: sending "MYPASSWORD\r" to { exp6 } > expect: continuing expect > > expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > > > Login incorrect > login: > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? yes > expect: set expect_out(0,string) "login:" > expect: set expect_out(1,string) "login" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:" > send: sending "rancid\r" to { exp6 } > expect: continuing expect > > expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? no > "Login failed"? no > "% (Bad passwords|Authentication failed)"? no > "Press any key to continue."? no > "Enter Selection: "? no > "Last login:"? no > "@[^\r\n]+ password:"? no > "(Username|Login|login|user name):"? no > "password:"? no > "(#| $enable$)"? no > "Login invalid"? no > MYPASSWORD > password: > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no > "(Connection closed by|Connection to [^\n\r]+ closed)"? no > > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no > > expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no > "No address associated with name"? no > "(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no > "HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no > "Offending key for .* (yes/no)?"? no > "(denied|Sorry)"? > > > > > > Fri, Nov 09, 2007 at 11:45:44AM +0100, Joachim Jerberg Jensen: > > Hey, > > > > With a hint from a friend on the list, I made it work. > > Jlogin works like a charm :) > > > > /Joachim Jerberg Jensen > > > > > > -----Original Message----- > > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Joachim Jerberg Jensen > > Sent: Friday, November 09, 2007 10:47 AM > > To: rancid-discuss at shrubbery.net > > Subject: [rancid] clogin on extreme X450 > > > > Hi, > > > > I have problems with doing clogin into extreme X450 switches doing TACACS authentication. ExtremeXOS version 11.6.3.5 > > > > When I login it get following: > > > > [rancid at ns1 ~]$ clogin 10.2.0.31 > > 10.2.0.31 > > spawn telnet 10.2.0.31 > > Trying 10.2.0.31... > > Connected to 10.2.0.31 > > Escape character is '^]'. > > > > telnet session telnet0 on /dev/ptyb0 > > > > login: rancid > > password: > > > > Login incorrect > > login: mypassword > > password: > > > > Login incorrect > > login: mypassword > > password: > > > > Login incorrect > > Maximum number of login attempts reached! > > Connection closed by foreign host. > > > > My .cloginrc file: > > > > ############## > > add autoenable * {1} > > add user * {rancid} > > add password * {mypassword} > > > > #add userprompt * {"login:"} > > #add passprompt * {"password:"} > > ############## > > > > It seems like it doesn't apply the password after the login, but applies the password as username instead.. > > I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem... > > > > I can login manually with login and password with no problem. > > > > Anyone have a hint? > > > > Best regards > > Joachim Jerberg Jensen > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From juancarloshuerta at gmail.com Thu Nov 15 22:46:27 2007 From: juancarloshuerta at gmail.com (Juan Carlos Huerta) Date: Thu, 15 Nov 2007 16:46:27 -0600 Subject: [rancid] Re: Blogin support for Nortel 5520 In-Reply-To: <60e5bf4c0711131821o642f40bcj1333aa7ecef9b607@mail.gmail.com> References: <60e5bf4c0711121156h79832f2k755ed8504be211d5@mail.gmail.com> <20071114015205.GX20650@shrubbery.net> <60e5bf4c0711131821o642f40bcj1333aa7ecef9b607@mail.gmail.com> Message-ID: <60e5bf4c0711151446q6fd659e9rf54a32183c4d41f1@mail.gmail.com> I made some modifications to blogin to support the Nortel Baystack 5520 UI (Ctrl-Y + "L" to enter directly to the CLI), I'l be glad to cooperate in the project if you think it's ok. JC On Nov 13, 2007 8:21 PM, Juan Carlos Huerta wrote: > I'm working in a little modification to blogin to support this, I'll let > you know any update. > > > On Nov 13, 2007 7:52 PM, john heasley wrote: > > > Mon, Nov 12, 2007 at 01:56:56PM -0600, Juan Carlos Huerta: > > > Hi all, > > > > > > Is there any support with blogin to Nortel siwtches with UI? (in my > > case > > > 5520). I want to connect to it using blogin, but the problem is that > > when I > > > try to ssh my switch it shows an UI (Press Ctrl+Y, use arrow keys, > > etc) > > > > sorry, such UIs are not supported. > > > > > > -- > Juan Carlos -- Juan Carlos -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071115/b7c91567/attachment.html From fmikus at acktomic.com Fri Nov 16 14:02:18 2007 From: fmikus at acktomic.com (Francois Mikus) Date: Fri, 16 Nov 2007 09:02:18 -0500 Subject: [rancid] Re: Blogin support for Nortel 5520 In-Reply-To: <60e5bf4c0711151446q6fd659e9rf54a32183c4d41f1@mail.gmail.com> References: <60e5bf4c0711121156h79832f2k755ed8504be211d5@mail.gmail.com> <20071114015205.GX20650@shrubbery.net> <60e5bf4c0711131821o642f40bcj1333aa7ecef9b607@mail.gmail.com> <60e5bf4c0711151446q6fd659e9rf54a32183c4d41f1@mail.gmail.com> Message-ID: <473DA2EA.9080700@acktomic.com> Hello, Do you have consistency in the capture of the Ctrl-Y + L. I have found in testing against 470s(which use the same Menu as the ERS-55x0), that it works 95% of the time. But the more commands are issued in the Menu, the more likely the rancid jams in a loop. I have successfully configured and tested rancid for ERS-1600, ERS-8600, ES-470s with my new custom modules based brancid, another which I can't remember. Increasing delay before sending commands does help, but it has not reached the magic 100% reliability of a regular CLI method. I would suggest configuring your switches to always come up in CLI instead of menu, avoiding all of this hassle. Rancid can automate the configuration of CLI mode. Just run it once, check your logs, then correct the outsanding ones. Or just run rancid a couple times. ;-) Cheers, Francois Mikus Juan Carlos Huerta wrote: > I made some modifications to blogin to support the Nortel Baystack > 5520 UI (Ctrl-Y + "L" to enter directly to the CLI), I'l be glad to > cooperate in the project if you think it's ok. > > JC > > On Nov 13, 2007 8:21 PM, Juan Carlos Huerta > > wrote: > > I'm working in a little modification to blogin to support this, > I'll let you know any update. > > > On Nov 13, 2007 7:52 PM, john heasley < heas at shrubbery.net > > wrote: > > Mon, Nov 12, 2007 at 01:56:56PM -0600, Juan Carlos Huerta: > > Hi all, > > > > Is there any support with blogin to Nortel siwtches with UI? > (in my case > > 5520). I want to connect to it using blogin, but the problem > is that when I > > try to ssh my switch it shows an UI (Press Ctrl+Y, use arrow > keys, etc) > > sorry, such UIs are not supported. > > > > > -- > Juan Carlos > > > > > -- > Juan Carlos > ------------------------------------------------------------------------ > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From joaje at dongenergy.dk Fri Nov 16 15:06:31 2007 From: joaje at dongenergy.dk (Joachim Jerberg Jensen) Date: Fri, 16 Nov 2007 16:06:31 +0100 Subject: [rancid] Re: clogin on extreme X450 In-Reply-To: <20071115183935.GJ6677@shrubbery.net> References: <8C9F07F0B7EB87D-274-303@WEBMAIL-MB12.sysops.aol.com> <8DBE4A01414BDD409232EF0C48A87E1B0187AA84@CLU01EX.de-prod.dk> <8DBE4A01414BDD409232EF0C48A87E1B018C13B0@CLU01EX.de-prod.dk> <20071114170308.GC15223@shrubbery.net> <8DBE4A01414BDD409232EF0C48A87E1B0191322D@CLU01EX.de-prod.dk> <20071115183935.GJ6677@shrubbery.net> Message-ID: <8DBE4A01414BDD409232EF0C48A87E1B019421E0@CLU01EX.de-prod.dk> From: john heasley [mailto:heas at shrubbery.net] >Thu, Nov 15, 2007 at 10:20:07AM +0100, Joachim Jerberg Jensen: >> >From: john heasley [mailto:heas at shrubbery.net] >> > >> > I do not see why clogin would not have worked, unless you have a rogue >> > userpassword else where in your cloginrc. you can add "exp_internal 1" >> > just before the main loop to see what it is doing. >> >> You are absolutely right.. So I started the expect script in debug mode.. >> And it seems like it does not match the first "login:" prompt, even though the regexp. should match.!? >> >> 3. time it tries to login, it matches, if I add a "sleep 1" timer just before. > >I see the problem. It prompts for the username, the username is sent, THEN >it sends the vt code to clear the line, re-prints the username prompt [and >echos part of the username], the username is sent again (since it sent the >prompt again), then it echos the rest of the username and prompts for the >password....but too late. Aaaah yes.. I get it. > >ie: when the username is sent a second time, the switch consumes it as >the password...hrm, how to hack this? one way would be to change the >login prompt regex to "$u_prompt[^a-zA-Z0-9]" and the default u_prompt to >"(Username|Login|login|user name): ?", which assumes that usernames begin >with those characters and still is not fool proof since it relies upon >timing/luck. That could be a way. I will try it out. Thanx for the hint! > Another way would be to test for (without consuming) more >data from the telnet after matching the login. I'm not sure how to do >that in expect...and it too is reliant upon timing/luck. Blech! > >I hate these extremes. you should open a customer support ticket about >what a PITA it is to automate configuration on their switches....or stick >a knife in their trachea. I realy do hate them as well.. But fortunately we are phasing them out within a reasonable time :) So I don't think I will make a call, but just live with the "hacks" I had to make for so long. Even that clogin only works with username logins, as I have to manually set the "uprompt_seen 1" as well.. > >> I also had to change the xrancid script, because the $found_end never becomes set. > >damn it. is there any reliable end-of-config marker on these crappy-CLI >switches? It used to be that all those comments were in the config, >regardless of whether the subsystem was in use. Nope there is no "end-of-config" markers to match at all. But the VRRP configuration is the last line of the generic configuration always printed out, so I am just matching on that. Best regards Joachim Jerberg Jensen > >> if (/^# Module vrrp configuration./i) { >> printf STDERR " End WriteTerm: $_" if ($debug); >> $found_end = 1; >> return(0); >> } >> >> Fortunately I don't use vrrp :-) >> >> Br >> Joachim Jerberg Jensen >> >> This is the debug output: >> From juancarloshuerta at gmail.com Sat Nov 17 17:43:27 2007 From: juancarloshuerta at gmail.com (Juan Carlos Huerta) Date: Sat, 17 Nov 2007 11:43:27 -0600 Subject: [rancid] Re: Blogin support for Nortel 5520 In-Reply-To: <473DA2EA.9080700@acktomic.com> References: <60e5bf4c0711121156h79832f2k755ed8504be211d5@mail.gmail.com> <20071114015205.GX20650@shrubbery.net> <60e5bf4c0711131821o642f40bcj1333aa7ecef9b607@mail.gmail.com> <60e5bf4c0711151446q6fd659e9rf54a32183c4d41f1@mail.gmail.com> <473DA2EA.9080700@acktomic.com> Message-ID: <60e5bf4c0711170943x675c0113g844fb46db47b3c2c@mail.gmail.com> Thanks for your comments... as you said I configured switches to skip banner and menu, the only think I didn't knew is how to disable the menu after doing a "logout" or "exit" in the CLI, currently that's the only step when I have to do a "send 'logout\rL'" (by the way, in the login step I was meaning a Ctrl-Y + C, no Ctrl-Y + L) xD Another question, I'm trying to capture all the switch configuration (ERS-5520) using the "show run", but I cannot avoid the "--- More (press return... ---" pagination, I saw that rancid try to send a "more off" command before asking for config, but It is a not valid command in ERS-5520 switches, do you know how to tell the switch to skip the pagination issue? Thanks a lot. JC On 11/16/07, Francois Mikus wrote: > > Hello, > > Do you have consistency in the capture of the Ctrl-Y + L. > > I have found in testing against 470s(which use the same Menu as the > ERS-55x0), that it works 95% of the time. But the more commands are > issued in the Menu, the more likely the rancid jams in a loop. I have > successfully configured and tested rancid for ERS-1600, ERS-8600, > ES-470s with my new custom modules based brancid, another which I can't > remember. > > Increasing delay before sending commands does help, but it has not > reached the magic 100% reliability of a regular CLI method. > > I would suggest configuring your switches to always come up in CLI > instead of menu, avoiding all of this hassle. Rancid can automate the > configuration of CLI mode. Just run it once, check your logs, then > correct the outsanding ones. Or just run rancid a couple times. ;-) > > Cheers, > > Francois Mikus > > Juan Carlos Huerta wrote: > > I made some modifications to blogin to support the Nortel Baystack > > 5520 UI (Ctrl-Y + "L" to enter directly to the CLI), I'l be glad to > > cooperate in the project if you think it's ok. > > > > JC > > > > On Nov 13, 2007 8:21 PM, Juan Carlos Huerta > > > wrote: > > > > I'm working in a little modification to blogin to support this, > > I'll let you know any update. > > > > > > On Nov 13, 2007 7:52 PM, john heasley < heas at shrubbery.net > > > wrote: > > > > Mon, Nov 12, 2007 at 01:56:56PM -0600, Juan Carlos Huerta: > > > Hi all, > > > > > > Is there any support with blogin to Nortel siwtches with UI? > > (in my case > > > 5520). I want to connect to it using blogin, but the problem > > is that when I > > > try to ssh my switch it shows an UI (Press Ctrl+Y, use arrow > > keys, etc) > > > > sorry, such UIs are not supported. > > > > > > > > > > -- > > Juan Carlos > > > > > > > > > > -- > > Juan Carlos > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -- Juan Carlos -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20071117/cb0003ab/attachment.html From t at trey.net Tue Nov 20 23:34:03 2007 From: t at trey.net (Trey Valenta) Date: Tue, 20 Nov 2007 15:34:03 -0800 Subject: [rancid] Re: cisco pix clogin timeout In-Reply-To: <1192725709.6230.51.camel@oddjob> References: <1192725709.6230.51.camel@oddjob> Message-ID: <20071120233403.GB4147@trey.net> On Thu, Oct 18, 2007 at 11:41:49AM -0500, Gregory W Zill wrote: I am trying to automatically login with a new rancid setup to a 6.3(5) > pix whose prompt looks like > AbCdEf> > > The login portion appears to work but enable never finishes and > eventually times out even when I add "-t 100" > > The clogin I use looks like > clogin abcdef.clients.company.com > > I can ssh manually to "abcdef.clients.company.com". The enable just > turns the > into a #. Hi Gregory, I had a very similar problem that was a pain to resolve. The expect scripts had no trouble pulling from a pix in my office, but I couldn't reliably connect to a Pix over links with high latencies (particularly connections from the US to China). I never truly resolved the issue, but for some reason passwords with multiple special characters seemed to give me the most trouble. Until I have time to really investigate, I used the following workaround in clogin. I set send_slow to {6 .1} and use "send -s" when sending the enable password. ---cut here------ $ diff -u clogin ~rancid/bin/clogin --- clogin 2007-09-17 13:14:55.000000000 -0700 +++ /usr/local/rancid/bin/clogin 2007-10-18 13:43:00.000000000 -0700 @@ -539,10 +539,11 @@ global u_prompt e_prompt set in_proc 1 +set send_slow { 6 .1 } send "enable\r" expect { -re "$u_prompt" { send "$enauser\r"; exp_continue} - -re "$e_prompt" { send "$enapasswd\r"; exp_continue} + -re "$e_prompt" { send -s "$enapasswd\r"; ex