[rancid] The reoccurring question - Cisco ASA Login failures

Danica L Alcaraz Danica_Alcaraz at fd.org
Tue Mar 5 18:54:46 UTC 2013 

/PEO, you are a GD genius!

You obviously understand all the underlying code that I do not.  Can I tell
these types of devices to look at the clogin_special script just by using a
different device than cisco in the router.db configuration?  How to I
direct it to do that?  Or can I feel safe in loading this change into the
clogin file and not impact other devices?


Sincerely,



Danica Alcaraz
Network Administrator
ODS-ITD NITOAD Branch
Administrative Office of the U.S. Courts
7550 IH 10 West, Suite 200
San Antonio, Texas 78229-5821
Direct:  (210) 308-3217
Fax:  (210) 308-3225
danica_alcaraz at fd.org




From:	Per-Olof Olsson <peo at chalmers.se>
To:	Danica L Alcaraz <Danica_Alcaraz at fd.org>,
Cc:	<rancid-discuss at shrubbery.net>
Date:	03/05/2013 11:56 AM
Subject:	Re: [rancid] The reoccurring question - Cisco ASA Login
            failures



Hello

Space in user name. Crazy!

Impossible or just to fix the scope for "split" and quote the username
in clogin...

Not tested to do a complete login but the ssh password prompt looks
correct including a space.

 >clogin host
...
user name at host's password:
...

diff clogin clogin_special
350c350
<           set retval [catch {eval spawn [split "$cmd -c $cyphertype -x
-l $user $router" { }]} reason]
---
 >           set retval [catch {eval spawn [split "$cmd -c $cyphertype
-x -l" { }] \"$user\" $router } reason]


/Peo
----------------------------------------------------------
Per-Olof Olsson               Email: peo at chalmers.se
Chalmers tekniska högskola    IT-service
Hörsalsvägen 5                412 96 Göteborg
Tel: 031/772 6738  Fax: 031/772 8680
----------------------------------------------------------

Danica L Alcaraz wrote 2013-03-05 16:41:
>
> Guys,
>
> I'm STILL not able to get my RANCID to successfully login to our Cisco
ASA
> firewalls.  We've got TACACS+ (which is not that big a deal) but they
> insisted on giving usernames that had spaces in them and the script
doesn't
> like anything I've tried to get it to take the string literally (mostly
> used {user name} or "user name").  I'm using Ubuntu 12.10 with RANCID
> 2.3.8.  It insists that I designate the method ssh so I can't work it
like
> my HP boxes.  I need some more suggestions on this if you've got them.
>
> I've tried many things based on what I've seen in the blogs but here's my
> current:
>
> add user 		 192.168.*.* 		 {user name}
 << or "user name" (or even
> {"user name"}
> add password 		 192.168.*.* 		 {password} {password}
> add method		 192.168.*.*		 ssh
> add autoenable 192.168.*.*		 {1}
>
> prompt$ /usr/local/rancid/bin/clogin 192.168.*.*
> 192.168.*.*
> spawn ssh -c 3des -x -l user name 192.168.*.*		 		 << with
quotes or
> squiggly brackets it still only reads the second word of the username
> ssh:  Couldn't resolve hostname name: Name or service not known
>
> Error:  Couldn't login:  192.168.*.*
>
> Has anyone gotten it to work using another device script?
> Are there other ways to tell Ubuntu to read the username with a space
> literally?
> My HP devices take the string literally without help from {} or "" but
only
> if I remove the add method directive,  Hmmm, I wonder if I make it think
> it's an HP.
>
> Any ideas appreciated.  Thanks.
>
>
> Sincerely,
>
>
>
> Danica Alcaraz
> Network Administrator
> ODS-ITD NITOAD Branch
> Administrative Office of the U.S. Courts
> 7550 IH 10 West, Suite 200
> San Antonio, Texas 78229-5821
> Direct:  (210) 308-3217
> Fax:  (210) 308-3225
> danica_alcaraz at fd.org
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>

More information about the Rancid-discuss mailing list