[rancid] Fortiweb 5.8

Gerhard Mourani gmourani at gmail.com
Thu Jul 20 12:13:20 UTC 2017 

Hi,

Thanks for your reply, here the output, look like with fnlogin, the remote FortiWeb wait indefinitely at the password prompt!

su - rancid -c "fnlogin -d 172.16.207.10"
172.16.207.10
spawn ssh -p 22 -x -l blesk9 172.16.207.10
parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {92600}
Gate keeper glob pattern for '(Connection refused|Secure connection [^
]+ refused)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(Connection closed by|Connection to [^
]+ closed)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED' is 'HOST IDENTIFICATION HAS CHANGED'. Activating booster.
Gate keeper glob pattern for 'Offending key for ' is 'Offending key for '. Activating booster.
Gate keeper glob pattern for '^warning: remote host denied authentication agent forwarding.' is 'warning: remote host denied authentication agent forwarding?'. Activating booster.
Gate keeper glob pattern for '(denied|Sorry)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(login:)' is 'login:'. Activating booster.
Gate keeper glob pattern for '@[^
]+[Pp]assword:' is '@*assword:'. Activating booster.

expect: does "" (spawn_id exp3) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only) gate=yes re=no

expect: does "" (spawn_id exp3) match glob pattern "unknown host\r"? no

expect: does "" (spawn_id exp3) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established)"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED"? Gate "HOST IDENTIFICATION HAS CHANGED"? gate=no
"Offending key for "? Gate "Offending key for "? gate=no

expect: does "" (spawn_id exp3) match regular expression "^warning: remote host denied authentication agent forwarding."? Gate "warning: remote host denied authentication agent forwarding?"? gate=no

expect: does "" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"(login:)"? Gate "login:"? gate=no
"@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no
"[Pp]assword:"? no
"[#\$] "? no
please input passwd:
expect: does "please input passwd:" (spawn_id exp3) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? (No Gate, RE only) gate=yes re=no
"(Connection closed by|Connection to [^\n\r]+ closed)"? (No Gate, RE only) gate=yes re=no

expect: does "please input passwd:" (spawn_id exp3) match glob pattern "unknown host\r"? no

expect: does "please input passwd:" (spawn_id exp3) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established)"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED"? Gate "HOST IDENTIFICATION HAS CHANGED"? gate=no
"Offending key for "? Gate "Offending key for "? gate=no

expect: does "please input passwd:" (spawn_id exp3) match regular expression "^warning: remote host denied authentication agent forwarding."? Gate "warning: remote host denied authentication agent forwarding?"? gate=no

expect: does "please input passwd:" (spawn_id exp3) match regular expression "(denied|Sorry)"? (No Gate, RE only) gate=yes re=no
"Login failed"? no
"(login:)"? Gate "login:"? gate=no
"@[^\r\n]+[Pp]assword:"? Gate "@*assword:"? gate=no
"[Pp]assword:"? no
"[#\$] "? no
expect: timed out

Error: TIMEOUT reached

> On Jul 20, 2017, at 4:56 AM, heasley <heas at shrubbery.net> wrote:
> 
> Wed, Jul 19, 2017 at 04:18:25PM -0400, Gerhard Mourani:
>> 
>> Hello,
>> 
>> I'm using Rancid 3.6.2 to backup Fortiweb devices which worked in the past. Since my last update to Fortiweb 5.8, rancid stop to work. Command like su - rancid -c "clogin x.x.x.x" let me connect to it instantly but typing something will return a timeout (Error: TIMEOUT reached).
> 
> try fnlogin (or plogin) and we'd need debug output from fnlogin -d to see
> what is failing in whatis most likely matching of the prompt.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20170720/ab15e800/attachment.html>

More information about the Rancid-discuss mailing list