[rancid] Fortinet private key problem
Ugo Bellavance
ugob at lubik.ca
Fri Jul 26 13:31:41 UTC 2019
I found a fix:
In fnrancid (version 3724 2017-08-01 17:58:06Z), I had to change the regex
a bit because on my system (Fortiweb, not Fortigate), the double quote is
on another line.
I haven't been able to make it work with the new line (tried \n and \r\n)
and it didn't work so I just removed the double quote in the regex.
# if (/^\s*-----END (RSA|ENCRYPTED) PRIVATE KEY-----"/) {
if (/^\s*-----END (RSA|ENCRYPTED) PRIVATE KEY-----/) {
I'm not sure how future-proof this is but tips are welcome to make the
regex work with this input:
OSnA0DuUpx2/FvoFbJM9jmx=
-----END ENCRYPTED PRIVATE KEY-----
"
unset passwd
Thanks,
On Thu, Jul 25, 2019 at 3:17 PM john heasley <heas at shrubbery.net> wrote:
> Thu, Jul 25, 2019 at 02:52:42PM -0400, Ugo Bellavance:
> > Hi,
> >
> > I'm trying to get rancid to work with my Fortinet device. It seems to
> work
> > OK, except for the fact that it doesn't collect the whole config. It
> looks
> > like it's stuck in the removal of the private key. It stops like this:
> >
> > # set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
> > # <removed>
> > Connection to server.xxx.xxx closed.
> >
> > I checked the code for filter cycling RSA private keys, but I don't know
> > where would be the problem.
> >
> > Any help or suggestion would be appreciated.
>
> what version of rancid? show us example input. test that you can run the
> command with the login script and receive the full output.
>
--
Ugo Bellavance (ugob at lubik.ca)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20190726/fbd5b7d9/attachment.html>
More information about the Rancid-discuss
mailing list