Hi Tyler,<br><br>Thanks for your reply...:-) !<br><br>Same thing happens as for my network user...:<br>1. yes<br>2.
no (clogin/hlogin requires a .cloginrc file with username/password to
run) - and my best bet is that this is what it uses currently... so no
ssh-keys using clogin/hlogin (from wither network user, root,
rancid...). Furthermore prompt is also "hanging" and it doesn't parse
the -c "sh ver" that works fine from normal ssh...<br>
3. same as network user/root<br><br>So key-sharing is working fine... but don't know how to utilize it/bypass .cloginrc in rancid...<br>Just
hoping that there is a way... - would'nt like to manually edit scripts
every time i update Rancid... and I don't know expect that well
either...:-) !<br>
<br>Thanks in advance :-) !<br>~maymann<br><br><div class="gmail_quote">2012/1/10 Tyler J. Wagner <span dir="ltr"><<a href="mailto:tyler@tolaris.com">tyler@tolaris.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Michael,<br>
<br>
I've not tried using clogin/hlogin with SSH keys, but I know a great deal<br>
about SSH. Assuming that clogin will use a key if present (a big if):<br>
<br>
1. Can you login with the SSH key using ssh as the root user?<br>
2. Can you login with the SSH key using clogin as the root user?<br>
3. What about as the rancid user?<br>
<br>
Regards,<br>
Tyler<br>
<div class="im"><br>
On <a href="tel:2012-01-10%2008" value="+12012011008">2012-01-10 08</a>:17, Michael Maymann wrote:<br>
> I'm running on rhel-5u7-x64.<br>
> Anyone...?<br>
><br>
><br>
> Thanks in advance :-)<br>
> ~maymann<br>
><br>
</div>> 2012/1/9 Michael Maymann <<a href="mailto:michael@maymann.org">michael@maymann.org</a> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>>><br>
<div class="im">><br>
> hlogin -w <USR> -c "sh ver" <HOSTNAME>:<br>
> ---<br>
> <HOSTNAME><br>
> spawn hpuifilter -- ssh -c 3des -x -l <USR> <HOSTNAME><br>
> We'd like to keep you up to date about:<br>
> * Software feature updates<br>
> * New product announcements<br>
> * Special events<br>
><br>
> Please register your products now at: <a href="http://www.ProCurve.com" target="_blank">www.ProCurve.com</a><br>
</div>> <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
<div class="im">><br>
><br>
> ProCurve J8697A Switch 5406zl<br>
> Software revision K.15.02.0005<br>
><br>
> Copyright (C) 1991-2010 Hewlett-Packard Co. All Rights Reserved.<br>
><br>
> RESTRICTED RIGHTS LEGEND<br>
><br>
> Use, duplication, or disclosure by the Government is subject to<br>
> restrictions<br>
> as set forth in subdivision (b) (3) (ii) of the Rights in Technical<br>
> Data and<br>
> Computer Software clause at 52.227-7013.<br>
><br>
> HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303<br>
><br>
> Press any key to continue<HOSTNAME>#<br>
> ---<br>
> Just "hangs" there...<br>
><br>
><br>
> ssh <USR>@<HOSTNAME>:<br>
> ---<br>
> We'd like to keep you up to date about:<br>
> * Software feature updates<br>
> * New product announcements<br>
> * Special events<br>
><br>
> Please register your products now at: <a href="http://www.ProCurve.com" target="_blank">www.ProCurve.com</a><br>
</div>> <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
<div class="im">> ProCurve J8697A Switch 5406zl<br>
> Software revision K.15.02.0005<br>
><br>
> Copyright (C) 1991-2010 Hewlett-Packard Co. All Rights Reserved.<br>
><br>
> RESTRICTED RIGHTS LEGEND<br>
><br>
> Use, duplication, or disclosure by the Government is subject to<br>
> restrictions<br>
> as set forth in subdivision (b) (3) (ii) of the Rights in Technical<br>
> Data and<br>
> Computer Software clause at 52.227-7013.<br>
><br>
> HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303<br>
> Press any key to continue<br>
> <HOSTNAME># sh ver<br>
> Image stamp: /sw/code/build/btm(K_15_02)<br>
> Oct 20 2010 16:19:41<br>
> K.15.02.0005<br>
> 121<br>
> Boot Image: Primary<br>
> <HOSTNAME># logout<br>
> Do you want to log out [y/n]? y<br>
> Connection to <HOSTNAME> closed.<br>
> ---<br>
> So SSH is working fine...<br>
</div>> I'm running Rancid 2.3.6... hlogin=$Id: <a href="http://hlogin.in" target="_blank">hlogin.in</a> <<a href="http://hlogin.in" target="_blank">http://hlogin.in</a>><br>
<div class="im">> 2251 2010-10-01 19:26:36Z heas $<br>
> Could there be a problem with HP Procurve 5406zl hlogin script<br>
> somewhere... or can someone actually confirm this to be working on<br>
> their 5406zl ?<br>
><br>
> Furthermore, I would like to run hlogin+clogin wihout having to<br>
> configure anything inside .cloginrc... is this possible somehow ?<br>
><br>
><br>
> Thanks in advance... :-) !<br>
> ~maymann<br>
><br>
><br>
</div>> 2012/1/9 Michael Maymann <<a href="mailto:michael@maymann.org">michael@maymann.org</a> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>>><br>
<div class="im">><br>
> Hi List,<br>
><br>
> We have a setup where we have destributed 4096 bit RSA public-keys<br>
> to all our equipment from a network-user for optimanl security.<br>
> Our equipment is already in a DB and we have a scripting<br>
> environment that figures out the vendor/model/type for us already.<br>
> 1. Can I use rancid without using .cloginrc (e.g. directly from<br>
> commandline) - how... ?<br>
> 2. Alternatively, can I configure .cloginrc with ssh-keysharing -<br>
> how... ?<br>
><br>
> We will need to connect to HP ProCurve (hlogin) and Cisco (clogin)...<br>
><br>
><br>
> Thanks in advance :-) !<br>
><br>
> ~maymann<br>
><br>
><br>
><br>
><br>
><br>
</div>> _______________________________________________<br>
> Rancid-discuss mailing list<br>
> <a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a><br>
> <a href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss" target="_blank">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a><br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
"[...] we are not attacking the corporations, but endeavoring to do<br>
away with any evil in them. We are not hostile to them; we are merely<br>
determined that they shall be so handled as to subserve the public<br>
good. We draw the line against misconduct, not against wealth."<br>
-- Theodore Roosevelt<br>
</font></span></blockquote></div><br>