<div class="gmail_quote">On Wed, May 15, 2013 at 7:16 AM, Per-Olof Olsson <span dir="ltr"><<a href="mailto:peo@chalmers.se" target="_blank">peo@chalmers.se</a>></span> wrote:<br><div><br>hi,<br> <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">
</div><br>
So what about testing<br>
add userprompt switch {User name:}<br>
in your .cloginrc<br>
<div class="im"><br></div></blockquote></div><br>getting closer ;-)<br><br><br>add user switch {username}<br>add password switch {pwd}<br>add userprompt switch {"User Name:"}<br># add passprompt switch {"Password:"}<br>
# add method switch {telnet}<br><br>adding the userprotmt allows rancid to go on, but it enters the username/password three times and the authentication fails. I have verified the user name/password combination are correct, I can log in manually with those credentials.<br>
<br>I tried (as you see it is now commented out) the passprompt, but that does not affect it. I see clogin type something 3 times and fail.<br><br>Now I have gone digging a bit further. We have radius configured in the network devices. I used the radiusd -X logging of freeradius to see what was coming from the switch and to my surprise I saw that the username was correct but the password that was coming to the radius server corresponded to the next .clogin defined for the 'normal' cisco devices. Strange.<br>
<br>so, to be clear, I have at the end of my cloginrc file a catchall rule like so:<br><br>add user *.domain.tld {username}<br>add password *.domain.tld {pwd} {enablepwd}<br>add method *.domain.tld ssh<br><br>and befor that I add the config for the small switches. And yet rancid sent the *.domain.tld password to the device.<br>
<br>I have now changed the *.domain.tld {username} to use radius authentication instead of local user. Now it works.<br><br>Thanks for the userprompt tip!<br><br>-- <br>groet,<br>natxo<br><br>