<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mv="http://macVmlSchemaUri" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Arial;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Courier New";
panose-1:2 7 3 9 2 2 5 2 4 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.emailstyle17
{mso-style-name:emailstyle17;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.emailstyle19
{mso-style-name:emailstyle19;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.emailstyle20
{mso-style-name:emailstyle20;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:12.0pt;color:black"><div style="mso-line-height-rule:exactly;-webkit-text-size-adjust:100%;white-space:nowrap;"><br /><table cellpadding="0" cellspacing="0" border="0" style="background-color:#FFFFFF;border-collapse:collapse;font-size:0;line-height:16.66px;"><tr><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="border-collapse:collapse;font-size:13.33px;color:#26446E;font-style:normal;font-weight:normal;text-decoration:none;"><tr><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;font-weight:bold;">Chris Gauthier</td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;white-space:normal;"> </td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;">Senior Network Engineer</td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;white-space:normal;"> | </td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;">comScore, Inc.</td></tr></table></td></tr><tr><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="border-collapse:collapse;font-size:13.33px;color:#26446E;font-style:normal;font-weight:normal;text-decoration:none;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="border-collapse:collapse;font-size:13.33px;color:#26446E;font-style:normal;font-weight:normal;text-decoration:none;"><tr><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;">o +1 </td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;"><a href="tel:503-331-2704" target="_blank" id="LPlnk689713" style="color:#26446E;text-decoration:none;"><strong style="font-weight:normal;">503-331-2704</strong></a></td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;white-space:normal;"> </td><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;"><a href="mailto:cgauthier@comscore.com" target="_blank" id="LPlnk689713" style="color:#26446E;text-decoration:none;"><strong style="font-weight:normal;">cgauthier@comscore.com</strong></a></td></tr></table></td></tr><tr><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;">317 SW Alder St, Suite 500 | Portland | OR 97204</td></tr></table></td></tr><tr style="white-space:normal;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;border-collapse:collapse;font-size:13.33px;color:#000001;font-style:normal;font-weight:normal;text-decoration:none;"><tr><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;">............................................................................................................................................................................................................................</td></tr></table></td></tr><tr style="white-space:normal;"><td align="left" style="padding:10px 0 0;vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="border-collapse:collapse;font-size:13.33px;color:#F7A000;font-style:normal;font-weight:normal;text-decoration:none;"><tr><td align="left" style="vertical-align:top;text-align:left;font-family:Arial,Helvetica Neue,Helvetica,sans-serif;"></td></tr></table></td></tr></table><br /></div>From:
</span></b><span style="font-size:12.0pt;color:black">Wayne Eisenberg <Wayne.Eisenberg@CarolinasIT.com><br>
<b>Date: </b>Monday, September 11, 2017 at 9:06 PM<br>
<b>To: </b>"Gauthier, Chris" <cgauthier@comscore.com>, "'rancid-discuss@shrubbery.net'" <rancid-discuss@shrubbery.net><br>
<b>Subject: </b>RE: [rancid] ASA IOS 9.8(2) support?<o:p></o:p></span></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">Here’s the relevant section of .cloginrc:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">add method asa {ssh}</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">add user asa {username}</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">add password asa {pw_here} {pw_here}</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">add cyphertype asa {aes256-cbc}</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">add autoenable asa {0}</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">Pretty much the same pattern everything else in the file has.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">I might be able to try the no login-history command, I don’t think I will be allowed to do the others. (auto-enable)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">Isn’t there a verbose mode for one of the rancid commands, like a –vvv or something like that? Is that in clogin?</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D"> <o:p></o:p></span></p>
<p class="MsoNormal">On CentOS7:<o:p></o:p></p>
<p class="MsoNormal"><span style="font-family:"Consolas",sans-serif">export NOPIPE=YES<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Consolas",sans-serif">rancid –d –t cisco
<i>$DeviceFQDN</i><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Consolas",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal">Look for the <i><span style="font-family:"Consolas",sans-serif">$DeviceFQDN</span></i><span style="font-family:"Consolas",sans-serif">.raw</span> and
<i><span style="font-family:"Consolas",sans-serif">$DeviceFQDN</span></i><span style="font-family:"Consolas",sans-serif">.new</span> files to help with debugging info. Obviously, substitute your device’s FQDN for
<i><span style="font-family:"Consolas",sans-serif">$DeviceFQDN</span></i>.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">When done, clear the <span style="font-family:"Consolas",sans-serif">
NOPIPE</span> variable.<o:p></o:p></p>
<p class="MsoNormal"><span style="font-family:"Consolas",sans-serif"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#1F497D">Is this fixed in the current version of rancid?</span><o:p></o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="32" style="width:24.0pt;margin-left:.5in;background:white;border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif;color:#000001">............................................................................................................................................................................................................................</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" style="padding:7.5pt 0in 0in 0in">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:0in 0in 0in 0in"></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black"> </span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black">From:
</span></b><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black">Rancid-discuss <</span><a href="mailto:rancid-discuss-bounces@shrubbery.net"><span style="font-size:12.0pt;font-family:"Times New Roman",serif">rancid-discuss-bounces@shrubbery.net</span></a><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black">>
on behalf of Wayne Eisenberg <</span><a href="mailto:Wayne.Eisenberg@CarolinasIT.com"><span style="font-size:12.0pt;font-family:"Times New Roman",serif">Wayne.Eisenberg@CarolinasIT.com</span></a><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black">><br>
<b>Date: </b>Sunday, September 10, 2017 at 10:48 PM<br>
<b>To: </b>"'rancid-discuss@shrubbery.net'" <</span><a href="mailto:rancid-discuss@shrubbery.net"><span style="font-size:12.0pt;font-family:"Times New Roman",serif">rancid-discuss@shrubbery.net</span></a><span style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black">><br>
<b>Subject: </b>[rancid] ASA IOS 9.8(2) support?</span><o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:1.0in">Hi,<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in">I have an ASA firewall running version 9.8(2), and the clogin script is missing something in the sequence such that I don’t get to the enable mode properly.<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-size:7.0pt;font-family:"Courier New",serif;color:black"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">[rancid3]$ bin/clogin asa</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">spawn ssh -c aes256-cbc -x -l <username> asa</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"><username>@asa's password:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">User logged in to ASA</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Logins over the last 4 days: 28. Last login: 22:33:20 UTC Sep 10 2017 from x.y.z.a</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Failed logins since the last login: 0. Last failed login: 06:03:53 UTC Sep 8 2017 from x.y.z.a</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Type help or '?' for a list of available commands.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">ASA> <username></span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"> ^</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">ERROR: % Invalid input detected at '^' marker.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Error: Unrecognized command, check your enable command</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">ASA> <username></span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"> ^</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">ERROR: % Invalid input detected at '^' marker.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">ASA> enable</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Password:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif">Password:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in">And that is where it stops (never tries to type in the enable password). If I manually input the enable password that I have in .clogin, it lets me into enable mode. Other ASA’s with older versions work fine, the
.clogin file is properly written for this device. Could upgrading to the current version of rancid solve this (currently on v3.1)?<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">This sounds like it could be related to the .clogrinrc file. What does it look like (obviously obfuscating credentials)?<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in">Thanks,<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in">Wayne<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span style="font-family:"Courier New",serif"> </span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in">--Chris<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div class="MsoNormal" align="center" style="margin-left:.5in;text-align:center">
<hr size="2" width="100%" align="center">
</div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:7.5pt;font-family:"Arial",sans-serif;color:blue"><br>
The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to
the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you.<br>
<br>
</span><o:p></o:p></p>
</div>
</body>
</html>