Mailing List Archive

Cloginrc file is not working
Hi,

I have tried to login into the device using clogin, But the user
credentials is not working from the .clogin rc. Please take a look on the
below example.


For Ex:

add user 1x.1x.1x.1x user1
add password 1x.1x.1x.1x {userpwd} {$userpwd$}
add method 1x.1x.1x.1x telnet ssh


When we try to execute
> /usr/local/rancid/bin/clogin x.x.x.x
> x.x.x.x
> spawn telnet x.x.x.x
> Trying x.x.x.x...
> Connected to x.x.x.x.
> Escape character is '^]'.
> CC*******************************************
> HostName : Compiled_hostname
> Hardware : ABCDE
> IOS version : Version 12.2(55)EX3
> SettingDate : 2014/11/11
> ModifyDate :
> Region : Global
> Country : XXXXXX
> Owner : abc
> *******************************************
>
>
> User Access Verification
>
> Username: rancid
> Password:
Login Invalid


I can see that username which is in ,cloginrc and while executing the
username is diff, it looks like that the username it takes the server
credentials.
Re: Cloginrc file is not working [ In reply to ]
If your passwords contain any non-alphanumeric characters you will need to enclose them in braces.

For example, if you have a dollar sign in your password:

add user myhost.example.org rancidbackups
add password myhost.example.org {$1$3733t$yzdwDjUcpcOafx}

Organizations in the USA or EU will fail security audits if telnetd is enabled on network devices., it's best practice not to use 49 year old plaintext protocols, SSH is a better choice (only 23 years old).

--Charlie



________________________________
From: Rancid-discuss [rancid-discuss-bounces@shrubbery.net] on behalf of nandhakumar a [nandhakumar.a0519@gmail.com]
Sent: Monday, May 28, 2018 12:47 AM
To: rancid-discuss@shrubbery.net
Cc: rancid-discuss-request@shrubbery.net
Subject: [rancid] Cloginrc file is not working

Hi,

I have tried to login into the device using clogin, But the user credentials is not working from the .clogin rc. Please take a look on the below example.


For Ex:

add user 1x.1x.1x.1x user1
add password 1x.1x.1x.1x {userpwd} {$userpwd$}
add method 1x.1x.1x.1x telnet ssh


When we try to execute
> /usr/local/rancid/bin/clogin x.x.x.x
> x.x.x.x
> spawn telnet x.x.x.x
> Trying x.x.x.x...
> Connected to x.x.x.x.
> Escape character is '^]'.
> CC*******************************************
> HostName : Compiled_hostname
> Hardware : ABCDE
> IOS version : Version 12.2(55)EX3
> SettingDate : 2014/11/11
> ModifyDate :
> Region : Global
> Country : XXXXXX
> Owner : abc
> *******************************************
>
>
> User Access Verification
>
> Username: rancid
> Password:
Login Invalid


I can see that username which is in ,cloginrc and while executing the username is diff, it looks like that the username it takes the server credentials.

------------------ CONFIDENTIALITY NOTICE ---------------

This message, including any attachments, is for the sole use of the
intended recipient(s) and may contain privileged confidential information
protected by law. Any unauthorized review, use, disclosure or distribution
of this message is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of this message.

------------------ CONFIDENTIALITY NOTICE ---------------
Re: Cloginrc file is not working [ In reply to ]
I notice your .cloginrc defines “user1” as the login username, but rancid is trying with username “rancid” - is it possible there might be another matching definition higher in the .cloginrc file, with different credentials? Rancid stops processing at the first possible match.

Also, do you have user1 defined as an account in your AAA servers? Or with IOS version 12.2(55)EX3 this is likely a Catalyst switch – if you don’t have AAA servers defined or if they’re offline/unreachable, then is user1 defined in the local user database?

weylin


From: nandhakumar a <nandhakumar.a0519@gmail.com>
Date: Monday, May 28, 2018 at 12:47 AM
To: <rancid-discuss@shrubbery.net>
Cc: <rancid-discuss-request@shrubbery.net>
Subject: [rancid] Cloginrc file is not working

Hi,

I have tried to login into the device using clogin, But the user credentials is not working from the .clogin rc. Please take a look on the below example.


For Ex:

add user 1x.1x.1x.1x user1
add password 1x.1x.1x.1x {userpwd} {$userpwd$}
add method 1x.1x.1x.1x telnet ssh


When we try to execute
> /usr/local/rancid/bin/clogin x.x.x.x
> x.x.x.x
> spawn telnet x.x.x.x
> Trying x.x.x.x...
> Connected to x.x.x.x.
> Escape character is '^]'.
> CC*******************************************
> HostName : Compiled_hostname
> Hardware : ABCDE
> IOS version : Version 12.2(55)EX3
> SettingDate : 2014/11/11
> ModifyDate :
> Region : Global
> Country : XXXXXX
> Owner : abc
> *******************************************
>
>
> User Access Verification
>
> Username: rancid
> Password:
Login Invalid


I can see that username which is in ,cloginrc and while executing the username is diff, it looks like that the username it takes the server credentials.
Re: Cloginrc file is not working [ In reply to ]
Tue, May 29, 2018 at 02:06:02AM +0000, Piegorsch, Weylin William:
> I notice your .cloginrc defines “user1” as the login username, but rancid is trying with username “rancid” - is it possible there might be another matching definition higher in the .cloginrc file, with different credentials? Rancid stops processing at the first possible match.
>
> Also, do you have user1 defined as an account in your AAA servers? Or with IOS version 12.2(55)EX3 this is likely a Catalyst switch – if you don’t have AAA servers defined or if they’re offline/unreachable, then is user1 defined in the local user database?
>
> weylin

I've tried to explain to this user how to use clogin -[Mm] to debug their
.cloginrc. I'm apparently not affective. perhaps someone else can try.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss