Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. RANCID>
  3. Users
Ignore Extreme hivemanager account
kfrauendienst at mconsult
Jan 5, 2022, 7:05 AM
Post #1 of 5 (541 views)
Permalink
Good morning,

One of the sites where I run RANCID has Extreme switches and also has
the ExtremeCloud IQ web-based management.  The management platform adds
a user account called hivemanager, and it cycles (or at least
re-encrypts) the password every so often.  A few of them every just
about every day get a config revision from this with no other changes. 
Is there something I can do to just leave the hivemanager line out of
the config entirely?  Here's what it looks like.

create account admin hivemanager encrypted
"$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

I'm running RANCID version 3.13.

Thanks,

Karl

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net
https://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Ignore Extreme hivemanager account [ In reply to ]
heas at shrubbery
Jan 8, 2022, 11:11 AM
Post #2 of 5 (538 views)
Permalink
Wed, Jan 05, 2022 at 09:05:51AM -0600, Karl:
> Good morning,
>
> One of the sites where I run RANCID has Extreme switches and also has
> the ExtremeCloud IQ web-based management.? The management platform adds
> a user account called hivemanager, and it cycles (or at least
> re-encrypts) the password every so often.? A few of them every just
> about every day get a config revision from this with no other changes.?
> Is there something I can do to just leave the hivemanager line out of
> the config entirely?? Here's what it looks like.
>
> create account admin hivemanager encrypted
> "$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
>
> I'm running RANCID version 3.13.

Hey, please confirm that the attached patch works.

Attached Files:

Re: Ignore Extreme hivemanager account [ In reply to ]
kfrauendienst at mconsult
Jan 13, 2022, 12:15 PM
Post #3 of 5 (534 views)
Permalink
I think that did it.  I have this in the diff now from each one.

- create account admin hivemanager encrypted "$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+ # create account admin hivemanager <key removed>

Thanks,

Karl


On 1/8/2022 1:11 PM, heasley wrote:
> Wed, Jan 05, 2022 at 09:05:51AM -0600, Karl:
>> Good morning,
>>
>> One of the sites where I run RANCID has Extreme switches and also has
>> the ExtremeCloud IQ web-based management.  The management platform adds
>> a user account called hivemanager, and it cycles (or at least
>> re-encrypts) the password every so often.  A few of them every just
>> about every day get a config revision from this with no other changes.
>> Is there something I can do to just leave the hivemanager line out of
>> the config entirely?  Here's what it looks like.
>>
>> create account admin hivemanager encrypted
>> "$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
>>
>> I'm running RANCID version 3.13.
> Hey, please confirm that the attached patch works.
Re: Ignore Extreme hivemanager account [ In reply to ]
heas at shrubbery
Jan 14, 2022, 7:48 AM
Post #4 of 5 (534 views)
Permalink
Thu, Jan 13, 2022 at 02:15:34PM -0600, Karl:
> I think that did it.? I have this in the diff now from each one.
>
> - create account admin hivemanager encrypted "$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
> + # create account admin hivemanager <key removed>
>

Toll! Thanks for confirming. I've changed the $filter_osc comparison to
>=; so the filtering will be the default out of the box.

https://github.com/haussli/rancid/commit/d57204a2616684c076568d55d0e3b40d9bf178be

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net
https://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Ignore Extreme hivemanager account [ In reply to ]
jandrewartha at ccgs
Jan 18, 2022, 10:38 PM
Post #5 of 5 (532 views)
Permalink
Hi Karl,

On 14/1/22 04:15, Karl wrote:
> I think that did it.  I have this in the diff now from each one.
>
> - create account admin hivemanager encrypted "$x$xxxxxx$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
> + # create account admin hivemanager <key removed>

What version of EXOS are you running on the switches? I have some X435s
running 31.3 and they don't show the hivemanager account (but it does
exist since you can see it doing things in `show cli journal`).

Thanks,

--
James Andrewartha
Network & Projects Engineer
Christ Church Grammar School
Claremont, Western Australia
Ph. (08) 9442 1757
Mob. 0424 160 877

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net
https://www.shrubbery.net/mailman/listinfo/rancid-discuss

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal