Mailing List Archive: ssh with authorized

ssh with authorized_keys

May 12, 2004, 1:47 PM

Post #1 of 5 (1272 views)

I'm trying to use rancid for quagga as well. Quagga either supports
access via telnet on port 260x or via vtysh/ssh.

To use rancid with telnet on port 260x works quite well, but I run into
problems when I want to use it with vtysh/ssh. Obviously rancid also
expects to login via username/password. When using ssh & ssh-agent I no
longer need an username/password. I fiddled around with different
settings but can not convince rancid to not echo the username. It always
looks like

Hello, this is quagga (version 0.96.4).
Copyright 1996-2002 Kunihiro Ishiguro.

rs1> quagga
% Unknown command.
rs1>

Any ideas how to configure this?

Arnold

ssh with authorized_keys [ In reply to ]

asp at partan

May 12, 2004, 1:55 PM

Post #2 of 5 (1255 views)

Permalink

On Wed, May 12, 2004 at 11:47:31PM +0200, Arnold Nipper wrote:
> To use rancid with telnet on port 260x works quite well, but I run into
> problems when I want to use it with vtysh/ssh. Obviously rancid also
> expects to login via username/password. When using ssh & ssh-agent I no
> longer need an username/password. I fiddled around with different
> settings but can not convince rancid to not echo the username. It always
> looks like

jlogin does not insist on sending the username. Have you tried jlogin?
Or just clogin?
--asp

ssh with authorized_keys [ In reply to ]

arnold at nipper

May 12, 2004, 2:08 PM

Post #3 of 5 (1257 views)

Permalink

On 12.05.2004 23:55 Andrew Partan wrote:

> On Wed, May 12, 2004 at 11:47:31PM +0200, Arnold Nipper wrote:
>
>>To use rancid with telnet on port 260x works quite well, but I run into
>>problems when I want to use it with vtysh/ssh. Obviously rancid also
>>expects to login via username/password. When using ssh & ssh-agent I no
>>longer need an username/password. I fiddled around with different
>>settings but can not convince rancid to not echo the username. It always
>>looks like
>
>
> jlogin does not insist on sending the username. Have you tried jlogin?
> Or just clogin?

clogin at least accepts "" as password. It looks like jlogin doesn't :-(
Also quagga is (almost) like cisco. And yes I'm using clogin only.
That's what I meant when I said I use rancid.

Arnold

ssh with authorized_keys [ In reply to ]

asp at partan

May 12, 2004, 2:15 PM

Post #4 of 5 (1268 views)

Permalink

On Thu, May 13, 2004 at 12:08:49AM +0200, Arnold Nipper wrote:
> > jlogin does not insist on sending the username. Have you tried jlogin?
> > Or just clogin?
>
> clogin at least accepts "" as password. It looks like jlogin doesn't :-(

I have a dummy password specified for jlogin; it doesn't use it.
add user jr0 {aspcli}
add userpassword jr0 {x}
add method jr0 ssh

> Also quagga is (almost) like cisco. And yes I'm using clogin only.
> That's what I meant when I said I use rancid.

rancid is the package plus one of the programs in the package; its
kinda confusing.

You might look at jlogin to see if that works to at least log into
the quagga box. If that works, then look to see what jlogin does
that skips the username stuff and see if there is a patch that can
be make to clogin to add that ability to clogin.
--asp

ssh with authorized_keys [ In reply to ]

arnold at nipper

May 12, 2004, 2:24 PM

Post #5 of 5 (1254 views)

Permalink

Andrew,

On 13.05.2004 00:15 Andrew Partan wrote:

> You might look at jlogin to see if that works to at least log into
> the quagga box. If that works, then look to see what jlogin does
> that skips the username stuff and see if there is a patch that can
> be make to clogin to add that ability to clogin.

I'm able to login via jlogin skipping the username. I will look into
jlogin tomorrow (it's already 0:30 over here).

Thanks for the hints,
Arnold