date:20180305

Re: [rancid] Brocade VDX

2018-03-05 Thread Ross [Eve IT]

I also use brcdvcs and it works fine.
Debian Jessie

2 stacks of 6740s.

Ross.



On Sat, Feb 24, 2018 at 5:14 AM, heasley  wrote:

> Thu, Feb 22, 2018 at 09:44:47PM -0500, Doug Hughes:
> > I have VDX switches working.
> >
> > I use brcdvcs type
> >
> > 2 6940 and 2 6740 in a stack
> >
> > rancid.types.conf:
> >
> > # Brocade VCS 10g/40g
> > brcdvcs;script;rancid -t brcdvcs
> > brcdvcs;login;a10login
> > brcdvcs;module;brocade
> > brcdvcs;inloop;brocade::inloop
> > brcdvcs;command;brocade::ShowVersion;show version all-partitions
> > brcdvcs;command;brocade::ShowLicense;show license
> > brcdvcs;command;brocade::ShowRasLicense;show logging raslog rbridge-id
> 11
> > brcdvcs;command;brocade::ShowRasLicense;show logging raslog rbridge-id
> 12
> > brcdvcs;command;brocade::ShowVcs;show vcs detail
> > brcdvcs;command;brocade::ShowVlan;show vlan brief
> > brcdvcs;command;brocade::ShowSnapshots;show config snapshot rbridge-id 1
> > brcdvcs;command;brocade::ShowFabric;show virtual-fabric status
> > brcdvcs;command;brocade::ShowFabric;show fabric all
> > brcdvcs;command;brocade::ShowSupport;show support
> > brcdvcs;command;brocade::ShowMonitor;show system monitor
> > brcdvcs;command;brocade::ShowConfig;show running-config
>
> It'd be great if others who use this would confirm that it works properly
> and reliably.
>
> > (you'll want to change your rbridge-ids appropriately)
> >
> >
> >
> > On 2/22/2018 9:34 PM, heasley wrote:
> > > Tue, Feb 06, 2018 at 08:14:35PM +, Andrew Meyer:
> > >> I have 4 Brocade VDX 6740 switches that I am trying to add to
> RANCiD.  Has anyone gotten these to work?  I'm trying to write
> documentation so I can repeat this in the future.
> > >>
> > >> This is what I have found so far.  But I'm running this on FreeBSD
> 11.1.  I'm ok if I need to patch it.  Just loooking for the right way to
> add this to the system or patch it.
> > >>
> > >>
> > >>
> > >> http://www.shrubbery.net/pipermail/rancid-discuss/2017-
> April/009534.html
> > >>
> > >> https://community.brocade.com/t5/Ethernet-Fabric-VDX-CNA/
> Automatic-backup-for-brocade-VDX-Switches/td-p/84924
> > >> https://webclient.obs.j0ke.net/package/view_file/server:
> monitoring/rancid-stable/rancid.types.conf
> > >>
> > >> https://www.forwardingplane.net/2012/11/vdxrancid-contrib-scripts/
> > >>
> > >> http://www.dmcservicescorp.com/?p=2064
> > > you havent told us what version of rancid.  are you trying to add some
> > > other script because type foundry doesnt work for the device?  this
> > > page is accurate and/or see section 4 of the rancid FAQ
> > >
> > >> https://tobru.ch/backup-brocade-router-config-with-rancid/
> > >>
> > >> ___
> > >> Rancid-discuss mailing list
> > >> Rancid-discuss@shrubbery.net
> > >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> > > ___
> > > Rancid-discuss mailing list
> > > Rancid-discuss@shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> >
> > --
> > Doug Hughes
> > Keystone NAP
> > Fairless Hills, PA
> > 1.844.KEYBLOCK (539.2562)
> >
>
> > ___
> > Rancid-discuss mailing list
> > Rancid-discuss@shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
> ___
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread james machado

That's what i get for replying too soon.  It looks like your getting hit
with the "last login" item that came up on the list in January.
http://www.shrubbery.net/pipermail/rancid-discuss/2018-January/010020.html

James

On Mon, Mar 5, 2018 at 12:09 PM, Piegorsch, Weylin William 
wrote:

> Thanks James.  Except, I can get the login prompt fine, which means the
> SSH cyphersuite negotiated well enough; and, I have no problems with any of
> my other ASAs running various code versions between 8.3 and 9.7.  See also
> below.
>
> Weylin
>
>
>
> [rancid@rancid-server ~]$ egrep -B 7 "^add cypher" .cloginrc
>
>
>
> #
>
> # cryptographic cypher support for Nexus 9000 running 7.0(3)I2(1) and later
>
> # http://www.cisco.com/c/en/us/support/docs/switches/nexus-
> 9000-series-switches/200663-Unable-to-SSH-into-Nexus-9K-fatal.html
>
> # This also works fine for all other campus devices
>
> # 22 Sep 2015
>
> #
>
> add cyphertype * {aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,
> aes192-cbc,aes256-cbc}
>
> [rancid@rancid-server ~]
>
>
>
>
>
> *From: *james machado 
> *Date: *Monday, March 5, 2018 at 12:18 PM
> *To: *Weylin Piegorsch 
> *Cc: *"rancid-discuss@shrubbery.net" 
> *Subject: *Re: [rancid] New Cisco ASA Login Failure
>
>
>
> This is due to changes in the supported encryption methods in the updated
> IOS's and ASA softwares.  in your .cloginrc you will want to add a line:
>
>
>
> add cyphertype  {encryption method}
>
>
>
> you can find an encryption method your systems are happy with by doing the
> following:
>
>
>
> ssh -vv 
>
> [...]
>
> debug2: mac_setup: found hmac-sha1
>
> debug1: kex: server->client aes128-ctr hmac-sha1 none
>
> debug2: mac_setup: found hmac-sha1
>
> debug1: kex: client->server aes128ctr hmac-sha1 none
>
> [...]
>
>
>
> with my ASA's i use {aes256-ctr}.
>
>
>
> james
>
>
>
>
>
> On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William 
> wrote:
>
> Hello,
>
>
>
> I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20
> version), that rancid’s not logging into properly.  Clogincrc is set to
> method {telnet ssh} because there’s a plethora of really really old devices
> that hang when I try the other way around (and we haven’t been funded to
> refresh them nor authorized to remove them).
>
>
>
> Here’s what rancid shows:
>
>
>
> [rancid@nsgv-prod-59 ~]$ rancid -V
>
> rancid 3.4.1
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$ clogin xx
>
> xx
>
> spawn telnet xx
>
> Trying yyy...
>
> telnet: connect to address yyy: Connection refused
>
> spawn ssh -2 -c 
> aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
> -x -l rancid xx
>
>
>
> ++
>
> | BOSTON UNIVERSITY  |
>
> ++
>
> | !!   WARNING   !!  |
>
> |   AUTHORIZED ACCESS ONLY!  |
>
> | Access to this system is permitted |
>
> | for authorized  persons only.  All |
>
> | connectionsarelogged   and |
>
> | monitored.By   accessing  this |
>
> | system,  you  acknowledge that use |
>
> | of  this and  any other technology |
>
> | at Boston University is subject to |
>
> | the terms of the Boston University |
>
> | Conditions  of  Use and  Policy on |
>
> | Computing  Ethics;   please   see: |
>
> | http://www.bu.edu/computing/ethics |
>
> | for details.   |
>
> ++
>
>
>
> rancid@xx 's password:
>
> User rancid logged in to xx
>
> Logins over the last 2 days: 12.  Last login: 08:39:20 EST Mar 5 2018
> from zzz
>
> Failed logins since the last login: 0.
>
> Type help or '?' for a list of available commands.
>
> xx/pri/act> rancid
>
>^
>
> ERROR: % Invalid input detected at '^' marker.
>
> xx/pri/act> en
>
> Error: Unrecognized command, check your enable command
>
> able
>
> Password:
>
> Password:
>
>
>
>
> ___
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
>
>
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread doug . hughes

I use add cyphertype  aes256-cbc for all of our ASA-5*-X models, and it 
works.


Sent from my android device.

-Original Message-
From: james machado 
To: "Piegorsch, Weylin William" 
Cc: "rancid-discuss@shrubbery.net" 
Sent: Mon, 05 Mar 2018 18:31
Subject: Re: [rancid] New Cisco ASA Login Failure

This is due to changes in the supported encryption methods in the updated
IOS's and ASA softwares.  in your .cloginrc you will want to add a line:

add cyphertype  {encryption method}

you can find an encryption method your systems are happy with by doing the
following:

ssh -vv 
[...]
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128ctr hmac-sha1 none
[...]

with my ASA's i use {aes256-ctr}.

james


On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William 
wrote:

> Hello,
>
>
>
> I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20
> version), that rancid’s not logging into properly.  Clogincrc is set to
> method {telnet ssh} because there’s a plethora of really really old devices
> that hang when I try the other way around (and we haven’t been funded to
> refresh them nor authorized to remove them).
>
>
>
> Here’s what rancid shows:
>
>
>
> [rancid@nsgv-prod-59 ~]$ rancid -V
>
> rancid 3.4.1
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$ clogin xx
>
> xx
>
> spawn telnet xx
>
> Trying yyy...
>
> telnet: connect to address yyy: Connection refused
>
> spawn ssh -2 -c 
> aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
> -x -l rancid xx
>
>
>
> ++
>
> | BOSTON UNIVERSITY  |
>
> ++
>
> | !!   WARNING   !!  |
>
> |   AUTHORIZED ACCESS ONLY!  |
>
> | Access to this system is permitted |
>
> | for authorized  persons only.  All |
>
> | connectionsarelogged   and |
>
> | monitored.By   accessing  this |
>
> | system,  you  acknowledge that use |
>
> | of  this and  any other technology |
>
> | at Boston University is subject to |
>
> | the terms of the Boston University |
>
> | Conditions  of  Use and  Policy on |
>
> | Computing  Ethics;   please   see: |
>
> | http://www.bu.edu/computing/ethics |
>
> | for details.   |
>
> ++
>
>
>
> rancid@xx 's password:
>
> User rancid logged in to xx
>
> Logins over the last 2 days: 12.  Last login: 08:39:20 EST Mar 5 2018
> from zzz
>
> Failed logins since the last login: 0.
>
> Type help or '?' for a list of available commands.
>
> xx/pri/act> rancid
>
>^
>
> ERROR: % Invalid input detected at '^' marker.
>
> xx/pri/act> en
>
> Error: Unrecognized command, check your enable command
>
> able
>
> Password:
>
> Password:
>
>
>
> ___
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread james machado

This is due to changes in the supported encryption methods in the updated
IOS's and ASA softwares.  in your .cloginrc you will want to add a line:

add cyphertype  {encryption method}

you can find an encryption method your systems are happy with by doing the
following:

ssh -vv 
[...]
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128ctr hmac-sha1 none
[...]

with my ASA's i use {aes256-ctr}.

james


On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William 
wrote:

> Hello,
>
>
>
> I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20
> version), that rancid’s not logging into properly.  Clogincrc is set to
> method {telnet ssh} because there’s a plethora of really really old devices
> that hang when I try the other way around (and we haven’t been funded to
> refresh them nor authorized to remove them).
>
>
>
> Here’s what rancid shows:
>
>
>
> [rancid@nsgv-prod-59 ~]$ rancid -V
>
> rancid 3.4.1
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$
>
> [rancid@nsgv-prod-59 ~]$ clogin xx
>
> xx
>
> spawn telnet xx
>
> Trying yyy...
>
> telnet: connect to address yyy: Connection refused
>
> spawn ssh -2 -c 
> aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
> -x -l rancid xx
>
>
>
> ++
>
> | BOSTON UNIVERSITY  |
>
> ++
>
> | !!   WARNING   !!  |
>
> |   AUTHORIZED ACCESS ONLY!  |
>
> | Access to this system is permitted |
>
> | for authorized  persons only.  All |
>
> | connectionsarelogged   and |
>
> | monitored.By   accessing  this |
>
> | system,  you  acknowledge that use |
>
> | of  this and  any other technology |
>
> | at Boston University is subject to |
>
> | the terms of the Boston University |
>
> | Conditions  of  Use and  Policy on |
>
> | Computing  Ethics;   please   see: |
>
> | http://www.bu.edu/computing/ethics |
>
> | for details.   |
>
> ++
>
>
>
> rancid@xx 's password:
>
> User rancid logged in to xx
>
> Logins over the last 2 days: 12.  Last login: 08:39:20 EST Mar 5 2018
> from zzz
>
> Failed logins since the last login: 0.
>
> Type help or '?' for a list of available commands.
>
> xx/pri/act> rancid
>
>^
>
> ERROR: % Invalid input detected at '^' marker.
>
> xx/pri/act> en
>
> Error: Unrecognized command, check your enable command
>
> able
>
> Password:
>
> Password:
>
>
>
> ___
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread Piegorsch, Weylin William

An interesting idea, hadn’t thought of that.  Unfortunately I’m not able to 
noenable that device; security policy doesn’t allow direct login to superuser 
(for those devices that have that ability... eg NX-OS defaults).  Here’s my 
entire .cloginrc, except that I’ve removed lines for individual devices, and 
obfuscated usernames/passwords; I have no group-specific .cloginrc files..
Weylin

#
# cryptographic cypher support for Nexus 9000 running 7.0(3)I2(1) and later
# 
http://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/200663-Unable-to-SSH-into-Nexus-9K-fatal.html
# This also works fine for all other campus devices
#
add cyphertype * 
{aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc}
add sshcmd * {ssh\ -2}

# Defaults
add user * {xxx}
add password * {xxx} {xxx}
add method * {telnet} {ssh}


From: Bob Brunette 
Date: Monday, March 5, 2018 at 3:21 PM
To: Weylin Piegorsch , james machado 
Cc: "rancid-discuss@shrubbery.net" 
Subject: Re: [rancid] New Cisco ASA Login Failure

William,
Your easiest solution might be to turn on auto-enable on your new ASA with this:
aaa authorization exec authentication-server auto-enable

That doesn't get to the root cause of the problem, but it avoids having to 
enter the "enable" command and password.  Can you share your .cloginrc file 
lines for this device?  The problem may be there.

Bob Brunette

From: Rancid-discuss  on behalf of 
"Piegorsch, Weylin William" 
Date: Monday, March 5, 2018 at 2:09 PM
To: james machado 
Cc: "rancid-discuss@shrubbery.net" 
Subject: Re: [rancid] New Cisco ASA Login Failure

Thanks James.  Except, I can get the login prompt fine, which means the SSH 
cyphersuite negotiated well enough; and, I have no problems with any of my 
other ASAs running various code versions between 8.3 and 9.7.  See also below.
Weylin


[rancid@rancid-server ~]$ egrep -B 7 "^add cypher" .cloginrc



#

# cryptographic cypher support for Nexus 9000 running 7.0(3)I2(1) and later

# 
http://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/200663-Unable-to-SSH-into-Nexus-9K-fatal.html

# This also works fine for all other campus devices

# 22 Sep 2015

#

add cyphertype * 
{aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc}

[rancid@rancid-server ~]


From: james machado 
Date: Monday, March 5, 2018 at 12:18 PM
To: Weylin Piegorsch 
Cc: "rancid-discuss@shrubbery.net" 
Subject: Re: [rancid] New Cisco ASA Login Failure

This is due to changes in the supported encryption methods in the updated IOS's 
and ASA softwares.  in your .cloginrc you will want to add a line:

add cyphertype  {encryption method}

you can find an encryption method your systems are happy with by doing the 
following:

ssh -vv 
[...]
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128ctr hmac-sha1 none
[...]

with my ASA's i use {aes256-ctr}.

james


On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William 
> wrote:
Hello,

I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 version), 
that rancid’s not logging into properly.  Clogincrc is set to method {telnet 
ssh} because there’s a plethora of really really old devices that hang when I 
try the other way around (and we haven’t been funded to refresh them nor 
authorized to remove them).

Here’s what rancid shows:



[rancid@nsgv-prod-59 ~]$ rancid -V

rancid 3.4.1

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$ clogin xx

xx

spawn telnet xx

Trying yyy...

telnet: connect to address yyy: Connection refused

spawn ssh -2 -c 
aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc -x 
-l rancid xx



++

| BOSTON UNIVERSITY  |

++

| !!   WARNING   !!  |

|   AUTHORIZED ACCESS ONLY!  |

| Access to this system is permitted |

| for authorized  persons only.  All |

| connectionsarelogged   and |

| monitored.By   accessing  this |

| system,  you  acknowledge that use |

| of  this and  any other technology |

| at Boston University is subject to |

| the terms of the Boston University |

| Conditions  of  Use and  Policy on |

| Computing  Ethics;   please   see: |

|

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread Bob Brunette

William,
Your easiest solution might be to turn on auto-enable on your new ASA with this:
aaa authorization exec authentication-server auto-enable

That doesn't get to the root cause of the problem, but it avoids having to 
enter the "enable" command and password.  Can you share your .cloginrc file 
lines for this device?  The problem may be there.

Bob Brunette

From: Rancid-discuss  on behalf of 
"Piegorsch, Weylin William" 
Date: Monday, March 5, 2018 at 2:09 PM
To: james machado 
Cc: "rancid-discuss@shrubbery.net" 
Subject: Re: [rancid] New Cisco ASA Login Failure

Thanks James.  Except, I can get the login prompt fine, which means the SSH 
cyphersuite negotiated well enough; and, I have no problems with any of my 
other ASAs running various code versions between 8.3 and 9.7.  See also below.
Weylin


[rancid@rancid-server ~]$ egrep -B 7 "^add cypher" .cloginrc



#

# cryptographic cypher support for Nexus 9000 running 7.0(3)I2(1) and later

# 
http://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/200663-Unable-to-SSH-into-Nexus-9K-fatal.html

# This also works fine for all other campus devices

# 22 Sep 2015

#

add cyphertype * 
{aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc}

[rancid@rancid-server ~]


From: james machado 
Date: Monday, March 5, 2018 at 12:18 PM
To: Weylin Piegorsch 
Cc: "rancid-discuss@shrubbery.net" 
Subject: Re: [rancid] New Cisco ASA Login Failure

This is due to changes in the supported encryption methods in the updated IOS's 
and ASA softwares.  in your .cloginrc you will want to add a line:

add cyphertype  {encryption method}

you can find an encryption method your systems are happy with by doing the 
following:

ssh -vv 
[...]
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128ctr hmac-sha1 none
[...]

with my ASA's i use {aes256-ctr}.

james


On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William 
> wrote:
Hello,

I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 version), 
that rancid’s not logging into properly.  Clogincrc is set to method {telnet 
ssh} because there’s a plethora of really really old devices that hang when I 
try the other way around (and we haven’t been funded to refresh them nor 
authorized to remove them).

Here’s what rancid shows:



[rancid@nsgv-prod-59 ~]$ rancid -V

rancid 3.4.1

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$ clogin xx

xx

spawn telnet xx

Trying yyy...

telnet: connect to address yyy: Connection refused

spawn ssh -2 -c 
aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc -x 
-l rancid xx



++

| BOSTON UNIVERSITY  |

++

| !!   WARNING   !!  |

|   AUTHORIZED ACCESS ONLY!  |

| Access to this system is permitted |

| for authorized  persons only.  All |

| connectionsarelogged   and |

| monitored.By   accessing  this |

| system,  you  acknowledge that use |

| of  this and  any other technology |

| at Boston University is subject to |

| the terms of the Boston University |

| Conditions  of  Use and  Policy on |

| Computing  Ethics;   please   see: |

| 
http://www.bu.edu/computing/ethics
 |

| for details.   |

++



rancid@xx 's password:

User rancid logged in to xx

Logins over the last 2 days: 12.  Last login: 08:39:20 EST Mar 5 2018 from 
zzz

Failed logins since the last login: 0.

Type help or '?' for a list of available commands.

xx/pri/act> rancid

   ^

ERROR: % Invalid input detected at '^' marker.

xx/pri/act> en

Error: Unrecognized command, check your enable command

able

Password:

Password:


___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

___
Rancid-discuss mailing list

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread Piegorsch, Weylin William

Got it; thanks Heasley.  I'll poke around on it.
weylin

On 3/5/18, 12:41 PM, "heasley"  wrote:

Mon, Mar 05, 2018 at 02:48:56PM +, Piegorsch, Weylin William:
> Hello,
> 
> I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 
version), that rancid’s not logging into properly.  Clogincrc is set to method 
{telnet ssh} because there’s a plethora of really really old devices that hang 
when I try the other way around (and we haven’t been funded to refresh them nor 
authorized to remove them).
> 

A fix for this will be in the next version.  you can grab clogin from
http://rancid.shrubbery.net/rancid/svn/rancid/trunk/rancid/ or the alpha
from ftp://ftp.shrubbery.net/pub/rancid/alpha/


___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] New Cisco ASA Login Failure

2018-03-05 Thread heasley

Mon, Mar 05, 2018 at 02:48:56PM +, Piegorsch, Weylin William:
> Hello,
> 
> I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 version), 
> that rancid’s not logging into properly.  Clogincrc is set to method {telnet 
> ssh} because there’s a plethora of really really old devices that hang when I 
> try the other way around (and we haven’t been funded to refresh them nor 
> authorized to remove them).
> 

A fix for this will be in the next version.  you can grab clogin from
http://rancid.shrubbery.net/rancid/svn/rancid/trunk/rancid/ or the alpha
from ftp://ftp.shrubbery.net/pub/rancid/alpha/

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

[rancid] New Cisco ASA Login Failure

2018-03-05 Thread Piegorsch, Weylin William

Hello,

I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 version), 
that rancid’s not logging into properly.  Clogincrc is set to method {telnet 
ssh} because there’s a plethora of really really old devices that hang when I 
try the other way around (and we haven’t been funded to refresh them nor 
authorized to remove them).

Here’s what rancid shows:



[rancid@nsgv-prod-59 ~]$ rancid -V

rancid 3.4.1

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$

[rancid@nsgv-prod-59 ~]$ clogin xx

xx

spawn telnet xx

Trying yyy...

telnet: connect to address yyy: Connection refused

spawn ssh -2 -c 
aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc -x 
-l rancid xx



++

| BOSTON UNIVERSITY  |

++

| !!   WARNING   !!  |

|   AUTHORIZED ACCESS ONLY!  |

| Access to this system is permitted |

| for authorized  persons only.  All |

| connectionsarelogged   and |

| monitored.By   accessing  this |

| system,  you  acknowledge that use |

| of  this and  any other technology |

| at Boston University is subject to |

| the terms of the Boston University |

| Conditions  of  Use and  Policy on |

| Computing  Ethics;   please   see: |

| http://www.bu.edu/computing/ethics |

| for details.   |

++



rancid@xx 's password:

User rancid logged in to xx

Logins over the last 2 days: 12.  Last login: 08:39:20 EST Mar 5 2018 from 
zzz

Failed logins since the last login: 0.

Type help or '?' for a list of available commands.

xx/pri/act> rancid

   ^

ERROR: % Invalid input detected at '^' marker.

xx/pri/act> en

Error: Unrecognized command, check your enable command

able

Password:

Password:

___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Re: [rancid] Brocade VDX

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

Re: [rancid] New Cisco ASA Login Failure

[rancid] New Cisco ASA Login Failure

9 matches

Site Navigation

Mail list logo

Footer information