RANCID
(rancid) |
(enable on login) |
||
| Line 7: | Line 7: | ||
username rancid privilege 5 password ..... | username rancid privilege 5 password ..... | ||
| + | |||
| + | RANCID is configured to expect an enable prompt on login. Foundry switches need to be setup for this: | ||
| + | aaa authentication login default local enable | ||
| + | aaa authentication login privilege-mode | ||
However, RANCID disables output paging before executing commands, with <tt>skip-page-display</tt>. However this command is not available in privilege level 5 by default. Fix that: | However, RANCID disables output paging before executing commands, with <tt>skip-page-display</tt>. However this command is not available in privilege level 5 by default. Fix that: | ||
Revision as of 07:19, 20 May 2008
RANCID is a tool that can monitor configuration changes on network devices, and mail the diffs periodically. It's installed on will from the (rather alpha-quality) Debian/Ubuntu packages.
Equipment notes
Foundry
For security reasons, rancid is given a specific user account rancid with read-only privileges, but (most) EXEC level commands work:
username rancid privilege 5 password .....
RANCID is configured to expect an enable prompt on login. Foundry switches need to be setup for this:
aaa authentication login default local enable aaa authentication login privilege-mode
However, RANCID disables output paging before executing commands, with skip-page-display. However this command is not available in privilege level 5 by default. Fix that:
privilege exec level 5 skip-page-display
Also not available is the command write terminal. Unfortunately it's not possible to allow this command without also allowing "write memory". Therefore francid can be altered to use show run instead.
