[c-nsp] tacplus and rancid combined

Affan Basalamah affanzbasalamah at gmail.com
Sat Apr 29 08:46:54 EDT 2006


Hi all,

Currently I am stuck into a problem in running tacplus and rancid.

I installed tacplus, configured the username and password at tacplus
server, and configuring authentication, authorization and accounting
at router, and currently it works just fine. Only registered user at
tacplus server that can access the router. I follow the directions
from Cisco Press book 'Cisco Router & Firewall Security'

The problem comes when I want to archive all the configuration using
RANCID. Since I use tacplus username and password, I setup one
username and password for RANCID, and set it to only do 'show'
command. I set the username and password for router in .cloginrc, but
after thorough search on rancid manuals, I didn't find any command
that allows me to put username, user password and enable password in
.cloginrc just like when I use command 'add password <router> <passwd>
<enable passwd>.

This is the snippet of my .cloginrc :

add user 10.10.10.1           ranciduser
add password 10.10.10.1       {rancidpassword}
add autoenable                  1

This is the snippet of my tacplus.conf :

user = ranciduser {
    member = automated
    login = cleartext rancidpassword
}

user = $enab15$ {
    login = cleartext enablepassword
}

I am confused that I don't know where will I put the enable password
at my .cloginrc. With this config, rancid tells that it cannot access
my router. Anyone had a clue about this ? Please help.

Regards,

-affan



More information about the cisco-nsp mailing list