[c-nsp] Creating a read-only user for RANCID
James Bensley
jwbensley at gmail.com
Fri Feb 17 07:47:27 EST 2012
Hello everyone,
I am trying to make a read only user on a device for rancid to login
in with. The problem is that when I telnet in as the rancid user, and
authenticate, I am dropped strait into priviledge exec mode which has
a different prompt ('#'- hash, instead of '>' - greater than), which
throws off the rancid expect script and it justs hangs.
I have made a custom privilege level for the rancid user but this is
the part that seems to be the problem. When logging in with my normal
user, which has the default priviledge level of 15, it doesn't have
this problem (I drop into user exec mode, and have to type
enable...etc). Is there perhaps another way around this?
How can I stop the switch from automatically entering privilidge exec mode?
show ver;
Cisco IOS Software, C2960 Software (C2960-LANBASE-M)
System image file is
"flash:c2960-lanbase-mz.122-25.SEE3/c2960-lanbase-mz.122-25.SEE3.bin"
System image file is
"flash:c2960-lanbase-mz.122-25.SEE3/c2960-lanbase-mz.122-25.SEE3.bin"
_
show run;
username rancid privilege 3 secret 5 aaaaaaaaaa
aaa new-model
aaa authentication login default local enable
aaa authentication enable default enable
aaa authorization exec default local
!
aaa session-id common
!
privilege exec level 3 show config
_
$ telnet sw1
Trying 11.22.33.44...
Connected to sw1
Escape character is '^]'.
User Access Verification
Username: rancid
Password:
sw1#
Many thanks,
James.
More information about the cisco-nsp
mailing list