[c-nsp] Rancid use without level 15 access?
Nick Hilliard
nick at foobar.org
Fri Jul 6 11:47:16 EDT 2012
On 06/07/2012 15:50, Steven Raymond wrote:
> Is it possible to make use RANCID for Cisco config archiving without
> having to grant it full level 15 access? So far we've found "no", but
> wondered if anyone has a trick or two?
You can use tacacs+ authorization, and create a big long list of commands
that rancid expects to be able to use. I've personally found this more
trouble than it's worth, because the command list changes from IOS device
to device and from one rancid version to another. And it's a pain in the
ass to debug when stuff goes wrong because rancid doesn't detect this and
gripe - it fails silently.
Nick
More information about the cisco-nsp
mailing list