0

I have a 3560 switch that I have configured to accept SSH logins, and this works fine. However I cannot get Rancid to complete the login process to any of my switches using SSH. I get a timeout error after a minute or so. Telnet logins work fine with the same username and password.

Here is my rancid setup in .cloginrc:

add user * {myuser}
add password * {strongAccessPassword}  {strongEnablePassword}
add method * ssh telnet

Then, when I run bin/clogin 10.10.1.10 I get:

# bin/clogin 10.10.1.10
10.10.1.10
spawn ssh -c 3des -x -l myuser 10.10.1.10

###############################################
Please authenticate.
###############################################

Password: 
Error: TIMEOUT reached

Again, when I do this using telnet as my preferred mothod in .cloginrc, it works without issue.

peelman
  • 801
  • 1
  • 5
  • 11
Lars
  • 135
  • 1
  • 3
  • 8
  • By the way, someone should feel free to add the "rancid" tag, I couln't add it myself since I'm a newb. – Lars Aug 10 '12 at 13:52
  • It looks like rancid failing at parsing the switch' answer. Does rancid works if you choose telnet? What is the output of manually connecting to the switch? Does it prompt for a username? – petrus Aug 10 '12 at 15:07
  • Yes, the test works without issue using telnet. Also, the command: ssh -c 3des -x -l myuser 10.10.1.10 works if I run it manually. – Lars Aug 13 '12 at 09:29

2 Answers2

2

I've seen this when the SSH server's responses confuse RANCID's clogin script in some way - it doesn't realize that it's time to send the password.

Try dropping the custom Please authenticate banner.

Shane Madden
  • 112,982
  • 12
  • 174
  • 248
1

I reply as new answer because I can't comment up there.

Well after two days working on that issue I see the problem is using # character for banner. If you switch to ., it works. This is because the hash character # is used as root, so RANCID believes is already logged on (No password to access)

Sharing knowledge :)

Alex Deiwor
  • 13
  • 2