Rancid

Voraussetzungen

• login mit ssh und key auf den switch
• braucht ein “enable” command ohne passwort, um in den enable mode zu gelangen

.cloginrc

add user        * backupuser
add password    * es-ist-egal-was-hier-steht
add method      * ssh
add identity    * /var/rancid/.ssh/id_ed25519
add autoenable  * 0

Update clogin File

/usr/local/bin/clogin

    # Figure out passwords
    if { $do_passwd || $do_enapasswd } {
      set pswd [find password $router]
      if { [llength $pswd] == 0 } {
  send_user -- "\nError: no password for $router in $password_file.\n"
  continue
      }
      if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {  -> switch 2 to 1 und gut ist :)
  send_user -- "\nError: no enable password for $router in $password_file.\n"
  continue
      }
      set passwd [join [lindex $pswd 0] ""]
      set enapasswd [join [lindex $pswd 1] ""]
    } else {
  set passwd $userpasswd
  set enapasswd $enapasswd
    }

Add Crontab

# run config differ hourly
1 1 * * * /usr/local/bin/rancid-run

# clean out config differ logs
50 23 * * * /usr/bin/find /var/rancid/logs -type f -mtime +2 -exec rm {} \;

sha256: 622eb96a6f276b179c3681169fddd094a57ff0c74380c49476cac382a98418cc