Bug#849530: marked as done (Rancid: clogin fails on fortigate devices with read-only users)

Thu, 12 Jan 2017 05:46:04 -0800 

Your message dated Thu, 12 Jan 2017 14:38:17 +0100
with message-id <[email protected]>
and subject line Re: Bug#849530: Rancid: clogin fails on fortigate devices with 
read-only users
has caused the Debian Bug report #849530,
regarding Rancid: clogin fails on fortigate devices with read-only users
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
849530: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849530
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package:rancid
Version:2.3.8-6

Hi,

Clogin fails to connect to our fortigate devices (300D & 600D) using
read-only users, no issue using admin ones (except having to force an
specific cypher for newer fortigate firmware):

root@rancid[PRO]:~# /usr/bin/clogin_bk fortigate1

fortigate1

spawn ssh -c aes128-ctr -x -l rancid fortigate1

rancid@fortigate1's password:

fortigate1 $

Error: TIMEOUT reached

root@rancid[PRO]:~# /usr/bin/clogin fortigate1

fortigate1

spawn ssh -c aes128-ctr -x -l rancid fortigate1

rancid@fortigate1's password:

fortigate1 $

fortigate1 $

fortigate1 $

fortigate1 $ exit

Connection to fortigate1 closed.

root@rancid[PRO]:~# diff /usr/bin/clogin{,_bk}

788c788

<     set prompt "(\\$|>|#| \\(enable\\))"

---

>     set prompt "(>|#| \\(enable\\))"

root@tacacs[PRO]:~# grep fortigate1 /var/lib/rancid/sitea/router.db

fortigate1:fortigate:up

root@rancid[PRO]:~# grep fortigate1 /home/rancid/.cloginrc

add user                fortigate1   rancid

add password            fortigate1   foobar

add cyphertype  fortigate1  {aes128-ctr}

add noenable    fortigate1  1


Seems that '$' isn't a valid prompt, logins on fortigate devices with a
read-only user gives you that prompt instead of '#'.


Kind regards.


-- 

------------------------------
[image: Fon] <http://www.fon.com/>
Héctor Javier Sánchez Montes
<http://keyserver.ubuntu.com/pks/lookup?op=vindex&fingerprint=on&search=0xC17CA721B12C6541>
Network Specialist
+34 912 91 76 83
Skype: hector.sanchez.fon
All information in this email is confidential
<https://fon.com/email-disclaimer/>

--- End Message ---
--- Begin Message --- 
Hi Héctor!

On Thu, 12 Jan 2017, Héctor Sánchez wrote:

> Indeed, there wasn't a issue at all, thank you very much,.

Thanks for the feedback, so I close the bug report now.

Tschoeeee

        Roland

--- End Message ---

Reply via email to