Cisco Works, SNMP, MIBs.
junajunction
New Member
Posts:
4
Joined:
Sun Sep 02, 2012 9:10 am
Certs:
CCNP

Rancid password file security

Sun Sep 02, 2012 2:56 pm

Hi Guys, I don't know if this is the right discussion. But i have rancid installed and working. but i am a little concerned about the .clogin.rc file as it stores all the password and usernames for the devices, wouldn't this be a security problem. is there any way to enter the encrypted passwords or lock file itself from opening for others or any security option to avoid this.

i am new in discussions. i wud appreciate some help.

Otanx
Post Whore
Posts:
1197
Joined:
Wed Sep 01, 2010 3:37 pm
Certs:
CCNP, CEH

Re: Rancid password file security

Sun Sep 02, 2012 4:12 pm

You can set the file permissions to only be read by the rancid user. Also if you are using tacacs for logins you can limit that user to only have access to run certian commands, login only x number of devices at a time, and only during specific hours, and also limit the logins from certian IP addresses. How to do all that would depend on what specific tacacs server you are using, and should be easily found out on the support page for the server.

-Otanx
Stay networked, my friends.

junajunction
New Member
Posts:
4
Joined:
Sun Sep 02, 2012 9:10 am
Certs:
CCNP

Re: Rancid password file security

Mon Sep 03, 2012 2:08 am

Thank You Otanx for that. so i believe there is no way to keep the passwords hidden in the .cloginrc file itself.

Thanks again for Helping :)

'

Return to Cisco Network Management

Who is online

Users browsing this forum: Yahoo [Bot] and 6 guests