nanog mailing list archives
Re: Looking Glass Code
From: Ariel Biener <ariel () fireball tau ac il>
Date: Tue, 13 Mar 2001 03:14:36 +0200 (IST)
On Mon, 12 Mar 2001, Don Simpson wrote: I have posted a list of such resources a while back (you can either look it up in the archives, or I'll send it to you in private). About your concerns, I don't think automated telnet/ssh access (using some script, which means you'll be storing the password for access somewhere on the disk, either as a different file, or as a part of the code) is more secure than rsh to a router with privilege level 1 (you can create a user, and using the aaa new-model authentication model, you can create a privilege level for that user, specifying exactly what commands that user is allowed to use) for example. --Ariel
I have been thinking about putting together a looking glass site on my network and have looked at Ed Kern's (DIGEX) html and perl script but do not want to enable rsh (anywhere) and do not want to reinvent the wheel if not necessary. Has anyone seenan updated script written to use other access means like telnet or ssh to exchange CLI/commands and results with an IOS router? ---------------------------------------------- Don Simpson ----------------------------------------------
-- Ariel Biener e-mail: ariel () post tau ac il PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html
Current thread:
- Looking Glass Code Don Simpson (Mar 12)
- Re: Looking Glass Code john heasley (Mar 12)
- Re: Looking Glass Code John Todd (Mar 12)
- Re: Looking Glass Code Havard Eidnes (Mar 12)
- Re: Looking Glass Code Ariel Biener (Mar 12)
- Re: Looking Glass Code Rafi Sadowsky (Mar 13)
- <Possible follow-ups>
- RE: Looking Glass Code Ukyo Kuonji (Mar 12)