NAMEclogin - Cisco login script
SYNOPSISclogin [-autoenable] [-noenable] [-dhiSV] [-m|M] [-c command] [-E var=x] [-e enable-password] [-f cloginrc-file] [-p user-password] [-s script-file] [-t timeout] [-u username] [-v vty-password] [-w enable-username] [-x command-file] [-y ssh_cypher_type] router [router...]
DESCRIPTIONclogin is an expect(1) script to automate the process of logging into a Cisco router, Catalyst switch, Arista switch, Extreme switch, Juniper ERX/E-series, or Redback router. There are complementary scripts for A10, Alteon, Avocent (Cyclades), Bay Networks (nortel), Brocade, Cisco Small Business devices, ADC-kentrox EZ-T3 mux, Fortinet firewalls, Foundry, Cisco Firepower, HP Procurve switches and Cisco AGMs, Hitachi routers, Juniper Networks, MRV optical switch, Mikrotik routers, Netscreen firewalls, Nokia (Alcatel-Lucent), Netscaler, Riverbed Steelhead, Riverstone, Netopia, Cisco WLCs, Extreme devices and Xirrus arrays or Arrcus routers, named a10login, alogin, avologin, blogin, brlogin, csblogin, elogin, flogin, fnlogin, fxlogin, hlogin, htlogin, jlogin, mrvlogin, mtlogin, nlogin, noklogin, nslogin, rblogin, rivlogin, tlogin, wlogin, xlogin, and xilogin, respectively. Lastly, plogin is a poly-login script using the router.db(5) files of rancid groups and the rancid.types.base(5) and rancid.types.conf(5) files to determine which login script to execute for the device type of the given device.
clogin reads the .cloginrc file for its configuration, then connects and logs into each of the routers specified on the command line in the order listed. Command-line options exist to override some of the directives found in the .cloginrc configuration file.
The command-line options are as follows:
show version show logging
RETURNSIf the login script fails for any of the devices on the command-line, the exit value of the script will be non-zero and the value will be the number of failures.
ENVIRONMENTclogin recognizes the following environment variables.
FILES$HOME/.cloginrc Configuration file.
SEE ALSOcloginrc(5), expect(1)
CAVEATSclogin expects CatOS devices to have a prompt which includes a '>', such as "router> (enable)". It uses this to determine, for example, whether the command to disable the pager is "set length 0" or "term length 0".
The HP Procurve switches that are Foundry OEMs use flogin, not hlogin.
The -S option is a recent addition, it may not be supported in all of the login scripts or for every target device.
BUGSDo not use greater than (>) or pound sign (#) in device banners or hostnames or prompts. These are the normal terminating characters of device prompts and the login scripts need to locate the initial prompt. Afterward, the full prompt is collected and makes a more precise match so that the scripts know when the device is ready for the next command.
All these login scripts for separate devices should be rolled into one. This goal is exceedingly difficult.
The HP Procurve switch, Motorola BSR, and Cisco AGM CLIs rely heavily upon terminal escape codes for cursor/screen manipulation and assumes a vt100 terminal type. They do not provide a way to set a different terminal type or adjust this behavior. The resulting escape codes make automating interaction with these devices very difficult or impossible. Thus bin/hpuifilter, which must be found in the user's PATH, is used by hlogin to filter these escape sequences. While this works for rancid's collection, there are side effects for interactive logins via hlogin; most of which are formatting annoyances that may be remedied by typing CTRL-R to reprint the current line.
WARNING: repeated ssh login failures to HP Procurves cause the switch's management interface to lock-up (this includes snmp, ping) and sometimes it will crash. This is with the latest firmware; 5.33 at the time of this writing.
Visit the GSP FreeBSD Man Page Interface.