1
2clogin(1)                   General Commands Manual                  clogin(1)
3
4
5

NAME

7       clogin - Cisco login script
8

SYNOPSIS

10       clogin  [-autoenable]  [-noenable]  [-dhiSV]  [-m|M] [-c  command] [-E
11       var=x] [-e  enable-password] [-f   cloginrc-file]  [-p   user-password]
12       [-s   script-file] [-t  timeout] [-u  username] [-v  vty-password] [-w
13       enable-username]  [-x   command-file]  [-y    ssh_cypher_type]   router
14       [router...]
15

DESCRIPTION

17       clogin is an expect(1) script to automate the process of logging into a
18       Cisco router, Catalyst switch, Extreme  switch,  Juniper  ERX/E-series,
19       Procket  Networks,  or Redback router.  There are complementary scripts
20       for A10, Alteon, Avocent (Cyclades), Bay Networks (nortel), Cisco Small
21       Business  devices, ADC-kentrox EZ-T3 mux, Foundry, HP Procurve switches
22       and Cisco AGMs, Hitachi routers, Juniper Networks, MRV optical  switch,
23       Mikrotik   routers,   Netscreen   firewalls,   Nokia  (Alcatel-Lucent),
24       Netscaler, Riverstone, Netopia, Cisco WLCs, Extreme devices and  Xirrus
25       arrays  or  Arrcus  routers,  named  a10login alogin, avologin, blogin,
26       csblogin, elogin, flogin, fnlogin, hlogin, htlogin,  jlogin,  mrvlogin,
27       mtlogin,  nlogin,  noklogin, nslogin, rivlogin, tlogin, wlogin, xlogin,
28       and xilogin, respectively.  Lastly, plogin is a poly-login script using
29       the  router.db(5)  files  of rancid groups and the rancid.types.base(5)
30       and rancid.types.conf(5) files  to  determine  which  login  script  to
31       execute for the device type of the given device.
32
33       clogin  reads  the  .cloginrc file for its configuration, then connects
34       and logs into each of the routers specified on the command line in  the
35       order  listed.   Command-line  options  exist  to  override some of the
36       directives found in the .cloginrc configuration file.
37
38       The command-line options are as follows:
39
40       -S     Save the configuration on exit, if the device prompts at  logout
41              time.  This only has affect when used with -s.
42
43       -V     Prints package name and version strings.
44
45       -c     Command  to  be  run  on  each  router list on the command-line.
46              Multiple commands maybe listed by  separating  them  with  semi-
47              colons  (;).   The  argument  should  be  quoted  to avoid shell
48              expansion.
49
50       -d     Enable expect debugging.
51
52       -E     Specifies a variable to  pass  through  to  scripts  (-s).   For
53              example, the command-line option -Efoo=bar will produce a global
54              variable by the name Efoo with the initial value "bar".
55
56       -e     Specify a password to be supplied when gaining enable privileges
57              on  the  router(s).   Also  see  the  password  directive of the
58              .cloginrc file.
59
60       -f     Specifies an  alternate  configuration  file.   The  default  is
61              $HOME/.cloginrc.
62
63       -h     Display usage line and exit.
64
65       -i     Enter interactive mode after processing -[cx] options.
66
67       -[mM]  Display  .cloginrc  information  for  matching lines; either the
68              first match (-m) or all matches (-M), then  exit.   The  display
69              format is:
70
71              look-up variable:filename:line number: glob
72
73       -p     Specifies  a  password associated with the user specified by the
74              -u option, user directive of the .cloginrc  file,  or  the  Unix
75              username of the user.
76
77       -s     The  filename of an expect(1) script which will be sourced after
78              the login is successful and is expected  to  return  control  to
79              clogin,  with  the  connection  to the router intact, when it is
80              done.  Note that clogin disables log_user of expect(1)when -s is
81              used.  Example script(s) can be found in share/rancid/*.exp.
82
83       -t     Alters the timeout interval; the period that clogin waits for an
84              individual command to return a prompt or the  login  process  to
85              produce a prompt or failure.  The argument is in seconds.
86
87       -u     Specifies  the  username  used  when prompted.  The command-line
88              option overrides any user directive  found  in  .cloginrc.   The
89              default is the current Unix username.
90
91       -v     Specifies  a  vty  password,  that  which  is  prompted for upon
92              connection to the router.  This overrides the  vty  password  of
93              the .cloginrc file's password directive.
94
95       -w     Specifies  the  username  used  if  prompted when gaining enable
96              privileges.  The  command-line  option  overrides  any  user  or
97              enauser  directives  found  in  .cloginrc.   The  default is the
98              current Unix username.
99
100       -x     Similar to the -c option; -x specifies a file with  commands  to
101              run  on  each  of  the  routers.   The  commands must not expect
102              additional input, such as 'copy rcp startup-config'  does.   For
103              example:
104
105                 show version
106                 show logging
107
108       -y     Specifies  the  encryption  algorithm for use with the ssh(1) -c
109              option.  The default encryption type  is  often  not  supported.
110              See the ssh(1) man page for details.  The default is 3des.
111

RETURNS

113       If  the  login script fails for any of the devices on the command-line,
114       the exit value of the script will be non-zero and the value will be the
115       number of failures.
116

ENVIRONMENT

118       clogin recognizes the following environment variables.
119
120       CISCO_USER
121              Overrides  the  user  directive found in the .cloginrc file, but
122              may be overridden by the -u option.
123
124       CLOGIN clogin will not change the banner on your xterm window  if  this
125              includes the character 'x'.
126
127       CLOGINRC
128              Specifies  an  alternative location for the .cloginrc file, like
129              the -f option.
130
131       HOME   Normally set by login(1) to the user's home directory,  HOME  is
132              used by clogin to locate the .cloginrc configuration file.
133

FILES

135       $HOME/.cloginrc   Configuration file.
136

SEE ALSO

138       cloginrc(5), expect(1)
139

CAVEATS

141       clogin  expects  CatOS  devices  to have a prompt which includes a '>',
142       such as "router> (enable)".  It uses this to  determine,  for  example,
143       whether  the  command  to  disable the pager is "set length 0" or "term
144       length 0".
145
146       The HP Procurve switches that are Foundry OEMs use flogin, not hlogin.
147
148       The Extreme is supported by  clogin,  but  it  has  no  concept  of  an
149       "enabled"  privilege  level.  You must set autoenable for these devices
150       in your .cloginrc.
151
152       The -S option is a recent addition, it may not be supported in  all  of
153       the login scripts or for every target device.
154

BUGS

156       Do  not  use  greater  than  (>) or pound sign (#) in device banners or
157       hostnames or prompts.  These are the normal terminating  characters  of
158       device prompts and the login scripts need to locate the initial prompt.
159       Afterward, the full prompt is collected and makes a more precise  match
160       so that the scripts know when the device is ready for the next command.
161
162       All these login scripts for separate devices should be rolled into one.
163       This goal is exceedingly difficult.
164
165       The HP Procurve switch, Motorola BSR, and Cisco AGM CLIs  rely  heavily
166       upon terminal escape codes for cursor/screen manipulation and assumes a
167       vt100 terminal type.  They do not provide a  way  to  set  a  different
168       terminal type or adjust this behavior.  The resulting escape codes make
169       automating interaction with these devices very difficult or impossible.
170       Thus bin/hpuifilter, which must be found in the user's PATH, is used by
171       hlogin to filter these escape sequences.  While this works for rancid's
172       collection,  there  are side effects for interactive logins via hlogin;
173       most of which are formatting annoyances that may be remedied by  typing
174       CTRL-R to reprint the current line.
175
176       WARNING: repeated ssh login failures to HP Procurves cause the switch's
177       management  interface  to  lock-up  (this  includes  snmp,  ping)   and
178       sometimes it will crash.  This is with the latest firmware; 5.33 at the
179       time of this writing.
180
181
182
183                                22 January 2019                      clogin(1)
Impressum