1clogin(1) General Commands Manual clogin(1)
3
7 clogin - Cisco login script
8
10 clogin [-autoenable] [-noenable] [-dhiSV] [-m|M] [-c command] [-E
11 var=x] [-e enable-password] [-f cloginrc-file] [-p user-password]
12 [-s script-file] [-t timeout] [-u username] [-v vty-password] [-w
13 enable-username] [-x command-file] [-y ssh_cypher_type] router
14 [router...]
15
17 clogin is an expect(1) script to automate the process of logging into a
18 Cisco router, Catalyst switch, Extreme switch, Juniper ERX/E-series,
19 Procket Networks, or Redback router. There are complementary scripts
20 for A10, Alteon, Avocent (Cyclades), Bay Networks (nortel), Cisco Small
21 Business devices, ADC-kentrox EZ-T3 mux, Foundry, HP Procurve switches
22 and Cisco AGMs, Hitachi routers, Juniper Networks, MRV optical switch,
23 Mikrotik routers, Netscreen firewalls, Nokia (Alcatel-Lucent),
24 Netscaler, Riverstone, Netopia, Cisco WLCs, Extreme devices and Xirrus
25 arrays or Arrcus routers, named a10login alogin, avologin, blogin,
26 csblogin, elogin, flogin, fnlogin, hlogin, htlogin, jlogin, mrvlogin,
27 mtlogin, nlogin, noklogin, nslogin, rivlogin, tlogin, wlogin, xlogin,
28 and xilogin, respectively. Lastly, plogin is a poly-login script using
29 the router.db(5) files of rancid groups and the rancid.types.base(5)
30 and rancid.types.conf(5) files to determine which login script to
31 execute for the device type of the given device.
32 clogin reads the .cloginrc file for its configuration, then connects
34 and logs into each of the routers specified on the command line in the
35 order listed. Command-line options exist to override some of the
36 directives found in the .cloginrc configuration file.
37 The command-line options are as follows:
39 -S Save the configuration on exit, if the device prompts at logout
41 time. This only has affect when used with -s.
42 -V Prints package name and version strings.
44 -c Command to be run on each router list on the command-line.
46 Multiple commands maybe listed by separating them with semi-
47 colons (;). The argument should be quoted to avoid shell
48 expansion.
49 -d Enable expect debugging.
51 -E Specifies a variable to pass through to scripts (-s). For
53 example, the command-line option -Efoo=bar will produce a global
54 variable by the name Efoo with the initial value "bar".
55 -e Specify a password to be supplied when gaining enable privileges
57 on the router(s). Also see the password directive of the
58 .cloginrc file.
59 -f Specifies an alternate configuration file. The default is
61 $HOME/.cloginrc.
62 -h Display usage line and exit.
64 -i Enter interactive mode after processing -[cx] options.
66 -[mM] Display .cloginrc information for matching lines; either the
68 first match (-m) or all matches (-M), then exit. The display
69 format is:
70 look-up variable:filename:line number: glob
72 -p Specifies a password associated with the user specified by the
74 -u option, user directive of the .cloginrc file, or the Unix
75 username of the user.
76 -s The filename of an expect(1) script which will be sourced after
78 the login is successful and is expected to return control to
79 clogin, with the connection to the router intact, when it is
80 done. Note that clogin disables log_user of expect(1)when -s is
81 used. Example script(s) can be found in share/rancid/*.exp.
82 -t Alters the timeout interval; the period that clogin waits for an
84 individual command to return a prompt or the login process to
85 produce a prompt or failure. The argument is in seconds.
86 -u Specifies the username used when prompted. The command-line
88 option overrides any user directive found in .cloginrc. The
89 default is the current Unix username.
90 -v Specifies a vty password, that which is prompted for upon
92 connection to the router. This overrides the vty password of
93 the .cloginrc file's password directive.
94 -w Specifies the username used if prompted when gaining enable
96 privileges. The command-line option overrides any user or
97 enauser directives found in .cloginrc. The default is the
98 current Unix username.
99 -x Similar to the -c option; -x specifies a file with commands to
101 run on each of the routers. The commands must not expect
102 additional input, such as 'copy rcp startup-config' does. For
103 example:
104 show version
106 show logging
107 -y Specifies the encryption algorithm for use with the ssh(1) -c
109 option. The default encryption type is often not supported.
110 See the ssh(1) man page for details. The default is 3des.
111
113 If the login script fails for any of the devices on the command-line,
114 the exit value of the script will be non-zero and the value will be the
115 number of failures.
116
118 clogin recognizes the following environment variables.
119 CISCO_USER
121 Overrides the user directive found in the .cloginrc file, but
122 may be overridden by the -u option.
123 CLOGIN clogin will not change the banner on your xterm window if this
125 includes the character 'x'.
126 CLOGINRC
128 Specifies an alternative location for the .cloginrc file, like
129 the -f option.
130 HOME Normally set by login(1) to the user's home directory, HOME is
132 used by clogin to locate the .cloginrc configuration file.
133
135 $HOME/.cloginrc Configuration file.
136
138 cloginrc(5), expect(1)
139
141 clogin expects CatOS devices to have a prompt which includes a '>',
142 such as "router> (enable)". It uses this to determine, for example,
143 whether the command to disable the pager is "set length 0" or "term
144 length 0".
145 The HP Procurve switches that are Foundry OEMs use flogin, not hlogin.
147 The Extreme is supported by clogin, but it has no concept of an
149 "enabled" privilege level. You must set autoenable for these devices
150 in your .cloginrc.
151 The -S option is a recent addition, it may not be supported in all of
153 the login scripts or for every target device.
154
156 Do not use greater than (>) or pound sign (#) in device banners or
157 hostnames or prompts. These are the normal terminating characters of
158 device prompts and the login scripts need to locate the initial prompt.
159 Afterward, the full prompt is collected and makes a more precise match
160 so that the scripts know when the device is ready for the next command.
161 All these login scripts for separate devices should be rolled into one.
163 This goal is exceedingly difficult.
164 The HP Procurve switch, Motorola BSR, and Cisco AGM CLIs rely heavily
166 upon terminal escape codes for cursor/screen manipulation and assumes a
167 vt100 terminal type. They do not provide a way to set a different
168 terminal type or adjust this behavior. The resulting escape codes make
169 automating interaction with these devices very difficult or impossible.
170 Thus bin/hpuifilter, which must be found in the user's PATH, is used by
171 hlogin to filter these escape sequences. While this works for rancid's
172 collection, there are side effects for interactive logins via hlogin;
173 most of which are formatting annoyances that may be remedied by typing
174 CTRL-R to reprint the current line.
175 WARNING: repeated ssh login failures to HP Procurves cause the switch's
177 management interface to lock-up (this includes snmp, ping) and
178 sometimes it will crash. This is with the latest firmware; 5.33 at the
179 time of this writing.
180 22 January 2019 clogin(1)