Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
clogin(1)		    General Commands Manual		     clogin(1)

       clogin -	Cisco login script

       clogin  [-autoenable]  [-noenable]  [-dhSV]  [-m|M]  [-c	 command] [-E
       var=x] [-e  enable-password] [-f	  cloginrc-file]  [-p	user-password]
       [-s   script-file] [-t  timeout]	[-u  username] [-v  vty-password] [-w
       enable-username]	 [-x   command-file]  [-y    ssh_cypher_type]	router

       clogin is an expect(1) script to	automate the process of	logging	into a
       Cisco router, Catalyst switch, Extreme  switch,	Juniper	 ERX/E-series,
       Procket	Networks,  or Redback router.  There are complementary scripts
       for A10,	Alteon,	Avocent	(Cyclades), Bay	Networks (nortel), ADC-kentrox
       EZ-T3  mux,  Foundry,  HP  Procurve  switches  and  Cisco AGMs, Hitachi
       routers,	 Juniper  Networks,  MRV  optical  switch,  Mikrotik  routers,
       Netscreen   firewalls,  Netscaler,  Riverstone,	Netopia,  Cisco	 WLCs,
       Extreme devices and Xirrus arrays,  named  a10login  alogin,  avologin,
       blogin,	elogin,	 flogin,  fnlogin,  hlogin, htlogin, jlogin, mrvlogin,
       mtlogin,	 nlogin,  nslogin,  rivlogin,  tlogin,	wlogin,	 xlogin,   and
       xilogin,	respectively.  Lastly, plogin is a poly-login script using the
       router.db(5) files of rancid groups and	the  rancid.types.base(5)  and
       rancid.types.conf(5)  files  to determine which login script to execute
       for the device type of the given	device.

       clogin reads the	.cloginrc file for its	configuration,	then  connects
       and  logs into each of the routers specified on the command line	in the
       order listed.  Command-line options  exist  to  override	 some  of  the
       directives found	in the .cloginrc configuration file.

       The command-line	options	are as follows:

       -S     Save  the	configuration on exit, if the device prompts at	logout
	      time.  This only has affect when used with -s.

       -V     Prints package name and version strings.

       -c     Command to be run	on  each  router  list	on  the	 command-line.
	      Multiple	commands  maybe	 listed	 by separating them with semi-
	      colons (;).  The	argument  should  be  quoted  to  avoid	 shell

       -d     Enable expect debugging.

       -E     Specifies	 a  variable  to  pass	through	 to scripts (-s).  For
	      example, the command-line	option -Efoo=bar will produce a	global
	      variable by the name Efoo	with the initial value "bar".

       -e     Specify a	password to be supplied	when gaining enable privileges
	      on the router(s).	  Also	see  the  password  directive  of  the
	      .cloginrc	file.

       -f     Specifies	 an  alternate	configuration  file.   The  default is

       -h     Display usage line and exit.

       -[mM]  Display .cloginrc	information for	 matching  lines;  either  the
	      first  match  (-m)  or all matches (-M), then exit.  The display
	      format is:

	      look-up variable:filename:line number: glob

       -p     Specifies	a password associated with the user specified  by  the
	      -u  option,  user	 directive  of the .cloginrc file, or the Unix
	      username of the user.

       -s     The filename of an expect(1) script which	will be	sourced	 after
	      the  login  is  successful  and is expected to return control to
	      clogin, with the connection to the router	 intact,  when	it  is
	      done.  Note that clogin disables log_user	of expect(1)when -s is
	      used.  Example script(s) can be found in share/rancid/*.exp.

       -t     Alters the timeout interval; the period that clogin waits	for an
	      individual  command  to  return a	prompt or the login process to
	      produce a	prompt or failure.  The	argument is in seconds.

       -u     Specifies	the username used  when	 prompted.   The  command-line
	      option  overrides	 any  user  directive found in .cloginrc.  The
	      default is the current Unix username.

       -v     Specifies	a vty  password,  that	which  is  prompted  for  upon
	      connection  to  the  router.  This overrides the vty password of
	      the .cloginrc file's password directive.

       -w     Specifies	the username used  if  prompted	 when  gaining	enable
	      privileges.   The	 command-line  option  overrides  any  user or
	      enauser directives found	in  .cloginrc.	 The  default  is  the
	      current Unix username.

       -x     Similar  to  the -c option; -x specifies a file with commands to
	      run on each of  the  routers.   The  commands  must  not	expect
	      additional  input,  such as 'copy	rcp startup-config' does.  For

		 show version
		 show logging

       -y     Specifies	the encryption algorithm for use with  the  ssh(1)  -c
	      option.	The  default  encryption  type is often	not supported.
	      See the ssh(1) man page for details.  The	default	is 3des.

       If the login script fails for any of the	devices	on  the	 command-line,
       the exit	value of the script will be non-zero and the value will	be the
       number of failures.

       clogin recognizes the following environment variables.

	      Overrides	the user directive found in the	 .cloginrc  file,  but
	      may be overridden	by the -u option.

       CLOGIN clogin  will  not	change the banner on your xterm	window if this
	      includes the character 'x'.

	      Specifies	an alternative location	for the	.cloginrc  file,  like
	      the -f option.

       HOME   Normally	set  by	login(1) to the	user's home directory, HOME is
	      used by clogin to	locate the .cloginrc configuration file.

       $HOME/.cloginrc	 Configuration file.

       cloginrc(5), expect(1)

       clogin expects CatOS devices to have a prompt  which  includes  a  '>',
       such  as	 "router>  (enable)".  It uses this to determine, for example,
       whether the command to disable the pager	is "set	 length	 0"  or	 "term
       length 0".

       The HP Procurve switches	that are Foundry OEMs use flogin, not hlogin.

       The  Extreme  is	 supported  by	clogin,	 but  it  has no concept of an
       "enabled" privilege level.  You must set	autoenable for	these  devices
       in your .cloginrc.

       The  -S	option is a recent addition, it	may not	be supported in	all of
       the login scripts or for	every target device.

       Do not use greater than (>) or pound sign  (#)  in  device  banners  or
       hostnames  or  prompts.	These are the normal terminating characters of
       device prompts and the login scripts need to locate the initial prompt.
       Afterward,  the full prompt is collected	and makes a more precise match
       so that the scripts know	when the device	is ready for the next command.

       All these login scripts for separate devices should be rolled into one.
       This goal is exceedingly	difficult.

       The  HP	Procurve switch, Motorola BSR, and Cisco AGM CLIs rely heavily
       upon terminal escape codes for cursor/screen manipulation and assumes a
       vt100  terminal	type.	They  do  not provide a	way to set a different
       terminal	type or	adjust this behavior.  The resulting escape codes make
       automating interaction with these devices very difficult	or impossible.
       Thus bin/hpuifilter, which must be found	in the user's PATH, is used by
       hlogin to filter	these escape sequences.	 While this works for rancid's
       collection, there are side effects for interactive logins  via  hlogin;
       most  of	which are formatting annoyances	that may be remedied by	typing
       CTRL-R to reprint the current line.

       WARNING:	repeated ssh login failures to HP Procurves cause the switch's
       management   interface  to  lock-up  (this  includes  snmp,  ping)  and
       sometimes it will crash.	 This is with the latest firmware; 5.33	at the
       time of this writing.

				  26 May 2016			     clogin(1)


Want to link to this manual page? Use this URL:

home | help