Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
clogin(1)		    General Commands Manual		     clogin(1)

       clogin -	Cisco login script

       clogin  [-autoenable]  [-noenable]  [-dhiSV]  [-m|M] [-c	 command] [-E
       var=x] [-e  enable-password] [-f	  cloginrc-file]  [-p	user-password]
       [-s   script-file] [-t  timeout]	[-u  username] [-v  vty-password] [-w
       enable-username]	 [-x   command-file]  [-y    ssh_cypher_type]	router

       clogin is an expect(1) script to	automate the process of	logging	into a
       Cisco router, Catalyst switch, Arista switch, Extreme  switch,  Juniper
       ERX/E-series,  or  Redback router.  There are complementary scripts for
       A10, Alteon, Avocent (Cyclades),	Bay  Networks  (nortel),  Cisco	 Small
       Business	 devices,  ADC-kentrox EZ-T3 mux, Fortinet firewalls, Foundry,
       HP Procurve switches and	Cisco AGMs, Hitachi routers, Juniper Networks,
       MRV  optical  switch,  Mikrotik	routers,  Netscreen  firewalls,	 Nokia
       (Alcatel-Lucent), Netscaler, Riverstone,	Netopia, Cisco	WLCs,  Extreme
       devices	and  Xirrus  arrays or Arrcus routers, named a10login, alogin,
       avologin, blogin, csblogin, elogin, flogin, fnlogin,  hlogin,  htlogin,
       jlogin, mrvlogin, mtlogin, nlogin, noklogin, nslogin, rivlogin, tlogin,
       wlogin, xlogin, and xilogin, respectively.  Lastly, plogin is  a	 poly-
       login  script  using  the  router.db(5)	files of rancid	groups and the
       rancid.types.base(5) and	rancid.types.conf(5) files to determine	 which
       login script to execute for the device type of the given	device.

       clogin  reads  the  .cloginrc file for its configuration, then connects
       and logs	into each of the routers specified on the command line in  the
       order  listed.	Command-line  options  exist  to  override some	of the
       directives found	in the .cloginrc configuration file.

       The command-line	options	are as follows:

       -S     Save the configuration on	exit, if the device prompts at	logout
	      time.  This only has affect when used with -c.

       -V     Prints package name and version strings.

       -c     Command  to  be  run  on	each  router list on the command-line.
	      Multiple commands	maybe listed by	 separating  them  with	 semi-
	      colons  (;).   The  argument  should  be	quoted	to avoid shell

       -d     Enable expect debugging.

       -E     Specifies	a variable to  pass  through  to  scripts  (-s).   For
	      example, the command-line	option -Efoo=bar will produce a	global
	      variable by the name Efoo	with the initial value "bar".

       -e     Specify a	password to be supplied	when gaining enable privileges
	      on  the  router(s).   Also  see  the  password  directive	of the
	      .cloginrc	file.

       -f     Specifies	an  alternate  configuration  file.   The  default  is

       -h     Display usage line and exit.

       -i     Enter interactive	mode after processing -[cx] options.

       -[mM]  Display  .cloginrc  information  for  matching lines; either the
	      first match (-m) or all matches (-M), then  exit.	  The  display
	      format is:

	      look-up variable:filename:line number: glob

       -p     Specifies	 a  password associated	with the user specified	by the
	      -u option, user directive	of the .cloginrc  file,	 or  the  Unix
	      username of the user.

       -s     The  filename of an expect(1) script which will be sourced after
	      the login	is successful and is expected  to  return  control  to
	      clogin,  with  the  connection  to the router intact, when it is
	      done.  Note that clogin disables log_user	of expect(1)when -s is
	      used.  Example script(s) can be found in share/rancid/*.exp.

       -t     Alters the timeout interval; the period that clogin waits	for an
	      individual command to return a prompt or the  login  process  to
	      produce a	prompt or failure.  The	argument is in seconds.

       -u     Specifies	 the  username	used  when prompted.  The command-line
	      option overrides any user	directive  found  in  .cloginrc.   The
	      default is the current Unix username.

       -v     Specifies	 a  vty	 password,  that  which	 is  prompted for upon
	      connection to the	router.	 This overrides	the  vty  password  of
	      the .cloginrc file's password directive.

       -w     Specifies	 the  username	used  if  prompted when	gaining	enable
	      privileges.  The	command-line  option  overrides	 any  user  or
	      enauser  directives  found  in  .cloginrc.   The	default	is the
	      current Unix username.

       -x     Similar to the -c	option;	-x specifies a file with  commands  to
	      run  on  each  of	 the  routers.	 The  commands must not	expect
	      additional input,	such as	'copy rcp startup-config'  does.   For

		 show version
		 show logging

       -y     Specifies	 the  encryption  algorithm for	use with the ssh(1) -c
	      option.  The default encryption type  is	often  not  supported.
	      See the ssh(1) man page for details.  The	default	is 3des.

       If  the	login script fails for any of the devices on the command-line,
       the exit	value of the script will be non-zero and the value will	be the
       number of failures.

       clogin recognizes the following environment variables.

	      Overrides	 the  user  directive found in the .cloginrc file, but
	      may be overridden	by the -u option.

       CLOGIN clogin will not change the banner	on your	xterm window  if  this
	      includes the character 'x'.

	      Specifies	 an  alternative location for the .cloginrc file, like
	      the -f option.

       HOME   Normally set by login(1) to the user's home directory,  HOME  is
	      used by clogin to	locate the .cloginrc configuration file.

       $HOME/.cloginrc	 Configuration file.

       cloginrc(5), expect(1)

       clogin  expects	CatOS  devices	to have	a prompt which includes	a '>',
       such as "router>	(enable)".  It uses this to  determine,	 for  example,
       whether	the  command  to  disable the pager is "set length 0" or "term
       length 0".

       The HP Procurve switches	that are Foundry OEMs use flogin, not hlogin.

       The Extreme is supported	by  clogin,  but  it  has  no  concept	of  an
       "enabled"  privilege  level.  You must set autoenable for these devices
       in your .cloginrc.

       The -S option is	a recent addition, it may not be supported in  all  of
       the login scripts or for	every target device.

       Do  not	use  greater  than  (>)	or pound sign (#) in device banners or
       hostnames or prompts.  These are	the normal terminating	characters  of
       device prompts and the login scripts need to locate the initial prompt.
       Afterward, the full prompt is collected and makes a more	precise	 match
       so that the scripts know	when the device	is ready for the next command.

       All these login scripts for separate devices should be rolled into one.
       This goal is exceedingly	difficult.

       The HP Procurve switch, Motorola	BSR, and Cisco AGM CLIs	 rely  heavily
       upon terminal escape codes for cursor/screen manipulation and assumes a
       vt100 terminal type.  They do not provide a  way	 to  set  a  different
       terminal	type or	adjust this behavior.  The resulting escape codes make
       automating interaction with these devices very difficult	or impossible.
       Thus bin/hpuifilter, which must be found	in the user's PATH, is used by
       hlogin to filter	these escape sequences.	 While this works for rancid's
       collection,  there  are side effects for	interactive logins via hlogin;
       most of which are formatting annoyances that may	be remedied by	typing
       CTRL-R to reprint the current line.

       WARNING:	repeated ssh login failures to HP Procurves cause the switch's
       management  interface  to  lock-up  (this  includes  snmp,  ping)   and
       sometimes it will crash.	 This is with the latest firmware; 5.33	at the
       time of this writing.

				 12 July 2019			     clogin(1)


Want to link to this manual page? Use this URL:

home | help