Date: Fri, 17 Mar 2000 10:09:14 +0100 From: andreas.klemm.ak@bayer-ag.de To: " - *up@3.am" <up@3.am> Cc: " - *freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org> Subject: Re: how to get .logout evaluated, when using remote copy (rc Message-ID: <0006800021782823000002L032*@MHS>
next in thread | raw e-mail | index | archive | help
BTW, excuse me for this ill mailer called Lotus Notes ...
It makes quoting impossible and creates funny characters :-/
Because running a tftp server is insecure
Even if you secure it with tcp_wrapper there remain still risks
- permissions of config files have to be 666, otherwise
you can%t write the file on the tftpserver
- so other users may delete the files
- There is a chance to overwrite the wrong file especially
when using tftp with Cisco Catalyst 5xxx switches, which doesn%t
offer you a default config name "name-confg". You have to
type the complete filename in.
So it might be possible, to overwrite the wrong config.
Well, therefore I want to introduce rcp and Cisco Router can do this
since a long time and Catalyst 5K switches can do it since 5.2 release.
I need the logout feature to copy the config to a backup file with a time stamp
in it. So this would be event triggered. Otherwise I had to do a script, that
runs
periodically and would have to check over 1000 machines....
This is a wastage of CPU cycles and you would have to make a compromise
by running it at a time intervall of which you think that it catches even
changes,
that come in a relatively short sequence....
So rcp is the way to go and it would be cool, if a .logout could be executed.
Or a new file .cshrcexit should be added....
So than you%d have for interactive logins:
.login
.logout
And for simply shells
.cshrc
.cshrcexit
up@3.am on 17.03.2000 01:42:27
An: Andreas Klemm/EXQEJ/CH/DE/BAYER@BAYERNOTES
Kopie: freebsd-isp@freebsd.org@INTERNET
Thema: Re: how to get .logout evaluated, when using remote copy (rc
On Wed, 15 Mar 2000 andreas.klemm.ak@bayer-ag.de wrote:
> Want to save my cisco router configs with rcp.
>
> Every router has an account of it%s own on the Unix host.
> This prevents overwriting of configs.
>
> If the remote user on the Unix host has csh as shell,
> I can make use of .cshrc, to set a secure umask (077).
>
> Now I want to make use of the .logout file to make a backup
> of the router config after the rcp session terminates.
>
> But .logout will not be executed.
>
> Well, I think it makes a difference for csh if you have an interactive
> or a remote session.
>
> Is there perhaps a way to fake something in .cshrc, to make csh think
> it has to execute .logout after rcp ?
Frankly, it's news to me that Ciscos support rcp (do they?). Why don't
you just save the config using tftp?
cisco# copy run tftp
The man pages tell you all about tftp, but it's basically just a matter of
uncommenting it in inetd, HUPing inetd, then
mkdir /tftpboot
touch /tftpboot/cisco-confg
James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am
=========================================================================
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0006800021782823000002L032*>