Hello,
I'm trying to create a user for Rancid to grab the configs off of cisco devices. I don't really want to create a full privileged account. Ideally, I'd like an account that can log in, do "sh run" or "sh start" and get a full output.. but not be able to write anything either.
I was able to do this:
username rancid secret 5 $1$8tiB$FaJCn8Sr6wSTk4U4XawT9/ privilege exec level 1 show startup-config privilege exec level 1 show running-config privilege exec level 1 show
Which seems to do what I want, except it won't allow me to show the running-config.
Can anyone point me to a good resource? Or give me a hint?