Fnrancid
From Initech Technical Wiki
This patch makes fnrancid ignore the block of config which contains regularly rolling private keys. This is required as of rancid version 3.1
--- fnrancid 2015-05-31 06:16:40.000000000 +1200
+++ fnrancid.patched 2016-09-21 07:47:51.969827661 +1200
@@ -210,6 +210,21 @@
# remove occurrances of conf_file_ver
next if (/^#?conf_file_ver=/);
+ # filter cycling encrypted private keys
+ if (/^\s*set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----/) {
+ ProcessHistory("","","","#$_");
+ ProcessHistory("","","","# <removed>");
+ while (<INPUT>) {
+ tr/\015//d;
+ last if (/$prompt/);
+
+ if (/^\s*-----END ENCRYPTED PRIVATE KEY-----"/) {
+ ProcessHistory("","","","#$_");
+ last;
+ }
+ }
+ }
+
# filter cycling RSA private keys
if (/^\s*set private-key "-----BEGIN RSA PRIVATE KEY-----/) {
ProcessHistory("","","","#$_");