Closed zhzhdwy closed 5 years ago
yuandongx
commented
5 years ago 建议:执行下‘display ssh user-information’ 查看一下对应的ssh user有没有开启snetconf. 然后,‘ssh -p 22 username@192.X.X.X -s neconf’,查看是否能够ssh 设备,开户netconf.如果可收到信息,说明netconf配置没有问题,可接着执行playbook,否则请检查netconf配置是还口正确。
zhzhdwy
commented
5 years ago display ssh user-information 下显示是开启的
User Name : wangxc Authentication type : password User public key name : -- User public key type : -- Sftp directory : -- Service type : stelnet | sftp | snetconf
User Name : whistle Authentication type : password User public key name : -- User public key type : -- Sftp directory : -- Service type : stelnet | sftp | snetconf Total 2, 2 printed
ssh netconf中的相关输出 ➜ Huawei-ce ssh wangxc@111.1.19.190 -s netconf wangxc@111.1.19.190's password: <?xml version="1.0" encoding="UTF-8"?>
起初我也觉得是设备端的问题,但是相关配置都有了,就是验证超时。不知道为啥~
yuandongx
commented
5 years ago 抱歉了,由于这个问题比较特殊,比较难复现; 我们最近也有遇到过相同的问题, 原因:/root/.ssh/路径下有key存在,就不会触发密码认证 解决办法: 删除ssh-genkey 生成的key,就可以了 你可试一下,谢谢!
交换机使用的是华为CE6851HI V100R005C10SPC200 python 2.7 ansible 2.7.8
交换机配置了snetconf server enable 现在使用ce_command模块正常,但是使用配置类模块就有问题,报错Authentication timeout,报错如下:
➜ Huawei-ce ansible -m ce_command -a "commands='display vlan summary' transport='cli' host=183.x.x.x port=xx username=xxxx password=xxxx" localhost --connection local [DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [DEPRECATION WARNING]: Param 'password' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [DEPRECATION WARNING]: Param 'host' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [DEPRECATION WARNING]: Param 'transport' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [DEPRECATION WARNING]: Param 'port' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. localhost | SUCCESS => { "changed": false, "stdout": [ "Number of static VLAN: 7\nVLAN ID: 1 100 1000 4000 to 4003 \n\nNumber of dynamic VLAN: 0\nVLAN ID: \n\nNumber of service VLAN: 31\nVLAN ID: 4064 to 4094" ], "stdout_lines": [ [ "Number of static VLAN: 7", "VLAN ID: 1 100 1000 4000 to 4003 ", "", "Number of dynamic VLAN: 0", "VLAN ID: ", "", "Number of service VLAN: 31", "VLAN ID: 4064 to 4094" ] ] } ➜ Huawei-ce ansible -m ce_vlan -a "vlan_id=19 state=present transport='cli' host=183.x.x.x.x port=xx username=xxx password=xxxx" localhost --connection local localhost | FAILED! => { "msg": "AuthenticationException('Authentication timeout.',)" }
➜ Huawei-ce ansible -m ce_vlan -a "vlan_id=19 state=present transport='cli' host=183.240.14.161 port=22 username=wangxc password=Zhzhdwy1234^" localhost --connection local -vvvv
ansible 2.7.8 config file = /etc/ansible/ansible.cfg configured module search path = [u'/Users/one/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /Library/Python/2.7/site-packages/ansible executable location = /usr/local/bin/ansible python version = 2.7.10 (default, Oct 6 2017, 22:29:07) [GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.31)] Using /etc/ansible/ansible.cfg as config file setting up inventory plugins /etc/ansible/hosts did not meet host_list requirements, check plugin documentation if this is unexpected /etc/ansible/hosts did not meet script requirements, check plugin documentation if this is unexpected Parsed /etc/ansible/hosts inventory source with ini plugin Loading callback plugin minimal of type stdout, v2.0 from /Library/Python/2.7/site-packages/ansible/plugins/callback/minimal.pyc META: ran handlers <127.0.0.1> connection transport is cli <183.> using connection plugin netconf (was local) <183.> starting connection from persistent connection plugin <183.> local domain socket does not exist, starting it <183.> control socket path is /Users/one/.ansible/pc/0558f6143b <183.> The full traceback is: Traceback (most recent call last): File "/usr/local/bin/ansible-connection", line 106, in start self.connection._connect() File "/Library/Python/2.7/site-packages/ansible/plugins/connection/netconf.py", line 299, in _connect ssh_config=ssh_config File "/Library/Python/2.7/site-packages/ncclient/manager.py", line 163, in connect return connect_ssh(*args, *kwds) File "/Library/Python/2.7/site-packages/ncclient/manager.py", line 128, in connect_ssh session.connect(args, **kwds) File "/Library/Python/2.7/site-packages/ncclient/transport/ssh.py", line 460, in connect self._auth(username, password, key_filenames, allow_agent, look_for_keys) File "/Library/Python/2.7/site-packages/ncclient/transport/ssh.py", line 559, in _auth raise AuthenticationError(repr(saved_exception)) AuthenticationError: AuthenticationException('Authentication timeout.',)
localhost | FAILED! => { "msg": "AuthenticationException('Authentication timeout.',)" }
望解答,谢谢