Closed rez97415 closed 1 year ago
Hello,
you did not sent your inventory file, so I can not check it.
Try ansible-play example from README first, please.
Regards Petr Klíma
Hello Petr,
I had the same issue, and the reason was the not allowed option ip ssh password-auth
on the device.
could you please advise me, on how to proceed with the login, when the direct login is not allowed and the cisco-smb always expects to fill username and password on the welcome screen? In case, when this password-auth option is allowed, the ansible module works properly.
Thanks for any advice.
Hello again,
it was quiet easy.
Run playbook as usual and ask for ssh password, like that
ansible-playbook yourplaybookname --ask-pass
In the playbook do something similar
---
#Configure ciscosmb
- name: CiscoSMB IOS Command
hosts: your_host_group
become: true
connection: local
vars_prompt:
- name: Cisco-User
prompt: Type Cisco-User
private: no
- name: Cisco-Pass
prompt: Type Cisco-Pass
private: yes
tasks:
- name: Name of this taks
community.ciscosmb.command:
commands:
- list
- of
- commands
- which
- you
- will
- use
Sorry for spam - it still not working, still the same ip ssh password-auth
has to be enabled.
I am having a similar issue on an SG350 switch but enabling password authentication does not fix it.
Every time it gets to "ESTABLISH SSH CONNECTION FOR USER: admin" it hangs at
SSH: EXEC sshpass -d10 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="admin"' -o ConnectTimeout=10 -o ControlPath=/tmp/bwrap_123v1oz23s/awx_123_f123kd1l/cp/23f12312ba XXX.XXX.XXX.XXX '/bin/sh -c '"'"'echo ~admin && sleep 0'"'"''
There is no further output even if I wait 12 hours. This is with Verbosity at 4.
I am running this through AWX so every time I try I have to restart the AWX container to kill the job.
I have tried with a user credential containing the password only, one with a key and one with escalation "enable" set, with every combination of options for a password, key and Automatic Login set.
I can ssh from a normal Linux box with those credentials without an issue (though without Automatic Login it does prompt a second time for both username and password).
My Playbook has been stripped down to almost nothing -
- name: Set the NTP Servers
gather_facts: no
hosts: all
tasks:
- name: show clock
community.ciscosmb.command:
commands: show clock
register: output
- name: show output
debug:
var: output.stdout
Strange ...
I am curently testing on SG350X-48-K9
.
#show inventory
NAME: "1" DESCR: "SG350X-48 48-Port Gigabit Stackable Managed Switch"
PID: SG350X-48-K9 VID: V02 SN: XXXXXXXXXXXXXXXXXX
...
#show version
Active-image: flash://system/images/image_tesla_hybrid_2.4.5.71_release_cisco_signed.bin
Version: 2.4.5.71
MD5 Digest: 2dff89efdb2a0ec2f9a2c414ff7d401c
Date: 04-Nov-2018
Time: 19:46:16
...
inventory.yml
all:
vars:
ansible_connection: network_cli
### change what you need
# ansible_ssh_private_key_file: /dir/private.key
ansible_ssh_user: test
ansible_ssh_pass: passwd
ansible_become_method: enable
ansible_become_password: passwd2
#
### Enable become globaly, by host, by playbook or by task
# ansible_become: yes
hosts:
sw-1:
ansible_host: xx.xx.xx.xx
ansible_network_os: community.ciscosmb.ciscosmb
playbook.yml
- name: CiscoSMB - test commands
gather_facts: no
hosts: all
# vars:
# ansible_become: yes
tasks:
- name: CiscoSMB - show clock
community.ciscosmb.command:
commands:
- show version
- show clock
register: show_clock
- name: show output
ansible.builtin.debug:
var: show_clock
- name: CiscoSMB - set timezone
community.ciscosmb.command:
commands:
- configure terminal
- clock timezone CET +1
vars:
ansible_become: yes
register: set_timezone
- name: show output
ansible.builtin.debug:
var: set_timezone
ansible-play -i inventory.yml playbook.yml
And this work without issues.
sniplet of cisco config regarding user settings
username test password encrypted xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx privilege 1
enable password level 15 encrypted xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ip ssh server
ip ssh password-auth
ip ssh pubkey-auth auto-login
# !!! no key for user test
What is your model and FW version show inventory
and show version
?
I ran your playbook directly from the command line and it worked perfectly!
I then compared that to what I had and realised I was missing -
ansible_connection: network_cli ansible_network_os: community.ciscosmb.ciscosmb
From my inventory.
I added this and suddenly everything is working!
ok: [XXX.XXX.XXX.XXX] => { "output.stdout": [ "04:50:52 CET Oct 12 2021\nTime from SNTP is enabled\nOperational Time Source: None\nTime from Browser is disabled" ] }
You can ignore the time, the switch has been reset to factory so that I could play with configuring it.
Anyway, thank you so much! I'm off to try some proper configuration stuff now.
So embarrassing when I see those exact lines in the inventory in the readme!
By the way, I can confirm it works without password authentication set, I have only ip ssh pubkey-auth auto-login set and it works on the sg350-10p (Version: 2.5.8.15).
Hello,
right now I can not test it, but on firs look I can see "ansible_network_os: qaxi" it should be "ansible_network_os: ciscosmb".
I will test it ASAP. If you have a time to test, try ansible-play example form README, please.
Retards
Petr Klíma
***@***.***>
Dne 14. 03. 22 v 15:53 rez97415 napsal(a):
SUMMARY
Hi, i have the problem by using your module My stdout: |ansible spb-expo-sw2-new -m qaxi.ciscosmb.facts --vault-password-file ~/.vault_pass.txt --extra-vars "ANSIBLE_NET_USERNAME=** ANSIBLE_NET_PASSWORD=*****" router | FAILED! => { "changed": false, "msg": "Failed to authenticate: Bad authentication type; allowed types: ['']" }| My vars file: |ansible_user: user; ansible_connection: network_cli; ansible_network_os: qaxi; ansible_password: password;|
Please help me with this issue Regards
— Reply to this email directly, view it on GitHub https://github.com/ansible-collections/community.ciscosmb/issues/54, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6KH4HCHHLVTJKDXJ43OSDU75HF7ANCNFSM5QVY7JJA. You are receiving this because you are subscribed to this thread.Message ID: @.***>
SUMMARY
Hi, i have the problem by using your module My stdout:
ansible spb-expo-sw2-new -m community.ciscosmb.facts --vault-password-file ~/.vault_pass.txt --extra-vars "ANSIBLE_NET_USERNAME=****** ANSIBLE_NET_PASSWORD=*****" router | FAILED! => { "changed": false, "msg": "Failed to authenticate: Bad authentication type; allowed types: ['']" }
My vars file:ansible_user: user; ansible_connection: network_cli; ansible_network_os: community.ciscosmb.ciscosmb; ansible_password: password;
Please help me with this issue Regards