search

astounding / mtik

An interface to the MikroTik RouterOS API (via TCP) in Ruby
http://www.aarongifford.com/computers/mtik/
Other
39 stars 23 forks source link

new api login #7

Closed dorijan closed 4 years ago

dorijan commented 6 years ago

Hi, it seems Mikrotik has implemented new login api, so the old one is not working anymore. Any change you can implement it? https://wiki.mikrotik.com/wiki/Manual:API#Initial_login

Thank you

philomory commented 6 years ago

Oddly enough, at least as of 6.43rc56, the old login API and the new login API both work. I'm not sure if that was intentional on Mikrotik's part, I've requested clarification on their forums.

philomory commented 6 years ago

That said, I've submitted a pull request that adds support for the new login method while still falling back to the old login method when the new one doesn't work. #9

astounding commented 6 years ago

Merged. Thanks for the new login stuff.

xcdr commented 6 years ago

Hi, when do You plan release updated gem version?

juanfrancisco-18 commented 4 years ago

hola puedo conectarme a la api sin menester de la gema?

juanfrancisco-18 commented 4 years ago

no veo que aqui nadie me responden

alistairpullen commented 4 years ago

As of routerboard release 6.45.1 the old login API pre-6.43 no longer works ( https://mikrotik.com/download/changelogs ). I found this out the hard way after upgrading from 6.44.5 to 6.47.1 today and my webapp stopped working.

I attempted to use the SSL API previously and the SSL handshake fails. Error: SSL_connect returned=1 errno=0 state=error: sslv3 alert handshake failure.

Reading the API-SSL docs ( https://wiki.mikrotik.com/wiki/Manual:API-SSL ), I realized that I don't have an SSL certificate loaded on the routerboard, just using stock api-ssl, meaning that anonymous Diffie-Hellman cipher (ADH) would be used. I then read somewhere that anonymous cipher suites are disabled in the default security level in OpenSSL 1.1.0+

Anonymous Diffie-Hellman cipher is not used if you have a certificate loaded for api-ssl use on the routerboard, so I generated a self signed certificate on the routerboard ( https://wiki.mikrotik.com/wiki/Manual:Create_Certificates ) and selected it for use under /ip services api-ssl. The error has gone away and all is working perfectly, albeit a bit slower given the TLS handshake time factored into API activity during the initial connect routine.

juanfrancisco-18 commented 4 years ago

buenas tardes que version de ruby sirve para ejecutar la gema?

alistairpullen commented 4 years ago

buenas tardes que version de ruby sirve para ejecutar la gema? Translating:"good afternoon, what version of ruby is used to run the gem?"

I'm using ruby 2.7

astounding commented 4 years ago

Sorry for taking so long to release an "official" version of the gem to include the changes that have been present in the github repository for quite some time. Method calls that pass the :ssl => true or the :unencrypted_plaintext => true arguments should use the newer-style (post RouterOS 6.43) API login method.

As of version 4.1.0, the scripts in bin/ also now support this via the --ssl | -s and --unencrypted_plaintext | -u CLI options OR via setting MTIK_SSL and/or MTIK_UNENCRYPTED_PLAINTEXT environment variables to accomplish something similar.

juanfrancisco-18 commented 1 year ago

I am trying to login above 6.48.6 version but error sowing invalid username & password