Unable to connect to the device via console port (it requires "\n" newline before authorization).

[artyomovs]

Describe the bug I apologize for a ton of issues from my side, but I have one more request:) It's unable to connect to the device via console port (it requires "\n" newline before authorization).

To Reproduce Connect to the device via console port (could be simulated).

Expected behavior E.g., Netmiko behavior: 2020-07-07 17:55:31 [DEBUG] read_channel: 2020-07-07 17:55:31 [DEBUG] write_channel: b'\r\n' 2020-07-07 17:55:32 [DEBUG] read_channel: 2020-07-07 17:55:32 [DEBUG] write_channel: b'\r\n' 2020-07-07 17:55:32 [DEBUG] read_channel: (and then authorization and command execution)

Scrapli behavior: 2020-07-07 17:50:12 [INFO] Opening connection to 10.122.11.164 2020-07-07 17:50:12 [DEBUG] Session to host 10.122.11.164 spawned pause...till Ctrl+C is pressed.

I tried to solve that myself just adding "telnet_session.write('\n\n\n'.encode())" in telnet.py after telnet_session is created - but it doesn't work anyway. Maybe the feature is rarely-used and no need to fix, but maybe you could suggest a workaround.

OS (please complete the following information):

• OS: Ubuntu 20.04
• scrapli version: scrapli==2020.6.6

Please find a GIF, that shows that we need to send a newline first.

[carlmontanari]

Hey @artyomovs -- no worries, I appreciate ya bringing up the issues!

There is a "feature" called auth_bypass for the system transport that I implemented for some scenarios like this where there is not "normal" SSH auth (for example Cisco WLC) that just has a login prompt upon SSH connection. I think I'll just need to add that here for telnet (its been on my list so this is good!), because right now telnet transport requires auth (which is obviously not always he case for telnet!).

I'll try to get this built/tested tonight so I can include this with the bug fix from the other issue!

Thanks again!

Carl

[carlmontanari]

Hey again @artyomovs

I've just pushed some tweaks to telnet auth in the develop branch. There are two main changes:

1. I added the auth_bypas arg to the telnet transport -- if your device has no authentication prompts, then you will want to set this to True
2. I also set the telnet auth up to send a return character if there is no output from the device -- I believe this matches the gif you showed!

I was able to reproduce this in both ways -- with the auth bypass and with needing to send a return in order to get the auth stuff to prompt. I did this on an EOS device, but I also re-ran the full test suite against iosxe/iosxr/eos/junos/nxos so I think this should be working now!

Let me know if that works or not. The logging for telnet is still kind of lacking, so if this doesn't work we may need to add some logging so we can troubleshoot this more!

[artyomovs]

Hi @carlmontanari . Thank you for another quick response. Sorry, but I didn't understand, how to install new version. pip repo has version 2020.7.4 The develop branch has this version as well: sudo pip3 install -e git+https://github.com/carlmontanari/scrapli.git@develop#egg=scrapli

[carlmontanari]

Ah sorry that was unclear -- the version number won't have changed yet when installing from develop. You may also need to add the -U argument to upgrade.

pip install -U -e git+https://github.com/carlmontanari/scrapli.git@develop#egg=scrapli

You can confirm you've got the update installed like this:

sed -n -e 249,253p $(python -c 'import scrapli; print(scrapli.__file__[:-11])')/transport/telnet.py

The output should look like:

            elif not output:
                current_iteration_time = datetime.now().timestamp()
                if (current_iteration_time - auth_start_time) > (return_interval * return_attempts):
                    telnet_session.write(self._comms_return_char.encode())
                    return_attempts += 1

This is part of the stuff I added yesterday to send the return character during telnet auth.

[artyomovs]

Hi @carlmontanari . Thank you for the fast fix. However, when I use auth_bypass, the console is flooded by "Read" lines. If I don't use auth_bypass - it behaves like before, long freeze. Maybe I do something wrong. I attached a GIF.

Thank you in advance.

[javincraig]

I threw together a lab because I saw what you were trying to do. I was able to replicate the behavior when using ser2net (console server). You can give this code a try and see if it works for you. The username/passwords are just placeholders since my telnet session was wide open for this lab.

from scrapli.driver.core import IOSXEDriver

my_device = {
    "host": "127.0.0.1",
    "auth_username": "na",
    "auth_password": "na",
    "auth_strict_key": False,
    "auth_bypass": True,
    "transport": "telnet",
    "port": 3000,
}

conn = IOSXEDriver(**my_device, comms_return_char="\r\n")  #  \r\n is needed for returns for telnet sessions
conn.privilege_levels['privilege_exec'].escalate_auth = False  # this is because I don't have an enable password set in my demo
conn.open()
response = conn.send_command("show run ")
print(response.result)

[carlmontanari]

Thanks @javincraig !! I totally didn't even think about \r\n for the comms return -- telnet seems to prefer this return char(s) sometimes.

Also, good call on setting the escalate_auth -> False for now (if there is no enable password). I think this was actually a regression -- previously scrapli used to simply warn that there was auth "required" (per the privilege levels), and would skip trying to deal with an enable password and simply send a return and hope for the best instead. I think that is the "correct" behavior so I'm going to fix that in this next release too....

@artyomovs will you give this (setting the comms_return_char) a test to see if we get any further along?

[carlmontanari]

Hey @artyomovs -- hopefully Javin's fix works for you. I'm going to close this now, but feel free to re-open if this is still giving you issues!

Carl