Closed Melih-Celik closed 3 years ago
This looks like a cryptography fault. Using the latest version of netmiko and cryptography i can see this issue.
Traceback (most recent call last):
File "testCommit.py", line 97, in <module>
connect_handler = ConnectHandler(**data_dict)
File "/usr/local/lib/python3.6/site-packages/netmiko/ssh_dispatcher.py", line 312, in ConnectHandler
return ConnectionClass(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/netmiko/cisco/cisco_xr.py", line 10, in __init__
return super().__init__(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py", line 346, in __init__
self._open()
File "/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py", line 351, in _open
self.establish_connection()
File "/usr/local/lib/python3.6/site-packages/netmiko/cisco/cisco_xr.py", line 14, in establish_connection
super().establish_connection(width=511, height=511)
File "/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py", line 920, in establish_connection
self.remote_conn_pre.connect(**ssh_connect_params)
File "/usr/local/lib/python3.6/site-packages/paramiko/client.py", line 406, in connect
t.start_client(timeout=timeout)
File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 660, in start_client
raise e
File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 2075, in run
self.kex_engine.parse_next(ptype, m)
File "/usr/local/lib/python3.6/site-packages/paramiko/kex_ecdh_nist.py", line 53, in parse_next
return self._parse_kexecdh_reply(m)
File "/usr/local/lib/python3.6/site-packages/paramiko/kex_ecdh_nist.py", line 136, in _parse_kexecdh_reply
self.transport._verify_key(K_S, sig)
File "/usr/local/lib/python3.6/site-packages/paramiko/transport.py", line 1886, in _verify_key
if not key.verify_ssh_sig(self.H, Message(sig)):
File "/usr/local/lib/python3.6/site-packages/paramiko/dsskey.py", line 153, in verify_ssh_sig
).public_key(backend=default_backend())
File "/usr/local/lib64/python3.6/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 212, in public_key
return backend.load_dsa_public_numbers(self)
File "/usr/local/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 871, in load_dsa_public_numbers
dsa._check_dsa_parameters(numbers.parameter_numbers)
File "/usr/local/lib/python3.6/site-packages/netmiko/tplink/tplink_jetstream.py", line 145, in _override_check_dsa_parameters
if crypto_utils.bit_length(parameters.q) not in [160, 256]:
AttributeError: module 'cryptography.utils' has no attribute 'bit_length'
I downgraded the cryptography module and this issue went away. pip install -U cryptography==2.5
(there might be a better version of cryptography to use that is more recent than 2.5).
Thank you for your fast reply.I've tried to downgrade the version of cryptography.And I'm facing this one then.(Even though it is not netmiko's issue,I'm kinda stuck.) :
error: command 'C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.28.29333\bin\HostX86\x64\cl.exe' failed with exit code 2 ERROR: Failed building wheel for cryptography Failed to build cryptography ERROR: Could not build wheels for cryptography which use PEP 517 and cannot be installed directly
Update : Tried to run my code on fresh install Ubuntu 20.10.This time I'm getting this error:
Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/tenacity/init.py", line 412, in call result = fn(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/netmiko/base_connection.py", line 1149, in set_base_prompt raise ValueError(f"Router prompt not found: {repr(prompt)}") ValueError: Router prompt not found: 'A2-Blok-Sw'
The above exception was the direct cause of the following exception:
Traceback (most recent call last): File "ssh_Deneme.py", line 75, in
config_backup(cihaz_secim,ip_address,username,password) File "ssh_Deneme.py", line 12, in config_backup net_connect=ConnectHandler(switch) #Baglanti kuruldu. File "/usr/local/lib/python3.8/dist-packages/netmiko/ssh_dispatcher.py", line 312, in ConnectHandler return ConnectionClass(*args, *kwargs) File "/usr/local/lib/python3.8/dist-packages/netmiko/base_connection.py", line 346, in init self._open() File "/usr/local/lib/python3.8/dist-packages/netmiko/base_connection.py", line 352, in _open self._try_session_preparation() File "/usr/local/lib/python3.8/dist-packages/netmiko/base_connection.py", line 777, in _try_session_preparation self.session_preparation() File "/usr/local/lib/python3.8/dist-packages/netmiko/alcatel/alcatel_aos_ssh.py", line 12, in session_preparation self.set_base_prompt() File "/usr/local/lib/python3.8/dist-packages/tenacity/init.py", line 329, in wrapped_f return self.call(f, args, kw) File "/usr/local/lib/python3.8/dist-packages/tenacity/init.py", line 409, in call do = self.iter(retry_state=retry_state) File "/usr/local/lib/python3.8/dist-packages/tenacity/init.py", line 369, in iter six.raise_from(retry_exc, fut.exception()) File " ", line 3, in raise_from tenacity.RetryError: RetryError[<Future at 0x7feec9bb75e0 state=finished raised ValueError>]
The bit_length
issue should be fixed in this PR:
https://github.com/ktbyers/netmiko/pull/2043/files
So it should be fixed in the develop
branch.
Does this apply to alcatel_aos as well? Because I'm still having the same error on Alcatel Switches.
Edit: I just downgraded my python version from v3.9.0 to v3.8.6.And installed cryptography v2.8.Seems like it solved the cryptography issue.However this time I'm facing this :
RetryError[<Future at 0x1e13bb81b20 state=finished raised ValueError>]
as I stated above.
@Yukio4 Can you post the full exception? The RetryError
could be due a bunch of causes; the relevant item for this issue is the bit_length
error.
Kirk
Hello everyone I also experience the same in IOS_XR, when I try to validate user through ssh. Will there be any advance of the solution?
I appreciate your comments.
[2020-12-11 13:49:11.343210]:Validando Credenciales
Unknown exception: module 'cryptography.utils' has no attribute 'bit_length'
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 2075, in run
self.kex_engine.parse_next(ptype, m)
File "/usr/lib/python3/dist-packages/paramiko/kex_group1.py", line 75, in parse_next
return self._parse_kexdh_reply(m)
File "/usr/lib/python3/dist-packages/paramiko/kex_group1.py", line 120, in _parse_kexdh_reply
self.transport._verify_key(host_key, sig)
File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 1886, in _verify_key
if not key.verify_ssh_sig(self.H, Message(sig)):
File "/usr/lib/python3/dist-packages/paramiko/dsskey.py", line 148, in verify_ssh_sig
key = dsa.DSAPublicNumbers(
File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 212, in public_key
return backend.load_dsa_public_numbers(self)
File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 871, in load_dsa_public_numbers
dsa._check_dsa_parameters(numbers.parameter_numbers)
File "/usr/local/lib/python3.9/dist-packages/netmiko/tplink/tplink_jetstream.py", line 145, in _override_check_dsa_parameters
if crypto_utils.bit_length(parameters.q) not in [160, 256]:
AttributeError: module 'cryptography.utils' has no attribute 'bit_length'
=========================================================================
File "/usr/local/lib/python3.9/dist-packages/netmiko/ssh_dispatcher.py", line 312, in ConnectHandler
return ConnectionClass(*args, **kwargs)
File "/usr/local/lib/python3.9/dist-packages/netmiko/cisco/cisco_xr.py", line 10, in __init__
return super().__init__(*args, **kwargs)
File "/usr/local/lib/python3.9/dist-packages/netmiko/base_connection.py", line 346, in __init__
self._open()
File "/usr/local/lib/python3.9/dist-packages/netmiko/base_connection.py", line 351, in _open
self.establish_connection()
File "/usr/local/lib/python3.9/dist-packages/netmiko/cisco/cisco_xr.py", line 14, in establish_connection
super().establish_connection(width=511, height=511)
File "/usr/local/lib/python3.9/dist-packages/netmiko/base_connection.py", line 920, in establish_connection
self.remote_conn_pre.connect(**ssh_connect_params)
File "/usr/lib/python3/dist-packages/paramiko/client.py", line 406, in connect
t.start_client(timeout=timeout)
File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 660, in start_client
raise e
File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 2075, in run
self.kex_engine.parse_next(ptype, m)
File "/usr/lib/python3/dist-packages/paramiko/kex_group1.py", line 75, in parse_next
return self._parse_kexdh_reply(m)
File "/usr/lib/python3/dist-packages/paramiko/kex_group1.py", line 120, in _parse_kexdh_reply
self.transport._verify_key(host_key, sig)
File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 1886, in _verify_key
if not key.verify_ssh_sig(self.H, Message(sig)):
File "/usr/lib/python3/dist-packages/paramiko/dsskey.py", line 148, in verify_ssh_sig
key = dsa.DSAPublicNumbers(
File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 212, in public_key
return backend.load_dsa_public_numbers(self)
File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 871, in load_dsa_public_numbers
dsa._check_dsa_parameters(numbers.parameter_numbers)
File "/usr/local/lib/python3.9/dist-packages/netmiko/tplink/tplink_jetstream.py", line 145, in _override_check_dsa_parameters
if crypto_utils.bit_length(parameters.q) not in [160, 256]:
AttributeError: module 'cryptography.utils' has no attribute 'bit_length'
It is fixed, use the Netmiko develop
branch.
Kirk
I am currently trying to figure out how to use netmiko to automate some of my routine work.Such as getting configuration backup, creating vlans etc.I've managed to use it on Aruba and Huawei Switches without problem.But on alcatel switch I'm facing this issue:
Thanks for your help in advance.