Do Junos and EOS drivers allow for SSH host-key validation and SSL cert validation

napalm-automation / napalm

Network Automation and Programmability Abstraction Layer with Multivendor support

Apache License 2.0

2.23k stars 549 forks source link

Do Junos and EOS drivers allow for SSH host-key validation and SSL cert validation #901

Open ktbyers opened 5 years ago

ktbyers commented 5 years ago

I didn't see the arguments in optional_args to enable this in napalm driver.

bewing commented 5 years ago

pyeapi disables SSL verification if an SSL context is not passed in:

https://github.com/arista-eosplus/pyeapi/blob/develop/pyeapi/eapilib.py#L542-L545

Unfortunately, the pyeapi.client.connect method does not expose this. It could be, if we switched to using pyeapi.client.make_connection instead, but we'd still need to pass in the kwargs correctly.

bewing commented 5 years ago

This is exposed in EOS now, in release 2.4.0

bewing commented 1 year ago

@ktbyers does https://github.com/napalm-automation/napalm/blob/9b66011a4235dcb1982467ee621b9c11c27f6346/napalm/junos/junos.py#L90 fulfill the JunOS SSH host-key validation knob well enough to close this issue?