Closed adarsh-chauhan closed 2 years ago
adarsh-chauhan
commented
2 years ago I think this is fixed in netmiko 4.0, but nornir-netmiko still required 3.4.0
ERROR: pip's dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
nornir-netmiko 0.1.2 requires netmiko<4.0.0,>=3.4.0, but you have netmiko 4.0.0 which is incompatible.Tried following
devdsk:
hostname: 10.10.10.10
groups:
- eu-west-1
platform: linux
data:
jumpbox: True
connection_options:
netmiko:
extras:
key_file: ~/.ssh/id_rsa
use_keys: True
disabled_algorithms:
pubkeys:
- ssh-rsa
- rsa-sha2-256The disabled_algorithms takes effect but still getting the error
DEBUG:paramiko.transport:starting thread (client mode): 0x10592a10
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.10.3
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_7.4
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_7.4)
DEBUG:paramiko.transport:=== Key exchange possibilities ===
DEBUG:paramiko.transport:kex algos: curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
DEBUG:paramiko.transport:server key: ssh-rsa, rsa-sha2-512, rsa-sha2-256, ecdsa-sha2-nistp256, ssh-ed25519
DEBUG:paramiko.transport:client encrypt: chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, aes128-cbc, aes192-cbc, aes256-cbc, blowfish-cbc, cast128-cbc, 3des-cbc
DEBUG:paramiko.transport:server encrypt: chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, aes128-cbc, aes192-cbc, aes256-cbc, blowfish-cbc, cast128-cbc, 3des-cbc
DEBUG:paramiko.transport:client mac: umac-64-etm@openssh.com, umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, umac-128@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1
DEBUG:paramiko.transport:server mac: umac-64-etm@openssh.com, umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, umac-128@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1
DEBUG:paramiko.transport:client compress: none, zlib@openssh.com
DEBUG:paramiko.transport:server compress: none, zlib@openssh.com
DEBUG:paramiko.transport:client lang: <none>
DEBUG:paramiko.transport:server lang: <none>
DEBUG:paramiko.transport:kex follows: False
DEBUG:paramiko.transport:=== Key exchange agreements ===
DEBUG:paramiko.transport:Kex: curve25519-sha256@libssh.org
DEBUG:paramiko.transport:HostKey: ssh-ed25519
DEBUG:paramiko.transport:Cipher: aes128-ctr
DEBUG:paramiko.transport:MAC: hmac-sha2-256
DEBUG:paramiko.transport:Compression: none
DEBUG:paramiko.transport:=== End of kex handshake ===
DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-ed25519 host key for 10.10.10.10: b'b4c8c90d11ba08dc8243bb8312554ad6'
DEBUG:paramiko.transport:Got EXT_INFO: {'server-sig-algs': b'rsa-sha2-256,rsa-sha2-512'}
DEBUG:paramiko.transport:Trying discovered key b'fc9db78e21554336dba204b193502cde' in /Users/<redacted>/.ssh/id_rsa
DEBUG:paramiko.transport:Adding public certificate /Users/<redacted>/.ssh/id_rsa-cert.pub
DEBUG:paramiko.transport:userauth is OK
DEBUG:paramiko.transport:Finalizing pubkey algorithm for key of type 'ssh-rsa-cert-v01@openssh.com'
DEBUG:paramiko.transport:Our pubkey algorithm list: ['rsa-sha2-512']
DEBUG:paramiko.transport:Server-side algorithm list: ['rsa-sha2-256', 'rsa-sha2-512']
DEBUG:paramiko.transport:Agreed upon 'rsa-sha2-512' pubkey algorithm
INFO:paramiko.transport:Authentication (publickey) failed.
DEBUG:paramiko.transport:Trying discovered key b'f7b9889d1f44f0058ded06fa8bd4befa' in /Users/<redacted>/.ssh/id_rsa
Traceback (most recent call last):
File "/Users/<redacted>/Downloads/skyhook_certificate_upload/test_nornir.py", line 32, in <module>
main()
File "/Users/<redacted>/Downloads/skyhook_certificate_upload/test_nornir.py", line 25, in main
connection = devdsk.inventory.hosts['devdsk'].get_connection("netmiko", devdsk.config)
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/nornir/core/inventory.py", line 494, in get_connection
self.open_connection(
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/nornir/core/inventory.py", line 546, in open_connection
conn_obj.open(
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/nornir_netmiko/connections/netmiko.py", line 59, in open
connection = ConnectHandler(**parameters)
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/netmiko/ssh_dispatcher.py", line 344, in ConnectHandler
return ConnectionClass(*args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/netmiko/base_connection.py", line 434, in __init__
self._open()
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/netmiko/base_connection.py", line 439, in _open
self.establish_connection()
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/netmiko/base_connection.py", line 1021, in establish_connection
self.remote_conn_pre.connect(**ssh_connect_params)
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/paramiko/client.py", line 435, in connect
self._auth(
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/paramiko/client.py", line 678, in _auth
key = self._key_from_filepath(
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/paramiko/client.py", line 598, in _key_from_filepath
key.load_certificate(cert_path)
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/paramiko/pkey.py", line 663, in load_certificate
raise ValueError(err.format(blob.key_type, self.get_name()))
ValueError: PublicBlob type ssh-rsa-cert-v01@openssh.com incompatible with key type ssh-dssI can login without password to the 10.10.10.10
ktbyers
commented
2 years ago Easy fix is to downgrade to Parmiko 2.8.1 (in the near term).
I haven't retrofitted nornir_netmiko to support Netmiko 4.0.0 yet.
Note pip should install Netmiko 4.0.0 if you tell it, it will just complain about it (as per the above).
dbarrosop
commented
2 years ago Closing as this is not a nornir issue, this issue should be opened in the corresponding plugin repo.
ERICK-ZABALA
commented
1 year ago Hi Community Dev,
Working with nornir and netmiko to work the form correct with public key via ssh, please verify your yaml file lot of hours... but resolved :)
File: hosts.yaml
---
linux-server:
hostname: '15.xx.x'
port: 22
username: 'apx'
connection_options:
netmiko:
extras:
use_keys: True
key_file: '/home/codespace/.ssh/id_rsa'
platform: 'linux'Then you need to install the library in your environment. Libraries:
pip install nornir
pip install nornir_netmiko
pip install from nornir_utilsthen code python: File: ssh_nornir.py
#!/workspaces/DEVNET/network/iosv/bin/python
from nornir import InitNornir
from nornir_netmiko import netmiko_send_command
from nornir_utils.plugins.functions import print_result
nr = InitNornir(logging={"log_file": "mylogs", "level": "DEBUG"})
result = nr.run(
task = netmiko_send_command,
command_string= "ls",
use_textfsm=True
)
print_result(result)Note: I hope help to someone in the community, bonne energy!!! :)
Hi Team,
I wanted to understand how can i pass SSH key for auth.
in hosts.yaml i used the following syntax.
however ran into following problem
i and came across
disabled_algorithmsbut then how do i pass it when using nornir netmiko plugin