search

ytti / oxidized

Oxidized is a network device configuration backup tool. It's a RANCID replacement!
Apache License 2.0
2.79k stars 921 forks source link

Group authentication - model is used as username #1075

Closed rioenregistrementsdri closed 5 years ago

rioenregistrementsdri commented 6 years ago

Hi,

I have been looking for a solution for this all day without any success. I have came across issues #651 and #862 but they don't seem to resolve the problem for me. I'm trying to set different groups for different devices requiring different username/password combos. For some reason it appears that Oxidized is using the model as the username to login to the switch instead of the actual username provided in the groups.

Here is my config:

---
username: oxidized
password: xxxxxxxxx
model: boss
interval: 3600
use_syslog: true
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 10.2.0.156:8888
next_adds_job: false
vars: {}
groups:
  avaya:
    username: avayauser
    password: xxxxxxxxxxxxx
  avayacore:
    username: avayacoreuser
    password: xxxxxxxxxxxxx
  fortigate:
    username: fortigateuser
    password: xxxxxxxxxxxxx
  aruba:
    username: arubauser
    password: xxxxxxxxxxxxx
models: {}
pid: /home/oxidized/.config/oxidized/pid
input:
  default: ssh, telnet
  debug: true
  ssh:
    secure: false
output:
  default: git
  git:
    user: "xxx"
    email: xxx@xxx
    repo: "/var/lib/oxidized/devices.git"
source:
  default: csv
  csv:
    file: /home/oxidized/.config/oxidized/router.db
    delimiter: !ruby/regexp /:/
    map:
      name: 0
      group: 1
      model: 2
    gpg: false
model_map:
  fortigate: fortios
  aruba: aos

Here is my router.db:

switch1:avaya:voss
switch2:avaya:boss

Here is what I get in the logs:

Oct 23 16:56:41 server.local oxidized[1757]: switch1 raised Net::SSH::AuthenticationFailed with msg "Authentication failed for user voss@switch1"

This seems strange to me. Any ideas?

EDIT: If it helps, in the WebGUI I can see that the switches are properly mapped to the correct models and groups.

laf commented 6 years ago

We use groups extensively at work and haven't noticed this as an issue. I don't have access to the config right now but I'll check tomorrow.

no-response[bot] commented 5 years ago

This issue has been automatically closed because there has been no response to our request for more information from the original author. The information that is currently in the issue is insufficient to take further action. Feel free to re-open this issue if additional information becomes available, or if you believe it has been closed in error.

stfast commented 5 years ago

This would really help many, if you post working configuration for group authentication.