Cisco ASA lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/]

[LucasHrmn]

Hey,

I recently setup a Oxidized server mostly to replace our old Rancid one.

So far everything is going well, i'm pulling the conf from Cisco switch, and Fortios. I tried adding our ASA firewall but i'm having an error i think it's during the enable prompt but i'm not sure of it and i have no idea how to solve it so far.

here is the debug file when i'm trying to pull the backup from the ASA

oxidized_1  | D, [2021-01-08T13:30:01.156559 #31] DEBUG -- : node.rb: resolving node key 'input', with passed global value of 'ssh' and node value ''
oxidized_1  | D, [2021-01-08T13:30:01.156617 #31] DEBUG -- : node.rb: returning node key 'input' with value 'ssh'
oxidized_1  | D, [2021-01-08T13:30:01.245475 #31] DEBUG -- : node.rb: resolving node key 'output', with passed global value of 'git' and node value ''
oxidized_1  | D, [2021-01-08T13:30:01.245557 #31] DEBUG -- : node.rb: returning node key 'output' with value 'git'
oxidized_1  | D, [2021-01-08T13:30:01.265631 #31] DEBUG -- : node.rb: resolving node key 'username', with passed global value of '' and node value ''
oxidized_1  | D, [2021-01-08T13:30:01.265685 #31] DEBUG -- : node.rb: setting node key 'username' to value 'username' from global
oxidized_1  | D, [2021-01-08T13:30:01.265731 #31] DEBUG -- : node.rb: setting node key 'username' to value 'xxxxxx' from group
oxidized_1  | D, [2021-01-08T13:30:01.265767 #31] DEBUG -- : node.rb: returning node key 'username' with value 'xxxxxxx'
oxidized_1  | D, [2021-01-08T13:30:01.265797 #31] DEBUG -- : node.rb: resolving node key 'password', with passed global value of '' and node value ''
oxidized_1  | D, [2021-01-08T13:30:01.265831 #31] DEBUG -- : node.rb: setting node key 'password' to value 'password' from global
oxidized_1  | D, [2021-01-08T13:30:01.265914 #31] DEBUG -- : node.rb: setting node key 'password' to value 'xxxxxxxxxxxxxxxxxxx' from group
oxidized_1  | D, [2021-01-08T13:30:01.265956 #31] DEBUG -- : node.rb: returning node key 'password' with value 'xxxxxxxxxxxxxxxx'
oxidized_1  | I, [2021-01-08T13:30:01.266046 #31]  INFO -- : lib/oxidized/nodes.rb: Loaded 1 nodes
oxidized_1  | D, [2021-01-08T13:30:01.617697 #31] DEBUG -- : lib/oxidized/core.rb: Starting the worker...
oxidized_1  | Puma starting in single mode...
oxidized_1  | * Version 3.11.4 (ruby 2.5.1-p57), codename: Love Song
oxidized_1  | * Min threads: 0, max threads: 16
oxidized_1  | * Environment: development
oxidized_1  | * Listening on tcp://0.0.0.0:8888
oxidized_1  | Use Ctrl-C to stop
oxidized_1  | D, [2021-01-08T13:30:02.618239 #31] DEBUG -- : lib/oxidized/worker.rb: Jobs running: 0 of 1 - ended: 0 of 1
oxidized_1  | D, [2021-01-08T13:30:02.618599 #31] DEBUG -- : lib/oxidized/worker.rb: Added asa/BatG-FW-1 to the job queue
oxidized_1  | D, [2021-01-08T13:30:02.618652 #31] DEBUG -- : lib/oxidized/worker.rb: 1 jobs running in parallel
oxidized_1  | D, [2021-01-08T13:30:02.618798 #31] DEBUG -- : lib/oxidized/job.rb: Starting fetching process for FW-1 at 2021-01-08 13:30:02 UTC
oxidized_1  | D, [2021-01-08T13:30:02.619345 #31] DEBUG -- : lib/oxidized/input/ssh.rb: Connecting to BatG-FW-1
oxidized_1  | D, [2021-01-08T13:30:02.619526 #31] DEBUG -- : AUTH METHODS::["none", "publickey", "password"]
oxidized_1  | D, [2021-01-08T13:30:02.641407 #31] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at FW-1
oxidized_1  | D, [2021-01-08T13:30:03.618780 #31] DEBUG -- : lib/oxidized/worker.rb: 1 jobs running in parallel

And here is the config file of the oxidized

username: username
password: password
model: junos
resolve_dns: true
interval: 7200
use_syslog: false
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 0.0.0.0:8888
next_adds_job: false
vars: {}
groups:
  switch:
    username: xxxxxxxxxx
    password: xxxxxxxxxx
  core:
    username: xxxxxxxxxx
    password: xxxxxxxxxx
  firewall:
    username: xxxxxxxxxx
    password: xxxxxxxxxx
  core:
    username: xxxxxxxxxx
    password: xxxxxxxxxx
  asa:
    username: xxxxxxxxxx
    password: xxxxxxxxxx
models: {}
pid: "/root/.config/oxidized/pid"
crash:
  directory: "/root/.config/oxidized/crashes"
  hostnames: false
stats:
  history_size: 10
input:
  default: ssh
  debug: false
  ssh:
    secure: false
  ftp:
    passive: true
  utf8_encoded: true
output:
  default: git
  git:
    user: xxxxxxxxx
    email: xxxxxxxxxx
    repo: "/var/lib/oxidized/devices.git"
source:
  default: csv
  csv:
    file: "/root/.config/oxidized/router.db"
    delimiter: !ruby/regexp /:/
    map:
      name: 0
      ip: 1
      model: 2
      group: 3
    gpg: false
model_map:
  juniper: junos
  cisco: ios
  fortigate: fortios

I tried the following :

• Adding enable in the vars{}
• Adding a specific vars enable in the group ASA
• adding enable without vars
• empty enable

I can reach and connect in ssh from the server so it's not the user created in the firewall but something from oxidized.

Thanks

[LucasHrmn]

Ok i found the problem ASA were using a different OS it's not IOS but simply ASA Also i had to activate the auto enable on the firewall