SSH to cisco switch fail via aker.py but work on terminal! Port forward does not work!
Opened this issue · 3 comments
It is success when I login via shell to cisco switch like "ssh 10.10.x.x" !
But then using aker.py it failt with these error logs
2019-01-18 18:19:03,592 - DEBUG - TUI: user mptit chose server 10.144.8.5
2019-01-18 18:19:03,592 - DEBUG - Core: pausing TUI
2019-01-18 18:19:03,592 - DEBUG - TUI: tui paused
2019-01-18 18:19:03,593 - DEBUG - Session: Base Session created
2019-01-18 18:19:03,593 - DEBUG - Client: Client Created
2019-01-18 18:19:03,594 - DEBUG - Session: SSHSession created
2019-01-18 18:19:03,594 - DEBUG - Sniffer: Creating Pyte screen with cols 94 and rows 42
2019-01-18 18:19:03,595 - DEBUG - Sniffer: Sniffer Created
2019-01-18 18:19:03,595 - INFO - Core: Starting session UUID 9af0aaee-de02-4a7e-bf75-d27819e04484 for user mptit to host 10.144.8.5
2019-01-18 18:19:03,612 - DEBUG - SSHClient: Connected to 10.144.8.5:22
2019-01-18 18:19:03,613 - DEBUG - starting thread (client mode): 0xe6fa78d0L
2019-01-18 18:19:03,613 - DEBUG - Local version/idstring: SSH-2.0-paramiko_2.1.1
2019-01-18 18:19:03,628 - DEBUG - Remote version/idstring: SSH-2.0-Cisco-1.25
2019-01-18 18:19:03,628 - INFO - Connected (version 2.0, client Cisco-1.25)
2019-01-18 18:19:03,630 - DEBUG - kex algos:[u'diffie-hellman-group-exchange-sha1', u'diffie-hellman-group14-sha1', u'diffie-hellman-group1-sha1'] server key:[u'ssh-rsa'] client encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-cbc', u'3des-cbc', u'aes192-cbc', u'aes256-cbc'] server encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-cbc', u'3des-cbc', u'aes192-cbc', u'aes256-cbc'] client mac:[u'hmac-sha1', u'hmac-sha1-96', u'hmac-md5', u'hmac-md5-96'] server mac:[u'hmac-sha1', u'hmac-sha1-96', u'hmac-md5', u'hmac-md5-96'] client compress:[u'none'] server compress:[u'none'] client lang:[u''] server lang:[u''] kex follows?False
2019-01-18 18:19:03,630 - DEBUG - Kex agreed: diffie-hellman-group1-sha1
2019-01-18 18:19:03,631 - DEBUG - Cipher agreed: aes128-ctr
2019-01-18 18:19:03,631 - DEBUG - MAC agreed: hmac-md5
2019-01-18 18:19:03,631 - DEBUG - Compression agreed: none
2019-01-18 18:19:03,897 - DEBUG - kex engine KexGroup1 specified hash_algo
2019-01-18 18:19:03,898 - DEBUG - Switch to new keys ...
2019-01-18 18:19:03,914 - DEBUG - SSHClient: Authenticating using key-pair
2019-01-18 18:19:04,129 - DEBUG - userauth is OK
2019-01-18 18:19:04,153 - ERROR - Exception: Illegal info request from server
2019-01-18 18:19:04,153 - ERROR - Traceback (most recent call last):
2019-01-18 18:19:04,153 - ERROR - File "/usr/lib/python2.7/site-packages/paramiko/transport.py", line 1837, in run
2019-01-18 18:19:04,154 - ERROR - self.auth_handler._handler_table[ptype](self.auth_handler, m)
2019-01-18 18:19:04,154 - ERROR - File "/usr/lib/python2.7/site-packages/paramiko/auth_handler.py", line 575, in _parse_userauth_info_request
2019-01-18 18:19:04,154 - ERROR - raise SSHException('Illegal info request from server')
2019-01-18 18:19:04,154 - ERROR - SSHException: Illegal info request from server
2019-01-18 18:19:04,154 - ERROR -
2019-01-18 18:19:04,179 - ERROR - SSHClient:: error authenticating : Illegal info request from server
2019-01-18 18:19:04,179 - INFO - Core: Finished session UUID 9af0aaee-de02-4a7e-bf75-d27819e04484 for user mptit to host 10.144.8.5
2019-01-18 18:19:04,179 - DEBUG - Session: SSHSession failed
2019-01-18 18:19:04,180 - ERROR - Sniffer: close session files error coercing to Unicode: need string or buffer, NoneType found
2019-01-18 18:19:04,180 - DEBUG - Sniffer: Failed to close files. Likely due to a session close before establishing.
How could I access cisco switch via aker.py?
and "Port" value does not work in script!
"hosts": [
{
"name": "switch",
"hostname": "Switch",
"port": "444",
"key": "~/.ssh/id_rsa",
"usergroups": [
"lnxadmins",
"dbadmins"
],
"hostgroups": [
"YGN",
"linuxservers"
]
},
I think this is a known limitation with paramiko and cisco, it's listed here: http://www.paramiko.org/faq.html#paramiko-doesn-t-work-with-my-cisco-windows-or-other-non-unix-system
I think this is a known limitation with paramiko and cisco, it's listed here: http://www.paramiko.org/faq.html#paramiko-doesn-t-work-with-my-cisco-windows-or-other-non-unix-system
how about's we use "os" module like os.system(ssh xxxx -p 444) instead of parmiko?
I am sorry for I have never used paramiko module and don't know it's advantages why you used.
I think this is a known limitation with paramiko and cisco, it's listed here: http://www.paramiko.org/faq.html#paramiko-doesn-t-work-with-my-cisco-windows-or-other-non-unix-system
how about's we use "os" module like os.system(ssh xxxx -p 444) instead of parmiko?
I am sorry for I have never used paramiko module and don't know it's advantages why you used.
I change some coding in Line 70 "/usr/bin/aker/SSHClient.py"
#self._socket.connect((ip, port))
os.system('ssh '+str(ip)+' -p '+str(port))
Now, can connect to Cisco router but session recording doesnot work brother coz I think we still useing paramiko.Transport function in recording session.