Login failed in Cisco Switch Log but connection is OK
Closed this issue · 0 comments
kinokocorp commented
Hello,
Scrapli is working well but I have a "Login Failed" in the logs of the switch after retrieving the desired information.
Here is my script :
from scrapli.driver.core import IOSXEDriver
import logging
logging.basicConfig(filename='scrapli.log', level=logging.DEBUG)
my_device = {
"host": "x.x.x.x",
"auth_username": "myusername",
"auth_password": "mysecretpassword",
"auth_strict_key": False,
"transport_options": {"open_cmd": ["-o", "KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1",
"-o", "Ciphers=+aes128-cbc",
"-o", "PubkeyAcceptedAlgorithms=+ssh-rsa",
"-o", "HostKeyAlgorithms=+ssh-rsa"]},
}
conn = IOSXEDriver(**my_device)
conn.open()
response = conn.send_command("show version")
print(response.elapsed_time)
print(response.result)
Here are the debug logs :
DEBUG:scrapli.driver:load core transport requested
DEBUG:scrapli.driver:core transport 'system' loaded successfully
DEBUG:scrapli.driver:generating combined network comms prompt pattern
DEBUG:scrapli.driver:setting 'comms_prompt_pattern' value to '(^[\w.\-@/:]{1,63}>$)|(^[\w.\-@/:]{1,63}#$)|(^[\w.\-@/:]{1,63}\([\w.\-@/:+]{0,32}\)#$)|(^([\w.\-@/+>:]+\(tcl\)[>#]|\+>)$)'
INFO:scrapli.driver:opening connection to 'x.x.x.x' on port '22'
DEBUG:scrapli.transport:opening transport connection to 'x.x.x.x' on port '22'
DEBUG:scrapli.transport:created transport 'open_cmd': '['ssh', 'x.x.x.x', '-p', '22', '-o', 'ConnectTimeout=15', '-o', 'ServerAliveInterval=30', '-l', 'myusername', '-o', 'StrictHostKeyChecking=no', '-o', 'UserKnownHostsFile=/dev/null', '-F', '/dev/null', '-o', 'KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', '-o', 'Ciphers=+aes128-cbc', '-o', 'PubkeyAcceptedAlgorithms=+ssh-rsa', '-o', 'HostKeyAlgorithms=+ssh-rsa']'
DEBUG:scrapli.transport:transport connection to 'x.x.x.x' on port '22' opened successfully
DEBUG:scrapli.channel:attempting in channel ssh authentication
DEBUG:scrapli.channel:read: b"Warning: Permanently added 'x.x.x.x' (RSA) to the list of known hosts.\n"
DEBUG:scrapli.channel:read: b"\n *\n* ACCES RESTREINT AUX PERSONNES AUTORISEES *\n* *\n* L'acces a cet equipement est restreint aux personnes autorisees. *\n* L'activite des utilisateurs est enregistree par le systeme. *\n* Toute personne utilisant ce systeme consent expressement a *\n* cette surveillance et cet enregistrement. Toute tentative d'acces *\n* non autorisee pourra faire l'objet de poursuites judiciaires. *\n* *\n**********************************************************************\n"
DEBUG:scrapli.channel:read: b'(myusername@x.x.x.x) Password:'
DEBUG:scrapli.channel:write: REDACTED
DEBUG:scrapli.channel:write: '\n'
DEBUG:scrapli.channel:read: b'\n'
DEBUG:scrapli.channel:read: b'\nmyswitchname#'
DEBUG:scrapli.channel:write: '\n'
DEBUG:scrapli.channel:read: b'\nmyswitchname#'
INFO:scrapli.driver:attempting to acquire 'privilege_exec' privilege level
DEBUG:scrapli.driver:determined current privilege level is one of '['privilege_exec']'
DEBUG:scrapli.driver:determined current privilege level is target privilege level, no action needed
INFO:scrapli.channel:sending channel input: terminal length 0; strip_prompt: True; eager: False
DEBUG:scrapli.channel:write: 'terminal length 0'
DEBUG:scrapli.channel:read: b'ter'
DEBUG:scrapli.channel:read: b'm'
DEBUG:scrapli.channel:read: b'in'
DEBUG:scrapli.channel:read: b'al l'
DEBUG:scrapli.channel:read: b'ength '
DEBUG:scrapli.channel:read: b'0'
DEBUG:scrapli.channel:write: '\n'
DEBUG:scrapli.channel:read: b'\n'
DEBUG:scrapli.channel:read: b'myswitchname#'
INFO:scrapli.channel:sending channel input: terminal width 512; strip_prompt: True; eager: False
DEBUG:scrapli.channel:write: 'terminal width 512'
DEBUG:scrapli.channel:read: b'terminal'
DEBUG:scrapli.channel:read: b' w'
DEBUG:scrapli.channel:read: b'i'
DEBUG:scrapli.channel:read: b'dth 512'
DEBUG:scrapli.channel:write: '\n'
DEBUG:scrapli.channel:read: b'\n'
DEBUG:scrapli.channel:read: b'myswitchname#'
INFO:scrapli.driver:connection to 'x.x.x.x' on port '22' opened successfully
INFO:scrapli.channel:sending channel input: show version; strip_prompt: True; eager: False
DEBUG:scrapli.channel:write: 'show version'
DEBUG:scrapli.channel:read: b's'
DEBUG:scrapli.channel:read: b'how '
DEBUG:scrapli.channel:read: b've'
DEBUG:scrapli.channel:read: b'rsi'
DEBUG:scrapli.channel:read: b'o'
DEBUG:scrapli.channel:read: b'n'
DEBUG:scrapli.channel:write: '\n'
DEBUG:scrapli.channel:read: b'\n'
DEBUG:scrapli.channel:read: b'Cisco IOS XE Software, Version 16.12.06\nCisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.12.6...
The log in Cisco Switch (C9300-48P or WS-C3850-48P-L) - IOS-XE 16.12.06
Feb 8 2024 21:47:29.992 CET: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: myusername] [Source: x.x.x.x] [localport: 22] [Reason: Login Authentication Failed] at 21:47:29 CET Thu Feb 8 2024
I also tried with a WS-C3750X-48P-L switch (IOS 15.2(4)E10)
My configuration :
- Windows 10 64 bits 21H2 + WLS2 (Manjaro)
$ pip list
Package Version
------------------ ---------
blinker 1.7.0
certifi 2024.2.2
charset-normalizer 3.3.2
click 8.1.7
Flask 3.0.2
future 0.18.3
idna 3.6
itsdangerous 2.1.2
Jinja2 3.1.3
MarkupSafe 2.1.5
ntc_templates 4.2.0
pip 24.0
pyaml-env 1.2.1
python-dotenv 1.0.1
PyYAML 6.0.1
requests 2.31.0
scrapli 2024.1.30
setuptools 69.0.3
six 1.16.0
textfsm 1.1.3
urllib3 2.2.0
Werkzeug 3.0.1