Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Issue with ssh to a cisco smart switch

by edimusrex (Monk)
on Sep 12, 2017 at 20:12 UTC ( #1199230=perlquestion: print w/replies, xml ) Need Help??
edimusrex has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to get the version information off of a cisco sg300 smart switch. I have decided to use the module Net::SSH2::Cisco which I have used in the past for a cisco phone server. When running the following script

#!/usr/bin/perl use warnings; use strict; use Net::SSH2::Cisco; my $host = "<my_host>"; my $user = "<my_user>"; my $password = "<my_password>"; my $session = Net::SSH2::Cisco->new(host => $host); $session->login(username => $user, password => $password); my @version = $session->cmd("show version"); print @version; $session->close;

I get the following error

Net::SSH2 error -18:LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED Authentication failed (username/password) authentication failed for user - `cisco' at ./switch.pl line 12

Not really sure what the issue here is. I can ssh into the switch no problem from the command line.

Thanks in advanced

** Update **

I think I have isolated the issue but now need to figure out how to implement it. The issue seems to be related to the expected prompt for the username/login. The switch expects "User Name:" as the prompt. I've switched to using the module Net::Appliance::Session which appears to have a way to allow custom prompts, just a matter of figuring it out now. Help always appreciated.

Replies are listed 'Best First'.
Re: Issue with ssh to a cisco smart switch
by VinsWorldcom (Parson) on Sep 12, 2017 at 22:43 UTC

    Assuming the sg300 does user / password authentication and that's what you're using when you login directly - not public key correct? I don't believe I've enabled public key authentication in Net::SSH2::Cisco - looks like version 0.05 is needed :-)

    Also, looks like you enabled Net::SSH2 debugging and the issue is happening before login. You may try 'dump_log' and provide a file name in the new() call, but that will only show data once you're logged in (which looks like you can't).

    I had a bit of a different issue described here with fix http://vinsworldcom.blogspot.com/2017/05/netssh2-upgrade-access-to-cisco.html

      I'll give that a go and see what happens. I might also try this module on a RHEL server and see if I get the same error, beginning to wonder if it's OS specific. I am not using keystores to log in, just a simple ssh to the switch from the command line.

      Thanks

Re: Issue with ssh to a cisco smart switch
by thanos1983 (Priest) on Sep 12, 2017 at 22:38 UTC

    Hello edimusrex,

    I have no experience with the module but I can try to propose some ideas, as I have played in the past with similar modules.

    I do not see in the module documentation username => $user, password => $password, I assume that it should be like $user, $password

    From the module documentation error, try something like this (untested):

    my $session = Net::SSH2::Cisco->new(host => $host); $session->login(username => $user, password => $password) or $session- +>errmsg; # "die" (the default)

    It should give you more information if you can login or not. From the error message that you posted Net::SSH2 error -18:LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED....etc it looks like you are failing to connect with the username and password that you are trying to pass and it is assuming the protocol that you are using SSH keys.

    I found a similar question Using Net::SSH2::Cisco and the user is connecting like this:

    $sok->login(Name =>$user, Password =>$lp, );

    Give it a try, and post your solution if you resolve it after.

    Update: From the documentation Net::SSH2::Cisco/METHODS/enable:

    $ok = $obj->enable( [Name => $name,] [Password => $password,] [Level => $level,] );

    So yes you should pass your username and password like this.

    Hope this helps, BR.

    Seeking for Perl wisdom...on the process of learning...not there...yet!

      Ok, thank you. I will give it a go and see what happens. I am also going to try it on a RHEL server to see if I get the same error (running on ubuntu 15 right now).

Re: Issue with ssh to a cisco smart switch
by Anonymous Monk on Sep 12, 2017 at 20:51 UTC

    Hi,

    Which keystore/public key does "ssh from the commandline" use?

    Which keystore/certificatepack does Net::SSH2 uses?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1199230]
Approved by Paladin
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (3)
As of 2017-10-20 09:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My fridge is mostly full of:

















    Results (260 votes). Check out past polls.

    Notices?