Problem with old switch #28
Comments
|
Hi @RenatoPereira91, thanks for opening the issue |
|
Hi @miaow2, The models is WS-C2960-8TC-L. It's with the IOS 15. |
|
Unfortunately, I do not have such a device, if I post here a simple script that tries to open a connection with old algorithms, can you run it and post if it is successful or not? |
|
@miaow2 yes sure. I created the a simple script using the scraps library, and I get the connection with the parameters: connection = { I tried found this in your script, but without success kkkk (I dont have most knowledge about dev kk ) If you think better, I can send one email to you. |
|
there is a dictionary for scrapli connection but paramiko does not support async and can not be used in the plugin |
|
I understood, send me the script that you would like test. |
|
the script is below, it only gets "show version" from the device, define import asyncio
from scrapli import AsyncScrapli
DEVICE = {
"host": "",
"auth_username": "",
"auth_password": "",
"platform": "cisco_iosxe",
"auth_strict_key": False,
"transport": "asyncssh",
"transport_options": {
"asyncssh": {
"kex_algs": [
"curve25519-sha256",
"curve25519-sha256@libssh.org",
"curve448-sha512",
"ecdh-sha2-nistp521",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp256",
"ecdh-sha2-1.3.132.0.10",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha256",
"diffie-hellman-group15-sha512",
"diffie-hellman-group16-sha512",
"diffie-hellman-group17-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256@ssh.com",
"diffie-hellman-group14-sha1",
"rsa2048-sha256",
"diffie-hellman-group1-sha1",
"diffie-hellman-group-exchange-sha1",
"diffie-hellman-group-exchange-sha256",
],
"encryption_algs": [
"aes256-cbc",
"aes192-cbc",
"aes128-cbc",
"3des-cbc",
"aes256-ctr",
"aes192-ctr",
"aes128-ctr",
"aes128-gcm@openssh.com",
"chacha20-poly1305@openssh.com",
],
},
},
}
async def main():
async with AsyncScrapli(**DEVICE) as conn:
result = await conn.send_command("show version")
print(result.result)
if __name__ == "__main__":
asyncio.run(main()) |
|
@miaow2 this code worked |
|
ok, then I will create a new release with this fix |
|
@miaow2 Thank you, I have more one question, I fixed this code in my lab. I tried test if SNMP is correct, but if I use the "show running-config" it show me failed, with correctly SNMP config, If I use "show running-config | include snmp" work fine. I tried used the Regex(I used "^((?!snmp).)*$") , but doesn't work because the signal "+" is showed:
|
|
you tried regex with "show running-config" output? |
|
Yes, below I send the screenshot:
|
|
I will check at my local setup why this is happening |
|
Ok, if you need any help let me know. |
|
ohhh, i understand, in exclude regex you should define regexp that will delete config lines that are not in rendered config and are in the actual configuration, so actual configuration starts looking like rendered |
|
If I set the regex with "^snmp.*" the code deleted all line started with snmp and get failed. I understood that regex is to exclude line that match that rule. Is more easy create the regex to match line to compliance, but if I create regex to exclude all line match is hard because I need knowledge the configuration all devices. If you have any example about this, I can test. |
|
I am sorry, I read your regexp incorrectly, I fixed connection to old os versions and many empty lines when using negative regexp in release 1.2.2 |
|
Nice, I will update here. Thank you so much |
|
Nice, the problems fixed |
NetBox version
What version of NetBox are you currently running?
3.6.2
Describe the bug
After run the script I get this message:
Traceback (most recent call last):
File "/opt/netbox/venv/lib/python3.10/site-packages/netbox_config_diff/compliance/models.py", line 65, in get_actual_config
async with AsyncScrapli(**self.to_scrapli()) as conn:
File "/opt/netbox/venv/lib/python3.10/site-packages/scrapli/driver/base/async_driver.py", line 42, in aenter
await self.open()
File "/opt/netbox/venv/lib/python3.10/site-packages/scrapli/driver/base/async_driver.py", line 84, in open
await self.transport.open()
File "/opt/netbox/venv/lib/python3.10/site-packages/scrapli/transport/plugins/asyncssh/transport.py", line 194, in open
self.session = await asyncio.wait_for(
File "/usr/lib/python3.10/asyncio/tasks.py", line 445, in wait_for
return fut.result()
File "/usr/lib/python3.10/asyncio/tasks.py", line 650, in _wrap_awaitable
return (yield from awaitable.await())
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 8093, in connect
return await asyncio.wait_for(
File "/usr/lib/python3.10/asyncio/tasks.py", line 408, in wait_for
return await fut
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 440, in _connect
await options.waiter
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 1275, in data_received
while self._inpbuf and self._recv_handler():
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 1522, in _recv_packet
processed = handler.process_packet(pkttype, seq, packet)
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/packet.py", line 237, in process_packet
self._packet_handlers[pkttype](self, pkttype, pktid, packet)
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 2168, in _process_kexinit
self._enc_alg_cs = self._choose_alg('encryption', self._enc_algs,
File "/opt/netbox/venv/lib/python3.10/site-packages/asyncssh/connection.py", line 1349, in _choose_alg
raise KeyExchangeFailed(
asyncssh.misc.KeyExchangeFailed: No matching encryption algorithm found, sent chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr and received aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
My switch is old, I can't changer the algorithm, I tried use telnet but I cant found the correct drive.
The text was updated successfully, but these errors were encountered: