Age | Commit message (Collapse) | Author |
|
|
|
Some boxes like prokurwa may authenticate via SSH (proper), or may have
no auth on SSH and use terminal auth (improper)
Even if SSH is configured for terminal auth, in this change we attempt
to detect prompt, so that we won't expect terminal auth, even when
requested, if it is not presented.
|
|
|
|
|
|
|
|
|
|
also fix warning about unused variable
|
|
Newer versions of ssh (>=5.4) support the -W option which makes the
use of netcat obsolete. Dropping netcat is useful is you want to
hop through a router/switch since they rarely have netcat support.
|
|
Tested, and is even better.
|
|
Some network equipment exists that does not want to play nice with ssh.
This adds the vars ssh_encryption and ssh_kex which can be used to
make tell oxidized to use certain encryption and key exchange so it
can connect to these devices.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When I try to run oxidized as a different user, I get permission errors
for oxidized tries to write debug logs (e.g. true-telnet) in current
working directory which in my case is not writable for the
non-privileged user. I think this can be improved by this change.
1) Why would you use CFG.input.debug?.to_s (which in this case will
always be ‘true’) as a prefix at all
2) let’s use the crash directory for the debug output, as we know this
is available and choose a more descriptive name
|
|
|
|
|
|
Net::SSH::AuthenticationFailed on some Arista devices
|
|
used by ciscosmb and one of the wlan controllers. Thansk to
@SaaldjorMike for spotting
fixes #121
|
|
(new behavior in net-ssh 2.9.3)
|
|
|
|
If you have
input:
debug: session_log
Then session_log-telnet and session_log-ssh will be created showing what
the telnet/ssh saw. Helpful in model development.
|
|
ALU ISAM DSLAM does this
|
|
Main benefits
a) we get support for system wide configs
b) we don't use symbols in config file, they're confusing to
non-rubyist
|
|
|
|
- add 'connnected?' method to ssh/telnet to query if or not we're
connected
- subclass OxidizedError from StandardError, all future OxidizedErrors
should be subclasssed from this.
|
|
If we stay connected on the device (model broken?) give up after
timeout, instead of sitting in the model forever
|
|
Crappy Cisco WLC 5k, much quality, very implementation, such secure
* stop pre_logout from expecting prompt by default
|
|
|
|
Outputs about what we've seen last in input class. Quite dirty in
telnet, so not sure I'm going to support it. Let's see if there is
use-case for it.
|
|
As I can't do IO#select on sinatra/puma to run it when I have time, I
have to run it on separate thread.
This means Nodes container needs to be thread safe, it now has ghetto
mutex locking, but I probably need to be be more focused what are the
external methods that can be called and wrap those in @mutex.synchronize
Provide also HTML UI not just JSON for ghetto UI to people who don't want to
integrate
|
|
|
|
Specifically AOS 6, vxworks era, not linux era 7
|
|
Now input ssh has configuration secure which is false by default,
meaning we don't care about changing keys. It breaks ssh security model
but rancid does it too.
Also input models error handling is now mostly moved to node.rb for
centralized handling + logging. With input models only defining which
errors they want to receover from.
|
|
|
|
|
|
|
|
Now we can deal with pager and additional PW prompts, such as 'enable'
Examples in IOS model how to use.
The Telnet implementation is particularly fugly, I just need one line in
'waitfor' to handle pager while waiting for prompt, but couldn't figure
out clean way to do it, so needed to rewrit whole Telnet#waitfor just to
add that line.
|
|
|
|
Silly for shit-and-giggles attempt at rancid
|