Age | Commit message (Collapse) | Author |
|
#1061 Handling devices that only prompt for password via SSH
|
|
|
|
|
|
Closes #1276
|
|
|
|
fsync() can be expensive on OSes and induce timeout failures when running with input debugging of SSH sessions.
|
|
|
|
An approach to handling devices that do not prompt for a username, only a password when connecting via ssh. The Calix B6 inspired this.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Some boxes like prokurwa may authenticate via SSH (proper), or may have
no auth on SSH and use terminal auth (improper)
Even if SSH is configured for terminal auth, in this change we attempt
to detect prompt, so that we won't expect terminal auth, even when
requested, if it is not presented.
|
|
|
|
|
|
|
|
|
|
also fix warning about unused variable
|
|
Newer versions of ssh (>=5.4) support the -W option which makes the
use of netcat obsolete. Dropping netcat is useful is you want to
hop through a router/switch since they rarely have netcat support.
|
|
Tested, and is even better.
|
|
Some network equipment exists that does not want to play nice with ssh.
This adds the vars ssh_encryption and ssh_kex which can be used to
make tell oxidized to use certain encryption and key exchange so it
can connect to these devices.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When I try to run oxidized as a different user, I get permission errors
for oxidized tries to write debug logs (e.g. true-telnet) in current
working directory which in my case is not writable for the
non-privileged user. I think this can be improved by this change.
1) Why would you use CFG.input.debug?.to_s (which in this case will
always be ‘true’) as a prefix at all
2) let’s use the crash directory for the debug output, as we know this
is available and choose a more descriptive name
|
|
|
|
|
|
Net::SSH::AuthenticationFailed on some Arista devices
|
|
used by ciscosmb and one of the wlan controllers. Thansk to
@SaaldjorMike for spotting
fixes #121
|
|
(new behavior in net-ssh 2.9.3)
|
|
|
|
If you have
input:
debug: session_log
Then session_log-telnet and session_log-ssh will be created showing what
the telnet/ssh saw. Helpful in model development.
|
|
ALU ISAM DSLAM does this
|
|
Main benefits
a) we get support for system wide configs
b) we don't use symbols in config file, they're confusing to
non-rubyist
|
|
|
|
- add 'connnected?' method to ssh/telnet to query if or not we're
connected
- subclass OxidizedError from StandardError, all future OxidizedErrors
should be subclasssed from this.
|
|
If we stay connected on the device (model broken?) give up after
timeout, instead of sitting in the model forever
|
|
Crappy Cisco WLC 5k, much quality, very implementation, such secure
* stop pre_logout from expecting prompt by default
|
|
|
|
Outputs about what we've seen last in input class. Quite dirty in
telnet, so not sure I'm going to support it. Let's see if there is
use-case for it.
|
|
As I can't do IO#select on sinatra/puma to run it when I have time, I
have to run it on separate thread.
This means Nodes container needs to be thread safe, it now has ghetto
mutex locking, but I probably need to be be more focused what are the
external methods that can be called and wrap those in @mutex.synchronize
Provide also HTML UI not just JSON for ghetto UI to people who don't want to
integrate
|
|
|
|
Specifically AOS 6, vxworks era, not linux era 7
|