From 7c108b6b7a3277aac44455b93a587d1d01a58041 Mon Sep 17 00:00:00 2001 From: Neil Lathwood Date: Mon, 5 Feb 2018 21:55:31 +0000 Subject: Added support for setting ssh auth methods --- docs/Configuration.md | 9 +++++++++ docs/Model-Notes/EOS.md | 9 +++++++++ docs/Model-Notes/README.md | 1 + lib/oxidized/input/ssh.rb | 5 ++++- lib/oxidized/worker.rb | 6 +++++- 5 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 docs/Model-Notes/EOS.md diff --git a/docs/Configuration.md b/docs/Configuration.md index e2db05e..d0afdf6 100644 --- a/docs/Configuration.md +++ b/docs/Configuration.md @@ -59,6 +59,15 @@ vars: ssh_no_exec: true ``` +### SSH Auth Methods + +By default, Oxidized registers the following auth methods: `none`, `publickey` and `password`. However you can configure this globally, by groups, models or nodes. + +``` +vars: + auth_methods: none, publickey, password, keyboard-interactive +``` + ### SSH Proxy Command Oxidized can `ssh` through a proxy as well. To do so we just need to set `ssh_proxy` variable. diff --git a/docs/Model-Notes/EOS.md b/docs/Model-Notes/EOS.md new file mode 100644 index 0000000..66287e3 --- /dev/null +++ b/docs/Model-Notes/EOS.md @@ -0,0 +1,9 @@ +Arista EOS Configuration +======================== + +By default EOS requires keyboard-interactive to be added to your Oxidized config. You can avoid having to do this by configuring the following on the EOS device: + +``` +management ssh + authentication mode password +``` diff --git a/docs/Model-Notes/README.md b/docs/Model-Notes/README.md index f51ed80..636c9fa 100644 --- a/docs/Model-Notes/README.md +++ b/docs/Model-Notes/README.md @@ -11,6 +11,7 @@ Use the table below for more information on the Vendor/Model caveats. Vendor | Model |Updated ----------------|-----------------|---------------- +Arista|[EOS](EOS.md)|05 Feb 2018 Huawei|[VRP](VRP-Huawei.md)|17 Nov 2017 Juniper|[MX/QFX/EX/SRX/J Series](JunOS.md)|18 Jan 2018 Xyzel|[XGS4600 Series](XGS4600-Zyxel.md)|23 Jan 2018 diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index 27e81e0..8df18f5 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -29,10 +29,13 @@ module Oxidized :port => port.to_i, :password => @node.auth[:password], :timeout => Oxidized.config.timeout, :paranoid => secure, - :auth_methods => %w(none publickey password keyboard-interactive), :number_of_password_prompts => 0, } + auth_methods = vars(:auth_methods) || %w(none publickey password) + ssh_opts[:auth_methods] = auth_methods + Oxidized.logger.info "AUTH METHODS::#{auth_methods}" + if proxy_host = vars(:ssh_proxy) proxy_command = "ssh " proxy_command += "-o StrictHostKeyChecking=no " unless secure diff --git a/lib/oxidized/worker.rb b/lib/oxidized/worker.rb index 4173680..062233b 100644 --- a/lib/oxidized/worker.rb +++ b/lib/oxidized/worker.rb @@ -80,7 +80,11 @@ module Oxidized private def is_cycle_finished? - @jobs_done > 0 && @jobs_done % @nodes.count == 0 + if @jobs_done > @nodes.count + true + else + @jobs_done > 0 && @jobs_done % @nodes.count == 0 + end end def run_done_hook -- cgit v1.2.1 From 91caa88b868decb8e063e95cfe63100dd990d2e7 Mon Sep 17 00:00:00 2001 From: Wild Kat Date: Fri, 27 Apr 2018 13:00:48 +0200 Subject: confucious say: man who rebases broken test of another simply shifting blame --- spec/input/ssh_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/input/ssh_spec.rb b/spec/input/ssh_spec.rb index 9e08cea..3c33cd8 100644 --- a/spec/input/ssh_spec.rb +++ b/spec/input/ssh_spec.rb @@ -34,7 +34,7 @@ describe Oxidized::SSH do proxy: proxy, password: 'armud', number_of_password_prompts: 0, - auth_methods: ['none', 'publickey', 'password', 'keyboard-interactive']) + auth_methods: %w[none publickey password]) ssh.instance_variable_set("@exec", true) ssh.connect(@node) -- cgit v1.2.1 From 7701ee6ba338348acce08c8fc941244b909842cf Mon Sep 17 00:00:00 2001 From: Neil Lathwood Date: Fri, 27 Apr 2018 12:14:36 +0100 Subject: updated tests --- spec/input/ssh_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/input/ssh_spec.rb b/spec/input/ssh_spec.rb index 9e08cea..3f86c08 100644 --- a/spec/input/ssh_spec.rb +++ b/spec/input/ssh_spec.rb @@ -34,7 +34,7 @@ describe Oxidized::SSH do proxy: proxy, password: 'armud', number_of_password_prompts: 0, - auth_methods: ['none', 'publickey', 'password', 'keyboard-interactive']) + auth_methods: ['none', 'publickey', 'password']) ssh.instance_variable_set("@exec", true) ssh.connect(@node) -- cgit v1.2.1