You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I need some help to troubleshoot why connecting with SSH key with passphrase is not working with SSH agent.
If I understand correctly if I have setup access to SRX with SSH keys and using SSH agent then junos-eznc should be able to read that information and connect to device.
Connection to SRX 4200 with version Junos: 21.4R3-S4.9
From ubuntu 22.04 with python 3.10 and junos-eznc 2.7.1
If I connect from command line it doesn't ask password and connects
rilves@raimondadmin:~$ ssh 10.35.255.1 -p 830 -s netconf
<!-- No zombies were killed during the creation of this user interface -->
<!-- user rilves, class j-super-user-local -->
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
If I try with the following python code
from pprint import pprint
from jnpr.junos import Device
with Device(host='10.35.255.1', user='rilves') as dev:
pprint( dev.facts )
I get following error:
rilves@raimondadmin:~$ python3 test.py
Traceback (most recent call last):
File "/home/rilves/.local/lib/python3.10/site-packages/jnpr/junos/device.py", line 1371, in open
self._conn = netconf_ssh.connect(
File "/home/rilves/.local/lib/python3.10/site-packages/ncclient/manager.py", line 187, in connect
return connect_ssh(*args, **kwds)
File "/home/rilves/.local/lib/python3.10/site-packages/ncclient/manager.py", line 139, in connect_ssh
session.connect(*args, **kwds)
File "/home/rilves/.local/lib/python3.10/site-packages/ncclient/transport/ssh.py", line 359, in connect
self._auth(username, password, key_filenames, allow_agent, look_for_keys)
File "/home/rilves/.local/lib/python3.10/site-packages/ncclient/transport/ssh.py", line 494, in _auth
raise AuthenticationError(repr(saved_exception))
ncclient.transport.errors.AuthenticationError: SSHException('encountered EC key, expected OPENSSH key')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/rilves/test.py", line 5, in <module>
with Device(host='10.35.255.1', user='rilves') as dev:
File "/home/rilves/.local/lib/python3.10/site-packages/jnpr/junos/device.py", line 1476, in __enter__
self.open()
File "/home/rilves/.local/lib/python3.10/site-packages/jnpr/junos/device.py", line 1392, in open
raise EzErrors.ConnectAuthError(self)
jnpr.junos.exception.ConnectAuthError: ConnectAuthError(10.35.255.1)
Everything works if I provide "passwd: " in the python script aswell. But would like to have key authentication.
Do I need to create OPENSSH key or could this be any other error and it just not getting my key for some reason ?
Thanks for help!
The text was updated successfully, but these errors were encountered:
Alright I did some more reading and checked out the first error line code "device.py"
And from that file I found this
# we want to enable the ssh-agent if-and-only-if we are
# not given a password or an ssh key file.
# in this condition it means we want to query the agent
# for available ssh keys
allow_agent = bool(
(self._auth_password is None) and (self._ssh_private_key_file is None)
)
It seems that SSH agent only works when you don't give SSH key file and password defined anywhere. So I tested and removed my .ssh/config file and then the python code works and connects to device.
Is this expected behavior? Is it possible to set this in python to script to still have .ssh/config file the same?
Also if the key password is not yet in the SSH agent after new session it would also break. Shouldn't it still check the SSH key from .ssh/config and then ask for password if not in SSH agent already ?
Hello,
I need some help to troubleshoot why connecting with SSH key with passphrase is not working with SSH agent.
If I understand correctly if I have setup access to SRX with SSH keys and using SSH agent then junos-eznc should be able to read that information and connect to device.
Connection to SRX 4200 with version Junos: 21.4R3-S4.9
From ubuntu 22.04 with python 3.10 and junos-eznc 2.7.1
This is what I have in my .ssh/config file:
If I connect from command line it doesn't ask password and connects
If I try with the following python code
I get following error:
Everything works if I provide "passwd: " in the python script aswell. But would like to have key authentication.
Do I need to create OPENSSH key or could this be any other error and it just not getting my key for some reason ?
Thanks for help!
The text was updated successfully, but these errors were encountered: