Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pyezconnection taking private key before supplied password #569

Open
33Fraise33 opened this issue Sep 22, 2021 · 0 comments
Open

Pyezconnection taking private key before supplied password #569

33Fraise33 opened this issue Sep 22, 2021 · 0 comments
Labels
Type: Bug

Comments

@33Fraise33
Copy link

Issue Type

  • Bug Report / Unwanted Behaviour

Module Name

juniper.device
juniper.device collection and Python libraries version

ansible [core 2.11.5]
  config file = /home/gianni/git/5g-ansible-networking/ansible.cfg
  configured module search path = ['/home/gianni/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/gianni/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.7 (default, Aug 31 2021, 13:28:12) [GCC 11.1.0]
  jinja version = 2.11.3
  libyaml = True

aiofiles @ file:///build/python-aiofiles/src/aiofiles/dist/aiofiles-0.7.0-py3-none-any.whl
aiohttp==3.7.4.post0
aiohttp-cors==0.7.0
ansible==4.5.0
ansible-core==2.11.5
apparmor==3.0.3
appdirs==1.4.4
application-utility==1.3.2
async-generator==1.10
async-timeout==3.0.1
attrs==21.2.0
Babel==2.9.1
bcrypt==3.2.0
bidict==0.21.3
Brlapi==0.8.2
btrfsutil==5.14
CacheControl==0.12.6
ceph==1.0.0
ceph-volume==1.0.0
cephfs==2.0.0
cephfs-shell==0.0.1
certifi==2020.12.5
cffi==1.14.5
chardet==3.0.4
click==7.1.2
cmd2==1.5.0
colorama==0.4.4
construct==2.10.67
contextlib2==0.6.0.post1
cryptography==3.4.4
cupshelpers==1.0
decorator==5.1.0
distlib==0.3.2
distro==1.6.0
dnspython==2.1.0
docker==4.4.1
docopt==0.6.2
entrypoints==0.3
evdev==1.4.0
filelock==3.0.12
flake8==3.9.2
future==0.18.2
Glances==3.2.2
gns3-gui==2.2.25
gns3-server==2.2.25
gsm0338==1.0.0
html5lib==1.1
idna==3.1
importlib-metadata==4.8.1
isc==2.0
isodate==0.6.0
Jinja2==2.11.3
jsonpath-ng==1.5.2
jsonschema==3.2.0
junos-eznc==2.6.2
jxmlease==1.0.3
keyutils==0.6
lensfun==0.3.95
LibAppArmor==3.0.3
libfdt==1.6.1
libtorrent===1.2.14-build-libtorrent-rasterbar-src-libtorrent-rasterbar-1.2.14-bindings-python
libvirt-python==7.3.0
louis==3.19.0
lxml==4.6.3
Markdown==3.3.4
MarkupSafe==1.1.1
mccabe==0.6.1
meson==0.59.1
more-itertools==8.9.0
msgpack==1.0.2
multidict==4.7.6
ncclient==0.6.9
netaddr==0.8.0
netsnmp-python==1.0a1
npyscreen==4.10.5
ordered-set==4.0.2
packaging==20.8
pacman-mirrors==4.21.5
paramiko==2.7.2
pep517==0.11.0
Pillow==8.3.2
ply==3.11
progress==1.5
prompt-toolkit==3.0.20
protobuf==3.6.0
psutil==5.8.0
py-cpuinfo==8.0.0
pycairo==1.20.1
pycodestyle==2.7.0
pycountry==20.7.3
pycparser==2.20
pycryptodome==3.10.1
pycups==2.0.1
pycurl==7.43.0.6
pyflakes==2.3.1
Pygments==2.10.0
PyGObject==3.40.1
PyNaCl==1.4.0
pynetbox==5.3.0
pyOpenSSL==20.0.1
pyparsing==2.4.7
pyperclip==1.7.0
PyQt5==5.15.4
PyQt5-sip==12.9.0
pyrsistent==0.18.0
pyscard==2.0.1
pyserial==3.5
pySim==1.0
pysmbc==1.0.23
PySocks==1.7.1
python-dotenv==0.15.0
pytlv==0.71
pytz==2021.1
PyYAML==5.4.1
rados==2.0.0
rbd==2.0.0
reportlab==3.6.1
requests==2.26.0
resolvelib==0.5.5
retrying==1.3.3
rgw==2.0.0
scp==0.13.6
sentry-sdk==1.3.1
sip==4.19.25
six==1.11.0
speedtest-cli==2.1.3
streamlink==2.4.0
team==1.0
toml==0.10.2
tomli==1.2.1
transitions==0.8.8
typing-extensions==3.7.4.3
udiskie==2.3.3
ultrasync==0.9.2
urllib3==1.26.2
virtualenv==20.4.2
wcwidth==0.2.5
webencodings==0.5.1
websocket-client==0.59.0
xmltodict==0.12.0
yamlordereddictloader==0.4.0
yarl==1.4.2
youtube-dl==2021.6.6
zipp==3.5.0

OS / Environment

Model: ex3400-24t
Junos: 20.4R2-S2.2

Summary

Running juniper.device.config for example does give a PyEZ ConnectAuthError when running the playbook with -u <username> -k. This happens as my private key in ~/.ssh/config is not on the device. The expected result is to use the ssh key first and if this fails use the supplied username and password combination. This last part is not happening so on a new device this is only fixable by adding the variable:
ssh_private_key_file: "/dev/null"

Steps to reproduce

- name: Juniper - System settings
  juniper.device.config:
    load: replace
    template: "{{ role_path }}/templates/junos_system.conf.j2"
    format: text
    config_mode: private
    timeout: 60
    vars:
      admin_users: "{{ admin_users }}"
      inventory_hostname: "{{ inventory_hostname }}"
      timezone: "{{ timezone }}"
      ntp: "{{ ntp }}"
      juniper_tacplus_secret: "{{ juniper_tacplus_secret }}"
      license_keys: "{{ license_keys | default([]) }}"
  when: "'juniper' in group_names"
  register: result

- name: Juniper - Changes made
  debug:
    var: result.diff_lines

Expected results

TASK [common : Juniper - System settings] ******************************************************************************************************************************************************
ok: [PR_BAC_SW03]
ok: [PR_BAC_SW04]
changed: [PR_BAC_SW01]
changed: [PR_BAC_SW07]
changed: [PR_BAC_SW08]
changed: [PR_BAC_SW10]
changed: [PR_BAC_SW09]

Actual results

The full traceback is:
  File "/tmp/ansible_juniper.device.config_payload_jzkfs97w/ansible_juniper.device.config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py", line 1069, in open
    self.dev.open()
  File "/usr/lib/python3.9/site-packages/jnpr/junos/device.py", line 1366, in open
    raise EzErrors.ConnectAuthError(self)
fatal: [PR_BAC_SW01]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "attempts": null,
            "baud": null,
            "check": null,
            "check_commit_wait": null,
            "comment": null,
            "commit": null,
            "commit_empty_changes": false,
            "config_mode": "private",
            "confirmed": null,
            "console": null,
            "cs_passwd": null,
            "cs_user": null,
            "dest": null,
            "dest_dir": null,
            "diff": null,
            "diffs_file": null,
            "filter": null,
            "format": "text",
            "host": "10.210.0.22",
            "ignore_warning": null,
            "level": null,
            "lines": null,
            "load": "replace",
            "logdir": null,
            "logfile": null,
            "mode": null,
            "model": null,
            "namespace": null,
            "options": {},
            "passwd": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": 830,
            "remove_ns": null,
            "retrieve": null,
            "return_output": true,
            "rollback": null,
            "src": null,
            "ssh_config": null,
            "ssh_private_key_file": null,
            "template": "/home/gianni/git/5g-ansible-networking/roles/common/templates/junos_system.conf.j2",
            "timeout": 60,
            "url": null,
            "user": "root",
            "vars": {
                "admin_users": [],
                "inventory_hostname": "PR_BAC_SW01",
                "juniper_tacplus_secret": "",
                "license_keys": [],
                "ntp": {
                    "servers": [
                        "193.190.147.153"
                    ]
                },
                "timezone": {
                    "juniper": "UTC",
                    "linux": "Etc/UTC"
                }
            }
        }
    },
    "msg": "Unable to make a PyEZ connection: ConnectAuthError(10.210.0.22)"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@33Fraise33 @dineshbaburam91