Exscript needs to negotiate ciphers automatically with older SSH systems... #215
Comments
mpennington-te
changed the title
|
I fixed the problem by forcing paramiko to downgrade ssh session params for this host... from Exscript.util.interact import read_login
from Exscript.protocols import SSH2
import paramiko
### Ask paramiko to downgrade ciphers and kex algorithms...
### Begin problem resolution...
paramiko.Transport._preferred_ciphers = ('aes128-cbc', '3des-cbc',)
paramiko.Transport._preferred_kex = ('diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1',)
### End problem resolution...
account = read_login()
conn = SSH2(driver='generic')
conn.connect('some.old.system.localdomain')
conn.login(account)
conn.execute('term len 0')
conn.execute('show version')
version_output = conn.response
conn.send('exit\r')
conn.close() |
|
@egroeper please close this ticket out when you have time... I opened the ticket while I was working for Cisco, but I left and don't have access to those credentials now... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Exscript has problems logging into systems which need changes to allowed SSH2 ciphers... Exscript will fail on this host...
Example script:
To be explicit, this is what I see when I try to login manually...
If I manually change options, such as:
ssh -c 3des-cbc some.old.system.localdomain, then the ssh session works.Issue #190 worked around the problem a different way... but Exscript should have a way to handle it without modifying
~/.ssh/configThe text was updated successfully, but these errors were encountered: