Specific port NetmikoAuthenticationException
See original GitHub issueProblem: netmiko ssh (to vty session) password auth fails
My guess: retry auth? or paramiko none auth method needs to be populated / event needs to be handled
Native ssh client is fine: OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
ssh admin@192.168.0.1 -p 22
Password:
PerleSCR>
For kicks I also verified:
- SSH
autodetect
and native client to other ports (reverse tty) password auth succeeds. - Telnet
cisco_ios_telnet
password auth succeeds.
Server
- OpenSSH 7.2 (on Perle IOLAN SCR1618)
Client:
- Netmiko 3.4.0
- Paramiko 2.7.2
SSH Bad Login
ConnectHandler(device_type='autodetect', ip=SCR_IP, port=22, username=SCR_USER, password=SCR_PASS, banner_timeout=30, global_delay_factor=0.1, timeout=120, auth_timeout=30, session_timeout=120, session_log='logs\\scr_debug.log')
server log
PerleSCR# Jan 02 01:55:20 EST %SSHD-6: Connection closed by 192.168.0.10 port 52976
session log is empty
debug log
DEBUG:paramiko.transport:starting thread (client mode): 0xf900e880
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.7.2
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_7.2
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_7.2)
DEBUG:paramiko.transport:kex algos:['curve25519-sha256@libssh.org', 'ecdh-sha2-nistp256', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp521', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group14-sha1'] server key:['ssh-rsa', 'rsa-sha2-512', 'rsa-sha2-256'] client encrypt:['chacha20-poly1305@openssh.com', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] server encrypt:['chacha20-poly1305@openssh.com', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] client mac:['hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'umac-64@openssh.com', 'umac-128@openssh.com', 'hmac-sha1-etm@openssh.com', 'hmac-sha2-256-etm@openssh.com', 'hmac-sha2-512-etm@openssh.com', 'umac-64-etm@openssh.com', 'umac-128-etm@openssh.com'] server mac:['hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'umac-64@openssh.com', 'umac-128@openssh.com', 'hmac-sha1-etm@openssh.com', 'hmac-sha2-256-etm@openssh.com', 'hmac-sha2-512-etm@openssh.com', 'umac-64-etm@openssh.com', 'umac-128-etm@openssh.com'] client compress:['none', 'zlib@openssh.com', 'zlib'] server compress:['none', 'zlib@openssh.com', 'zlib'] client lang:[''] server lang:[''] kex follows?False
DEBUG:paramiko.transport:Kex agreed: curve25519-sha256@libssh.org
DEBUG:paramiko.transport:HostKey agreed: ssh-rsa
DEBUG:paramiko.transport:Cipher agreed: aes128-ctr
DEBUG:paramiko.transport:MAC agreed: hmac-sha2-256
DEBUG:paramiko.transport:Compression agreed: none
DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-rsa host key for 192.168.0.1: b'af867e81355f212088f5ac83182c99b8'
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Authentication (password) failed.
DEBUG:paramiko.transport:EOF in transport thread
Traceback
Traceback (most recent call last):
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\netmiko\base_connection.py", line 935, in establish_connection
self.remote_conn_pre.connect(**ssh_connect_params)
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\paramiko\client.py", line 435, in connect
self._auth(
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\paramiko\client.py", line 765, in _auth
raise saved_exception
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\paramiko\client.py", line 751, in _auth
self._transport.auth_password(username, password)
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\paramiko\transport.py", line 1509, in auth_password
return self.auth_handler.wait_for_response(my_event)
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\paramiko\auth_handler.py", line 250, in wait_for_response
raise e
paramiko.ssh_exception.AuthenticationException: Authentication failed.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "wipeSwitch.py", line 148, in <module>
main()
File "wipeSwitch.py", line 62, in main
srv = connectSCR(only=True)
File "wipeSwitch.py", line 140, in connectSCR
if only: return ConnectHandler(device_type='autodetect', ip=SCR_IP, port=22, username=SCR_USER, password=SCR_PASS, banner_timeout=30, global_delay_factor=0.1, timeout=120, auth_timeout=30, session_timeout=120, session_log_record_writes=True, session_log='logs\\scr_debug.log')
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\netmiko\ssh_dispatcher.py", line 326, in ConnectHandler
return ConnectionClass(*args, **kwargs)
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\netmiko\base_connection.py", line 350, in __init__
self._open()
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\netmiko\base_connection.py", line 355, in _open
self.establish_connection()
File "C:\Users\chaddun\AppData\Roaming\Python\Python38\site-packages\netmiko\base_connection.py", line 972, in establish_connection
raise NetmikoAuthenticationException(msg)
netmiko.ssh_exception.NetmikoAuthenticationException: Authentication to device failed.
Common causes of this problem are:
1. Invalid username and password
2. Incorrect SSH-key file
3. Connecting to the wrong device
Device settings: autodetect 192.168.0.1:22
Authentication failed.
SSH Good Login
ConnectHandler(device_type='autodetect', ip=SCR_IP, port=10001, username=SCR_USER, password=SCR_PASS, banner_timeout=30, global_delay_factor=0.1, timeout=120, auth_timeout=30, session_timeout=120, session_log_record_writes=True, session_log='logs\\scr_debug.log')
server log
PerleSCR# Jan 02 01:56:18 EST %IOL_SSHD-6: Connection from 192.168.0.10 port 53230 on 192.168.0.1 port 10001
Jan 02 01:56:19 EST %IOL_SSHD-6: auth2_read_banner() \n
Jan 02 01:56:19 EST %IOL_SSHD-6: motd = (nil) \n
Jan 02 01:56:19 EST %IOL_SSHD-6: login = (nil) \n
Jan 02 01:56:19 EST %IOL_SSHD-6: len = 0 banner len = 0\n
Jan 02 01:56:19 EST %IOL_SSHD-6: pam_sm_authenticate() 26
Jan 02 01:56:19 EST %IOL_SSHD-6: Setting PAM_AUTH_STATUS to fail 34
Jan 02 01:56:19 EST %IOL_SSHD-6: pam_sm_authenticate() 53 name: admin password: $1$8/Fz$Va/t40Q/TH5rWNtlrf1YY0
Jan 02 01:56:19 EST %IOL_SSHD-6: auth success
Jan 02 01:56:19 EST %IOL_SSHD-6: Setting PAM_AUTH_STATUS to pass 137
Jan 02 01:56:19 EST %IOL_SSHD-6: Accepted password for admin from 192.168.0.10 port 53230 ssh2
Jan 02 01:56:19 EST %IOL_SSHD-6: Email: 6, 0: Accepted password for admin from 192.168.0.10 port 53230 ssh2
Jan 02 01:56:19 EST %IOL_SSHD-6: authentication finished
Jan 02 01:56:19 EST %IOL_SSHD-6: 2318 call do pan session
Jan 02 01:56:19 EST %IOL_SSHD-6: 2342 call do_authenticated
Jan 02 01:56:19 EST %IOL_SSHD-6: call do_exec 2258 NULL
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 818 (null)\n
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 828\n
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 846\n
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 848 /dev/pts/0\n
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 853\n
Jan 02 01:56:19 EST %IOL_SSHD-6: Starting session: shell on pts/0 for admin from 192.168.0.10 port 53230 id 0
Jan 02 01:56:19 EST %IOL_SSHD-6: do_exec 876 ttyfd = 14 (null)\n
Jan 02 01:56:19 EST %IOL_RSESSMGR-6: acquire_rev_session 865
Jan 02 01:56:19 EST %IOL_RSESSMGR-6: acquire_rev_session 870
Jan 02 01:56:19 EST %IOL_RSESSMGR-6: acquire_rev_session 897
Jan 02 01:56:19 EST %IOL_RSESSMGR-6: acquire_rev_session 901
Jan 02 01:56:19 EST %IOL_RSESSMGR-6: do_output 625
Jan 02 01:56:22 EST %IOL_SSHD-6: Connection closed by 192.168.0.10
Jan 02 01:56:22 EST %IOL_SSHD-6: Close session: user admin from 192.168.0.10 port 53230 id 0
Jan 02 01:56:22 EST %IOL_SSHD-6: Transferred: sent 3672, received 1936 bytes
Jan 02 01:56:22 EST %IOL_SSHD-6: Closing connection to 192.168.0.10 port 53230
PerleSCR#
session_log
en
debug log
DEBUG:paramiko.transport:starting thread (client mode): 0x759be880
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.7.2
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_7.2
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_7.2)
DEBUG:paramiko.transport:kex algos:['curve25519-sha256@libssh.org', 'ecdh-sha2-nistp256', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp521', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group14-sha1'] server key:['ssh-rsa', 'rsa-sha2-512', 'rsa-sha2-256'] client encrypt:['chacha20-poly1305@openssh.com', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] server encrypt:['chacha20-poly1305@openssh.com', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-gcm@openssh.com', 'aes256-gcm@openssh.com'] client mac:['hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'umac-64@openssh.com', 'umac-128@openssh.com', 'hmac-sha1-etm@openssh.com', 'hmac-sha2-256-etm@openssh.com', 'hmac-sha2-512-etm@openssh.com', 'umac-64-etm@openssh.com', 'umac-128-etm@openssh.com'] server mac:['hmac-sha1', 'hmac-sha2-256', 'hmac-sha2-512', 'umac-64@openssh.com', 'umac-128@openssh.com', 'hmac-sha1-etm@openssh.com', 'hmac-sha2-256-etm@openssh.com', 'hmac-sha2-512-etm@openssh.com', 'umac-64-etm@openssh.com', 'umac-128-etm@openssh.com'] client compress:['none', 'zlib@openssh.com', 'zlib'] server compress:['none', 'zlib@openssh.com', 'zlib'] client lang:[''] server lang:[''] kex follows?False
DEBUG:paramiko.transport:Kex agreed: curve25519-sha256@libssh.org
DEBUG:paramiko.transport:HostKey agreed: ssh-rsa
DEBUG:paramiko.transport:Cipher agreed: aes128-ctr
DEBUG:paramiko.transport:MAC agreed: hmac-sha2-256
DEBUG:paramiko.transport:Compression agreed: none
DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-rsa host key for [192.168.0.1]:10001: b'af867e81355f212088f5ac83182c99b8'
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Auth banner: b''
INFO:paramiko.transport:Authentication (password) successful!
DEBUG:paramiko.transport:Received global request "hostkeys-00@openssh.com"
DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
DEBUG:paramiko.transport:Rejecting "hostkeys-00@openssh.com" global request from server.
DEBUG:paramiko.transport:[chan 0] Max packet out: 32768 bytes
DEBUG:paramiko.transport:Secsh channel 0 opened.
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:netmiko:write_channel: b'\n\n\n\nen\n\n\n\n\n'
DEBUG:paramiko.transport:EOF in transport thread
Native client version of SSH Good Login
ssh admin@192.168.0.1 -p 10001
Password:
ReverseDevice#
Issue Analytics
- State:
- Created 2 years ago
- Comments:18 (8 by maintainers)
Top Results From Across the Web
netmiko API documentation - GitHub Pages
:param port: The destination port used to connect to the target device. ... :param keepalive: Send SSH keepalive packets at a specific interval,...
Read more >How to use the netmiko.ssh_exception. ...
NetmikoAuthenticationException examples, based on popular ways it is used in ... ( device_type=self.device_type, ip=self.host, port=self.port ) msg += self.
Read more >Module netmiko - Python for network engineers
sends command to device and gets the output until string with prompt or until specified string. prompt is automatically determined · method ...
Read more >Re: Python to issue CLI commands over SSH
... NetMikoAuthenticationException # DEVICE_CREDS contains the devices to ... try: a_device['conf']['port'] except KeyError: a_device['conf']['port'] = 22 ...
Read more >The best way to call a function automatically, each time ...
After connecting I would need to continue on to the specific function ... NetMikoAuthenticationException): print('Unable to connect to the ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
No, I still had it pointing to the other port when that happened. I removed the comment. Still the same for port 22.
There is no active work being done on this issue so I am going to close it.