Every once in a while I get a craving to install and run some NSO examples just to keep my basic knowledge at a bare minimum. This time I responded to an ask to test out our updated NSO getting started guide. Downloading and installing is seldom an issue and now it was smooth as it’s is free for evaluation and the link is provided on DevNet. You can even Google it if you can’t find it! Following the step-by-step guide is really fun and you almost feel like a developer, which I was 20 years ago. This time though my problems started already when running the first examples with Netsims. First, I could not ssh into the CLI, but who cares when there are other ways in (ncs_cli -u admin), but when I couldn’t connect to the devices or do sync from I was stuck. I realized that it had to do with SSH in one way or another. I am not an expert in this area and suddenly recalled why I left engineering. Stubborn as I am, I tried too many times and after repeated failures I got angry. When my colleague asked me how the review process was going I had to admit my defeat and finally asked for help. Luckily, we have an internal channel and when I broadcasted by SSH shortcomings, I had an answer to my problems within 60 seconds! This fast response was due to several people contributing to the solution before me and I just got their conclusions in a nice summary. After a bit of fiddling with new key generation I was back on track! It turned out to be a shortcoming of the NSO installation program that failed to recognize the new key format in OpenSSH version that comes with Mojave!
Think about how much time and effort you can save by using collective intelligence in a community, but don’t forget that your contribution matters! Writing this blog post is my contribution!
The example I was running: /examples.ncs/getting-started/using-ncs/1-simulated-ciso-ios
The error message:Unable to negotiate with 127.0.0.1 port 2024: no matching host key type found. Their offer:
* ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format. The OpenSSH format, supported in OpenSSH releases since 2014 and described in the PROTOCOL.key file in the source distribution, offers substantially better protection against offline password guessing and supports key comments in private keys. If necessary, it is possible to write old PEM-style keys by adding "-m PEM" to ssh-keygen's arguments when generating or updating a key.
So, generate new keys in your install directory (in both NSO and Netsim directories) with -m pem and you will be back to normal.
Hi all,we are building a service for deploying a VRF across the entire network in one go.the VRF services instance will be applied to many devices and many device types, the template has sections for IOS, XR and NXthe issue we are having is that we are us...
Hi, In NSO I can configure hard-coded accounts and password to connect to devices (authgroups).If I do not want that (our security team does not like that) and instead I have to to keep device passwords in a system like HashiCorp Vault, how can ...
Is there a simple way to map NSO CLI commands to the equivalent path in JSONRPC? I'm specifically looking to be able to do "devices device compare-config" and "devices sync-to dry-run" through Ansible's nso_actions module, but details on how to map to oth...
For spawning a VNF, we updated the nfvo vnf-info configuration with the day0 destination path and also defined variables to inject within the day0 file. But, though the VNF is spawned successfully and active, we are unable to login to the ...
Hi all, the below works fine on a local install i have running, but when issuing the same on a system install we get this error [root@localhost:/opt/ncs/ncs-22.214.171.124/src]# pythonPython 2.7.5 (default, Feb 20 2018, 09:19:12)[GCC 4.8.5 201506...