I am using NCT commands from a separate management Node to upgrade NSO build on two NSO nodes.

To avoid password prompt, i have added the ssh public key of management node to both NSO nodes.

After which scp/ssh to NSO nodes does not ask for password.

Issue is:

For some NCT commands like cli-cmd, ssh-cmd

On one NSO istance it doesn't prompt for password but on other NSO instance it does. I tried comparing authorized_keys on both nodes. Didn't find any difference.

Can you please help me to fix it.

Example:

Where it works:

[ec2-user@ip-20-20-10-202 ~]$ nct cli-cmd -c 'request packages reload' --host 20.20.10.168 --install-dir /home/ec2-user -vvvvv

nct_lib(125): Opts=[{cmd,"request packages reload"},

                    {host,"20.20.10.168"},

                    {install_dir,"/home/ec2-user"},

                    {verbose,5},

                    {style,"juniper"},

                    {concurrent," true"},

                    {groupoper,"or"},

                    {timeout,infinity},

                    {progress,false},

                    {ssh_user,"ec2-user"},

                    {ssh_port,22},

                    {ssh_timeout,infinity}] , Crap=[]

nct_lib(199): SSH sudo echo -e "request packages reload" | /home/ec2-user/current/bin/ncs_cli -s -J

nct_ssh(79): Address = "20.20.10.168", ConnRef = <0.61.0>

nct_ssh(82): Address = "20.20.10.168", ChannId = 0

nct_ssh(162): got data , Address = "20.20.10.168" , DataTypeCode = 0 , Datum=<<"reload-result {\n    package cisco-ios\n    result true\n}\nreload-result {\n    package lisp-edge-node\n    result false\n    info [lisp-edge-node-template.xml:14 The node: locator-table contains unexpected data: 'default'.]\n}\nreload-result {\n    package switch-vlan-creation\n    result true\n}\nreload-result {\n    package tailf-hcc\n    result true\n}\n">>

nct_ssh(169): cmd exit_status(0): Address = "20.20.10.168" , ConnRef = <0.61.0> , ChannId = 0

nct_ssh(179): got: Address = "20.20.10.168" , X = {eof,0}

nct_ssh(174): closed: Address = "20.20.10.168" , ConnRef = <0.61.0> , ChannId = 0

nct_lib(204): SSH Result = [<<"reload-result {\n    package cisco-ios\n    result true\n}\nreload-result {\n    package lisp-edge-node\n    result false\n    info [lisp-edge-node-template.xml:14 The node: locator-table contains unexpected data: 'default'.]\n}\nreload-result {\n    package switch-vlan-creation\n    result true\n}\nreload-result {\n    package tailf-hcc\n    result true\n}\n">>]

ExitStatus = 0

Cli command to 20.20.10.168

reload-result {

    package cisco-ios

    result true

}

Where it doesn't:

[ec2-user@ip-20-20-10-202 ~]$ nct cli-cmd -c 'request packages reload' --host 20.20.10.121 --install-dir /home/ec2-user -vvvvv

nct_lib(125): Opts=[{cmd,"request packages reload"},

                    {host,"20.20.10.121"},

                    {install_dir,"/home/ec2-user"},

                    {verbose,5},

                    {style,"juniper"},

                    {concurrent," true"},

                    {groupoper,"or"},

                    {timeout,infinity},

                    {progress,false},

                    {ssh_user,"ec2-user"},

                    {ssh_port,22},

                    {ssh_timeout,infinity}] , Crap=[]

nct_lib(199): SSH sudo echo -e "request packages reload" | /home/ec2-user/current/bin/ncs_cli -s -J

New host 20.20.10.121 accept [y/n]?