08-01-2017 10:48 PM - edited 03-01-2019 03:56 AM
I am using NCT commands from a separate management Node to upgrade NSO build on two NSO nodes.
To avoid password prompt, i have added the ssh public key of management node to both NSO nodes.
After which scp/ssh to NSO nodes does not ask for password.
Issue is:
For some NCT commands like cli-cmd, ssh-cmd
On one NSO istance it doesn't prompt for password but on other NSO instance it does. I tried comparing authorized_keys on both nodes. Didn't find any difference.
Can you please help me to fix it.
Example:
Where it works:
[ec2-user@ip-20-20-10-202 ~]$ nct cli-cmd -c 'request packages reload' --host 20.20.10.168 --install-dir /home/ec2-user -vvvvv
nct_lib(125): Opts=[{cmd,"request packages reload"},
{host,"20.20.10.168"},
{install_dir,"/home/ec2-user"},
{verbose,5},
{style,"juniper"},
{concurrent," true"},
{groupoper,"or"},
{timeout,infinity},
{progress,false},
{ssh_user,"ec2-user"},
{ssh_port,22},
{ssh_timeout,infinity}] , Crap=[]
nct_lib(199): SSH sudo echo -e "request packages reload" | /home/ec2-user/current/bin/ncs_cli -s -J
nct_ssh(79): Address = "20.20.10.168", ConnRef = <0.61.0>
nct_ssh(82): Address = "20.20.10.168", ChannId = 0
nct_ssh(162): got data , Address = "20.20.10.168" , DataTypeCode = 0 , Datum=<<"reload-result {\n package cisco-ios\n result true\n}\nreload-result {\n package lisp-edge-node\n result false\n info [lisp-edge-node-template.xml:14 The node: locator-table contains unexpected data: 'default'.]\n}\nreload-result {\n package switch-vlan-creation\n result true\n}\nreload-result {\n package tailf-hcc\n result true\n}\n">>
nct_ssh(169): cmd exit_status(0): Address = "20.20.10.168" , ConnRef = <0.61.0> , ChannId = 0
nct_ssh(179): got: Address = "20.20.10.168" , X = {eof,0}
nct_ssh(174): closed: Address = "20.20.10.168" , ConnRef = <0.61.0> , ChannId = 0
nct_lib(204): SSH Result = [<<"reload-result {\n package cisco-ios\n result true\n}\nreload-result {\n package lisp-edge-node\n result false\n info [lisp-edge-node-template.xml:14 The node: locator-table contains unexpected data: 'default'.]\n}\nreload-result {\n package switch-vlan-creation\n result true\n}\nreload-result {\n package tailf-hcc\n result true\n}\n">>]
ExitStatus = 0
Cli command to 20.20.10.168
reload-result {
package cisco-ios
result true
}
Where it doesn't:
[ec2-user@ip-20-20-10-202 ~]$ nct cli-cmd -c 'request packages reload' --host 20.20.10.121 --install-dir /home/ec2-user -vvvvv
nct_lib(125): Opts=[{cmd,"request packages reload"},
{host,"20.20.10.121"},
{install_dir,"/home/ec2-user"},
{verbose,5},
{style,"juniper"},
{concurrent," true"},
{groupoper,"or"},
{timeout,infinity},
{progress,false},
{ssh_user,"ec2-user"},
{ssh_port,22},
{ssh_timeout,infinity}] , Crap=[]
nct_lib(199): SSH sudo echo -e "request packages reload" | /home/ec2-user/current/bin/ncs_cli -s -J
New host 20.20.10.121 accept [y/n]?
08-03-2017 12:06 PM
Hi,
I figured out that working instance /etc/ssh/ssh_host_rsa_key.pub was present in a file called ".ssh/nct_known_hosts" on management node.
Can someone please explain me when nct_known_hosts file gets created and how does it get updated.
I didn find anything about this file on NSO documents.
Regards
Kirti
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide