03-14-2021 06:29 AM - edited 07-05-2021 01:23 PM
Hi,
The thing is, I'm writing a python software, which is connecting to Cisco routers / WLCs and connects information. There is an option to use a jumpserver (linux).
My problem is, if I connect to a WLC (3504, 8.5.135.0) from the linux jumpserver and try to login with wrong username/password, I can't terminate the SSH session, only if I wait a lot (like 70-80 seconds), or I send the incorrect user/password combination 5 times.
So I'm stuck at "User:" "Password:" prompt, and can't terminate the SSH session. I've tried pressing CTRL+c, CTRL+SHIFT+6, CTRL+SHIFT+6-x, none of them worked.
Any idea to break the SSH session before logging in to the WLC?
Thank you!
Solved! Go to Solution.
03-14-2021 12:01 PM
Thank you for your reply, yes, a bit more information would've been more useful from my part, sorry.
I'm using python with netmiko, with that I connect to a jumphost, then running ssh to connect to the Cisco device.
Something like this (lot of part, checks, etc left out, just to get the general idea):
import netmiko jumpserver = {'device_type': 'terminal_server', 'ip': jumpip, 'username': jmpuser, 'password': jmppass,
'default_enter': '\r\n', 'global_delay_factor': 2, 'fast_cli': True} net_connect = netmiko.ConnectHandler(**jumpserver) net_connect.find_prompt() net_connect.write_channel('ssh ' + ipaddr + '\n') sshtest = net_connect.read_channel() if 'ser:' in sshtest: net_connect.write_channel(uname + '\n') for n in range(1, 10): passtest = net_connect.read_channel() if 'assword:' in passtest: net_connect.write_channel(passwd + '\n') break time.sleep(1) for o in range(1, 10): prompttest = net_connect.read_channel() if '>' in prompttest: break if 'ser:' in prompttest: outbox.insert(END, 'Authentication failed, check username/password.\n\n') outbox.see(END) net_connect.write_channel('~.') #<<< This is what I was missing, terminating WLC connection
#before logged in time.sleep(0.5) failed = 'Connetion failed: Authentication error' return failed time.sleep(1) netmiko.redispatch(net_connect, device_type='cisco_wlc_ssh', session_prep=False) devname = (net_connect.find_prompt()[:-1])[1:-2] print(f'Connected to {devname}.\n')
So, as it can be seen in the code, someone answered my question elsewhere, and you can break the WLC ssh session with tilde, then . (~.).
Thank you again for your reply!
03-14-2021 10:05 AM
If you are doing any type of automation using ssh is to make sure the host is up and the login is correct. How keys are sent from one host to a Cisco device varies, and to me it seems like you need to send a command to the linux host to break. Like in Ansible, you would have to build some error handling for this. Fix the login, so that when you run automation, it just works or else, you will just have your automation timeout or just hang and never complete.
03-14-2021 12:01 PM
Thank you for your reply, yes, a bit more information would've been more useful from my part, sorry.
I'm using python with netmiko, with that I connect to a jumphost, then running ssh to connect to the Cisco device.
Something like this (lot of part, checks, etc left out, just to get the general idea):
import netmiko jumpserver = {'device_type': 'terminal_server', 'ip': jumpip, 'username': jmpuser, 'password': jmppass,
'default_enter': '\r\n', 'global_delay_factor': 2, 'fast_cli': True} net_connect = netmiko.ConnectHandler(**jumpserver) net_connect.find_prompt() net_connect.write_channel('ssh ' + ipaddr + '\n') sshtest = net_connect.read_channel() if 'ser:' in sshtest: net_connect.write_channel(uname + '\n') for n in range(1, 10): passtest = net_connect.read_channel() if 'assword:' in passtest: net_connect.write_channel(passwd + '\n') break time.sleep(1) for o in range(1, 10): prompttest = net_connect.read_channel() if '>' in prompttest: break if 'ser:' in prompttest: outbox.insert(END, 'Authentication failed, check username/password.\n\n') outbox.see(END) net_connect.write_channel('~.') #<<< This is what I was missing, terminating WLC connection
#before logged in time.sleep(0.5) failed = 'Connetion failed: Authentication error' return failed time.sleep(1) netmiko.redispatch(net_connect, device_type='cisco_wlc_ssh', session_prep=False) devname = (net_connect.find_prompt()[:-1])[1:-2] print(f'Connected to {devname}.\n')
So, as it can be seen in the code, someone answered my question elsewhere, and you can break the WLC ssh session with tilde, then . (~.).
Thank you again for your reply!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide