netopeer2
netopeer2 copied to clipboard
Published
20 hours ago •
CESNET
CESNET
Authentication Issues with Netopeer2 - Unable to Connect via SSH with Admin User
I am experiencing authentication issues while trying to connect to the Netopeer2 server. The connection fails even though I have configured the NETCONF server, SSH keys, and various settings as described in the documentation. I am unable to authenticate as the admin user or any other configured user.
Actual Behavior:
nc ERROR: Unable to authenticate to the remote server (all attempts via supported authentication methods failed).
cmd_connect: Connecting to the 192.168.5.15:830 as user "skt" failed.
>
System Information:
netconf-tools$ pkg-config --modversion libnetconf2
3.5.1
netconf-tools$ pkg-config --modversion libssh
0.11.0
netconf-tools$ pkg-config --modversion libyang
3.4.2
0375:~$ sudo netopeer2-server -d -v3
[sudo] password for skt:
[INF]: SR: Connection 8 created.
[INF]: SR: Triggering "ietf-netconf-server" "done" event on enabled data.
[INF]: LN: Listening on 0.0.0.0:830 for SSH connections.
[INF]: SR: Triggering "ietf-keystore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-truststore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
^C[INF]: NP: Server terminated.
[INF]: SR: Connection 8 destroyed.
d-0375:~$ sudo sysrepocfg --export=ietf-netconf-server --datastore=running
d-0375:~$ sudo sysrepocfg --edit ietf-netconf-server
d-0375:~$ sudo sysrepocfg --edit ietf-netconf-server
d-0375:~$ sysrepocfg --import=/path/to/backup-config.xml --datastore=startup ietf-netconf-server
sysrepocfg error: Redundant parameters (ietf-netconf-server)
For more details you may try to increase the verbosity up to "-v3".
d-0375:~$ sudo journalctl -u netopeer2-server
Nov 27 15:27:22 ipt-d-0375 systemd[1]: Started netopeer2-server.service - Netop>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Main process e>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Failed with re>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Scheduled rest>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: Started netopeer2-server.service - Netop>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Main process e>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Failed with re>
Nov 27 15:27:22 ipt-d-0375 systemd[1]: netopeer2-server.service: Scheduled rest>
Nov 27 15:27:23 ipt-d-0375 systemd[1]: Started netopeer2-server.service - Netop>
Nov 27 15:27:23 ipt-d-0375 systemd[1]: netopeer2-server.service: Main process e>
Nov 27 15:27:23 ipt-d-0375 systemd[1]: netopeer2-server.service: Failed with re>
d-0375:~$ sudo systemctl status netopeer2-server
○ netopeer2-server.service - Netopeer2 NETCONF Server
Loaded: loaded (/etc/systemd/system/netopeer2-server.service; disabled; pr>
Active: inactive (dead)
d-0375:~$ cat ietf-netconf-server.xml
<netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server">
<listen>
<endpoints>
<endpoint>
<name>default-ssh</name>
<ssh>
<tcp-server-parameters>
<local-address>0.0.0.0</local-address>
</tcp-server-parameters>
<ssh-server-parameters>
<server-identity>
<host-key>
<name>default-key</name>
<public-key>
<central-keystore-reference>genkey</central-keystore-reference>
</public-key>
</host-key>
</server-identity>
<client-authentication>
<users>
<user>
<name>admin</name>
<public-keys>
<use-system-keys xmlns="urn:cesnet:libnetconf2-netconf-server"/>
</public-keys>
</user>
</users>
</client-authentication>
</ssh-server-parameters>
</ssh>
</endpoint>
</endpoints>
</listen>
</netconf-server>
