诺尼尔Netmiko连接到AWS EC2思科IOS-XE路由器失败-无法连接，因为SSH键？

Question

我尝试通过Nornir / Netmiko连接到思科CSR1k路由器。在AWS中，使用密钥，EC2用户期望进行密钥身份验证。

这是我的简单测试Nornir脚本：

from nornir_netmiko import netmiko_send_config, netmiko_send_command
from nornir import InitNornir
from nornir_utils.plugins.functions import print_result
from nornir.core.filter import F

nr = InitNornir(config_file="config.yaml")
cisco = nr.filter(F(platform="cisco_xe"))


result = cisco.run(
    task=netmiko_send_command,
    command_string="show arp"
)

print_result(result) 

这是我的清单：

---
Europe-Cisco-Site1:
  hostname: "18.158.60.42"
  username: "ec2-user"
  password: ""
  platform: "cisco_xe"
  groups:
    - cisco

我希望Nornir会自动处理身份验证并使用密钥。看起来这并没有发生。

当我尝试通过ssh从同一台主机连接到AWS EC2 Cisco CSR1k时，一切都正常。

问:我是否需要提供一些额外的选项才能使用SSH密钥？

我找到了这样的东西，但它不起作用：

  connection_options:
      paramiko:
          port: 22
          hostname:
          username: "ec2-user"
          password: 
          platform: "cisco_xe"
          extras:
            alt_host_keys: True
            alt_key_file: "/home/coder/.ssh/id_rsa"
            use_keys: True

这是我得到的错误：

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/coder/.local/lib/python3.8/site-packages/nornir/core/task.py", line 99, in start
    r = self.task(self, **self.params)
  File "/home/coder/.local/lib/python3.8/site-packages/nornir_netmiko/tasks/netmiko_send_command.py", line 26, in netmiko_send_command
    net_connect = task.host.get_connection(CONNECTION_NAME, task.nornir.config)
  File "/home/coder/.local/lib/python3.8/site-packages/nornir/core/inventory.py", line 494, in get_connection
    self.open_connection(
  File "/home/coder/.local/lib/python3.8/site-packages/nornir/core/inventory.py", line 546, in open_connection
    conn_obj.open(
  File "/home/coder/.local/lib/python3.8/site-packages/nornir_netmiko/connections/netmiko.py", line 59, in open
    connection = ConnectHandler(**parameters)
  File "/home/coder/.local/lib/python3.8/site-packages/netmiko/ssh_dispatcher.py", line 326, in ConnectHandler
    return ConnectionClass(*args, **kwargs)
  File "/home/coder/.local/lib/python3.8/site-packages/netmiko/cisco/cisco_ios.py", line 17, in __init__
    return super().__init__(*args, **kwargs)
  File "/home/coder/.local/lib/python3.8/site-packages/netmiko/base_connection.py", line 350, in __init__
    self._open()
  File "/home/coder/.local/lib/python3.8/site-packages/netmiko/base_connection.py", line 355, in _open
    self.establish_connection()
  File "/home/coder/.local/lib/python3.8/site-packages/netmiko/base_connection.py", line 972, in establish_connection
    raise NetmikoAuthenticationException(msg)
netmiko.ssh_exception.NetmikoAuthenticationException: Authentication to device failed.

Common causes of this problem are:
1. Invalid username and password
2. Incorrect SSH-key file
3. Connecting to the wrong device

Device settings: cisco_xe 3.121.222.37:22

我错过了什么？

Answer 1

找到了解决方案，清单文件中缺少以下内容：

  connection_options:
    netmiko:
      extras:
        use_keys: true
        key_file: "/home/coder/.ssh/id_rsa"