Unable to connect to Accedian TE NID #3721
Description
Hi. We are unable to use netmiko to connect to Accedian TE NID's. They use the SSH-2.0-dropbear_2016.74 SSH Server. Accedian GT NID Work.
I am able to use putty and secure CRT to SSH to the device. I know drop bear ssh server has some issue as we had to modify our SecureCRT config for it to work. Here is from there support, but I don't think this is related. Just an FYI.
Some SSH2 server implementations based on Dropbear
introduced a limit of 20 maximum host key algorithms a
client could send as "supported" during the initial protocol
negotiation phase.
SecureCRT 9.6 supports 24 total host key algorithms. With
all of the supported host key algorithms enabled, the newer
version is thus exercising the bug in the older Dropbear-
based SSH2 server implementation present on the device(s)
with which you're experiencing problems.
Versions of SecureCRT prior to 9.6 supported fewer key
exchange algorithms, so connections from earlier versions
would still potentially work as expected because the
Dropbear (or similar) server bug/limitation wasn't being
triggered.
I have to modify some 5K Accedian NID's. Looking to automate it.
Any help is greatly appreciated. Let me know if you have any questions or would like a Accedian TE NID accessible remotely.
-Erik
Happens on both Windows and Ubuntu
Windows 11 using PyCharm, Python 3.12, Netmiko 4.6.0, paramiko 4.0.0
bcrypt | 4.3.0 | 4.3.0
cffi | 1.17.1 | 1.17.1
cryptography | 45.0.6 | 45.0.6
dotenv | 0.9.9 | 0.9.9
future | 1.0.0 | 1.0.0
invoke | 2.2.0 | 2.2.0
markdown-it-py | 3.0.0 | 4.0.0
mdurl | 0.1.2 | 0.1.2
netmiko | 4.6.0 | 4.6.0
ntc-templates | 7.9.0 | 8.0.0
paramiko | 4.0.0 | 4.0.0
ping3 | 5.1.3 | 5.1.5
pip | 25.0.1 | 25.2
pycparser | 2.22 | 2.22
pygments | 2.19.2 | 2.19.2
pynacl | 1.5.0 | 1.5.0
pyserial | 3.5 | 3.5
python-dotenv | 1.1.1 | 1.1.1
pyyaml | 6.0.2 | 6.0.2
rich | 14.1.0 | 14.1.0
ruamel-yaml | 0.18.14 | 0.18.15
ruamel-yaml-clib | 0.2.12 | 0.2.12
scp | 0.15.0 | 0.15.0
setuptools | 80.9.0 | 80.9.0
six | 1.17.0 | 1.17.0
tenacity | 9.1.2 | 9.1.2
textfsm | 1.1.3 | 2.1.0
Ubuntu 24.04
~/netmiko-testing$ pip freeze
bcrypt==4.3.0
cffi==1.17.1
cryptography==45.0.6
invoke==2.2.0
markdown-it-py==4.0.0
mdurl==0.1.2
netmiko==4.6.0
ntc_templates==8.0.0
paramiko==4.0.0
pycparser==2.22
Pygments==2.19.2
PyNaCl==1.5.0
pyserial==3.5
PyYAML==6.0.2
rich==14.1.0
ruamel.yaml==0.18.15
ruamel.yaml.clib==0.2.12
scp==0.15.0
textfsm==2.1.0
Any help would be appreacited.
from netmiko import ConnectHandler
import logging
logging.basicConfig(
filename='netmiko_debug.log',
level=logging.DEBUG,
filemode='w',
force=True)
logger = logging.getLogger("netmiko")
device = {
"device_type": "accedian",
"host": "172.18.1.13",
"username": "admin",
"password": "password",
"verbose": True,
"session_log": "netmiko_session.log",
"session_log_record_writes": True,
"session_log_file_mode": "write",
}
conn = ConnectHandler(**device)
command = "board show info"
print(f"Running Command: {command}")
output = conn.send_command(command)
print("Command output:\n", output)
conn.send_command("exit")
conn.disconnect()
Session file is empty
Debug Logs
DEBUG:paramiko.transport:starting thread (client mode): 0x4cbfbe00
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_4.0.0
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-dropbear_2016.74
INFO:paramiko.transport:Connected (version 2.0, client dropbear_2016.74)
DEBUG:paramiko.transport:=== Key exchange possibilities ===
DEBUG:paramiko.transport:kex algos: [email protected], diffie-hellman-group14-sha1, diffie-hellman-group1-sha1, [email protected]
DEBUG:paramiko.transport:server key: ssh-rsa, ssh-dss
DEBUG:paramiko.transport:client encrypt: aes128-ctr, aes256-ctr
DEBUG:paramiko.transport:server encrypt: aes128-ctr, aes256-ctr
DEBUG:paramiko.transport:client mac: hmac-sha2-256, hmac-sha2-512
DEBUG:paramiko.transport:server mac: hmac-sha2-256, hmac-sha2-512
DEBUG:paramiko.transport:client compress: none
DEBUG:paramiko.transport:server compress: none
DEBUG:paramiko.transport:client lang: <none>
DEBUG:paramiko.transport:server lang: <none>
DEBUG:paramiko.transport:kex follows: False
DEBUG:paramiko.transport:=== Key exchange agreements ===
DEBUG:paramiko.transport:Kex: [email protected]
DEBUG:paramiko.transport:HostKey: ssh-rsa
DEBUG:paramiko.transport:Cipher: aes128-ctr
DEBUG:paramiko.transport:MAC: hmac-sha2-256
DEBUG:paramiko.transport:Compression: none
DEBUG:paramiko.transport:=== End of kex handshake ===
DEBUG:paramiko.transport:kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-rsa host key for 172.18.1.13: b'23331918e0a5cd69fbb7e1fe6a1ec0ea'
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Authentication (password) successful!
DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
DEBUG:paramiko.transport:[chan 0] Max packet out: 32759 bytes
DEBUG:paramiko.transport:Secsh channel 0 opened.
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:netmiko:write_channel: b'\n'
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
~~~~~~~~~~SNIP~~~~~~~~~~~
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
DEBUG:paramiko.transport:[chan 0] EOF received (0)
DEBUG:paramiko.transport:[chan 0] Unhandled channel request "exit-signal"
DEBUG:paramiko.transport:[chan 0] EOF sent (0)
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
DEBUG:netmiko:read_channel:
~~~~~~~~~~SNIP~~~~~~~~~~~