Oxidized not attempting to enter privileged mode on Cisco / IOS devices

Could some oxidized wizard assist here? I had source set to csv, and was able to map the enable password to a value in the router.db text file. It worked well. I recently switched to source html so I could use the API hook to poll devices. It works well on everything but my legacy cisco devices that require privilege mode (enable) to view the full config. I am wondering what I’m missing and why oxidized is no longer entering privileged mode.

Here is the cisco group from my oxidized config YAML:

 cisco:
  username: myuser
  password: mypass
  vars:
    enable: myenablepass
  model: cisco
  ssh_kex: diffie-hellman-group1-sha1
  ssh_encryption: aes128-cbc
  ssh_hmac: hmac-sha1

The ios.rb script snippet that is apparently not triggering from my YAML line which has a non-empty vars:

cfg :telnet, :ssh do
    # preferred way to handle additional passwords
    post_login do
      if vars(:enable) == true
        cmd "enable"
      elsif vars(:enable)
        cmd "enable", /^[pP]assword:/
        cmd vars(:enable)
      end
    end
    post_login 'terminal length 0'
    post_login 'terminal width 0'
    pre_logout 'exit'
  end
end

Here is a log of the ssh session when I attempt to refresh the device config:

D, [2023-01-18T17:20:45.650518 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
I, [2023-01-18T17:20:45.952681 #3474483]  INFO -- net.ssh.connection.session[8de0]: channel_open_confirmation: 0 3 1024 4096
I, [2023-01-18T17:20:45.952868 #3474483]  INFO -- net.ssh.connection.channel[8df4]: sending channel request "env"
I, [2023-01-18T17:20:45.953280 #3474483]  INFO -- net.ssh.connection.channel[8df4]: sending channel request "pty-req"
I, [2023-01-18T17:20:46.154950 #3474483]  INFO -- net.ssh.connection.channel[8df4]: sending channel request "shell"
D, [2023-01-18T17:20:46.457661 #3474483] DEBUG -- : lib/oxidized/input/cli.rb: Running post_login commands at 10.102.65.2
D, [2023-01-18T17:20:46.457859 #3474483] DEBUG -- : lib/oxidized/input/cli.rb: Running post_login command: nil, block: #<Proc:0x00007f8dc41175e8 /var/lib/gems/3.0.0/gems/oxidized-0.28.0/lib/oxidized/model/ios.rb:130> at 10.102.65.2
D, [2023-01-18T17:20:46.458034 #3474483] DEBUG -- : lib/oxidized/input/cli.rb: Running post_login command: "terminal length 0", block: nil at 10.102.65.2
D, [2023-01-18T17:20:46.458107 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb terminal length 0 @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:46.458686 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:46.866668 #3474483] DEBUG -- : lib/oxidized/input/cli.rb: Running post_login command: "terminal width 0", block: nil at 10.102.65.2
D, [2023-01-18T17:20:46.866853 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb terminal width 0 @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:46.867460 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:47.274534 #3474483] DEBUG -- : lib/oxidized/model/model.rb Collecting commands' outputs
D, [2023-01-18T17:20:47.274650 #3474483] DEBUG -- : lib/oxidized/model/model.rb Executing show version
D, [2023-01-18T17:20:47.274672 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb show version @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:47.275077 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:47.681134 #3474483] DEBUG -- : lib/oxidized/model/model.rb Executing show vtp status
D, [2023-01-18T17:20:47.681312 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb show vtp status @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:47.681858 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:48.089431 #3474483] DEBUG -- : lib/oxidized/model/model.rb Executing show inventory
D, [2023-01-18T17:20:48.089611 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb show inventory @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:48.090167 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:48.497682 #3474483] DEBUG -- : lib/oxidized/model/model.rb Executing show running-config
D, [2023-01-18T17:20:48.497863 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb show running-config @ 10.102.65.2 with expect: /^([\w.@()-]+[#>]\s?)$/
D, [2023-01-18T17:20:48.498439 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb: expecting [/^([\w.@()-]+[#>]\s?)$/] at 10.102.65.2
D, [2023-01-18T17:20:48.908554 #3474483] DEBUG -- : lib/oxidized/input/cli.rb Running pre_logout commands at 10.102.65.2
D, [2023-01-18T17:20:48.908752 #3474483] DEBUG -- : lib/oxidized/input/ssh.rb exit @ 10.102.65.2 with expect: nil
I, [2023-01-18T17:20:49.017331 #3474483]  INFO -- net.ssh.connection.session[8de0]: 10.102.65.2 delete channel 0 which closed locally and remotely
D, [2023-01-18T17:20:49.017821 #3474483] DEBUG -- net.ssh.connection.session[8de0]: stream was closed after loop => shallowing exception so it will be re-raised in next loop
D, [2023-01-18T17:20:49.018076 #3474483] DEBUG -- : lib/oxidized/node.rb: Oxidized::SSH ran for 10.102.65.2 successfully
D, [2023-01-18T17:20:49.018166 #3474483] DEBUG -- : lib/oxidized/job.rb: Config fetched for 10.102.65.2 at 2023-01-19 00:20:49 UTC```

Update for posterity: Bummed that nobody has any thoughts. I’m working on replacing these legacy Cisco devices anyhow, so just changed the login to implicitly enter privileged mode on each individual host. “problem solved” but oxidized is still not functioning as intended in regards to the enable: var.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.