Giter Site home page Giter Site logo

Comments (2)

robertcheramy avatar robertcheramy commented on September 26, 2024

(I've edited the issue so it is more readable)

from oxidized.

romainsi avatar romainsi commented on September 26, 2024

Hello,

Your mapping doesn't seem to be correct, I don't think it works if you leave a mapping empty.
You need to add the ssh_port mapping on index 3, add mapping for index 6 (switch), also in your source there seems to be one element too many 'Group1'.

Also, I'm not sure you can pass the desired proxy user as an argument (proxy-user@proxy-ip), I haven't tested it ... It seems to me that it uses the Oxidized user with Docker (and the user that launches the service in a direct installation).

Here's the example I used, which seems to work (unless the equipment behind the proxy is also a Mikrotik cf : #3114 ) :

  • Generate SSH key with Oxidized user :
    sudo -u oxidized ssh-keygen -b 4096 -t rsa (you can add passphrase or not)
    If you use docker, mount new volume for .ssh (for persistence) :
    In docker-compose add :
    volumes:
    - ./oxidized/.ssh:/home/oxidized/.ssh/
    and :
    docker exec -it <container_name/id> bash
    su oxidized
    ssh-keygen -b 4096 -t rsa

  • Upload id_rsa.pub in Mikrotik router file (the ssh proxy) and create a new user 'oxidized', (/System/Users) the user's password doesn't matter.

  • Import SSH Keys (/System/Users/SSH Keys) and link it to the new user 'oxidized' with the first field : name.
    ! SSH Forwarding must be enable !

  • Create a classic ssh user on the device behind the proxy (here user is 'switch_user' and password 'switch_pass'

  • Config file example :

config:
source:
  default: csv
  csv:
    file: "/home/oxidized/.config/oxidized/router.db"
    delimiter: !ruby/regexp /:/
    map:
      name: 0
      model: 1
      ip: 2
      ssh_port: 3
      username: 4
      password: 5
      group: 6
    vars_map:
      ssh_proxy: 7
      auth_method: 8
    vars:
      auth_methods: [ "publickey", "password" ]
      ssh_keys: "/home/oxidized/.ssh/id_rsa"
  • router.db (source) :
#name:model:ip:ssh_port:username:password:group:ssh_proxy:auth_method
sw.fiber:routeros:10.70.0.10:22:<switch_user>:<switch_pass>:switch:<proxy_ip>:publickey

I hope I've made myself clear, and that this may help you and others.

from oxidized.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.