I’m trying a simply hello-world on my cisco switch via ios-command and paramiko fails because of the presence of elliptical keys:
…
2017-07-21 14:19:25,212 p=71332 u=ericx | 71340 1500661165.21265: Loading ShellModule ‘sh’ from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/sh.py
71340 1500661165.21348: Loading ShellModule ‘sh’ from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/sh.py (found_in_cache=True, class_only=False)
2017-07-21 14:19:25,213 p=71332 u=ericx | 71340 1500661165.21348: Loading ShellModule ‘sh’ from /usr/local/lib/python2.7/site-packages/ansible/plugins/shell/sh.py (found_in_cache=True, class_only=False)
2017-07-21 14:19:25,554 paramiko.hostkeys Unable to handle key of type ssh-ed25519
2017-07-21 14:19:25,559 p=71332 u=ericx | connecting to host Clark01x01 returned an error
2017-07-21 14:19:25,559 p=71332 u=ericx | [Errno 8] hostname nor servname provided, or not known
…
The obvious solution: “don’t use ellipticals” doesn’t seem to make a difference. I cleared them all out of my agent and dumbed down to just RSA keys (the ciscos can only handle RSA).
The machine running the scripts is a FreeBSD 11.1-RELEASE with openssh 7.2P2 (however, the use of paramiko should completely avoid any local ssh?). By default, FreeBSD supports and configures ECDSA and ED25519 host keys as well as RSA (DSA is now deprecated). The paramiko error does not specify the source of the key pain: agent, config, host, etc.
Paramiko ticket 325 (https://github.com/paramiko/paramiko/issues/325) has been open on this subject since May 2014 with no signs of interest.
Is there a way to skip the use of paramiko?