From 94eab56d51c8810bbf1ca39015f58f9112e83b07 Mon Sep 17 00:00:00 2001 From: markafarrell Date: Wed, 24 Oct 2018 05:06:19 +1100 Subject: [PATCH] Update netconf jumphost documentation (#47339) * doc/update netconf jumphost docs * Remove requirement for nc. Option for Port 830 Based on https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts#Passing_Through_a_Gateway_Using_stdio_Forwarding_(Netcat_Mode) * Fix formatting * More formatting fixes * Remove incorrectly added newline --- .../network_debug_troubleshooting.rst | 37 ++++++++++++++----- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/docs/docsite/rst/network/user_guide/network_debug_troubleshooting.rst b/docs/docsite/rst/network/user_guide/network_debug_troubleshooting.rst index 3d734cd8512..e5af30eade9 100644 --- a/docs/docsite/rst/network/user_guide/network_debug_troubleshooting.rst +++ b/docs/docsite/rst/network/user_guide/network_debug_troubleshooting.rst @@ -615,13 +615,15 @@ Using bastion/jump host with netconf connection Enabling jump host setting -------------------------- -Bastion/jump host with netconf connection can be enable using -- Setting Ansible variable``ansible_netconf_ssh_config`` either to ``True`` or custom ssh config file path -- Setting environment variable ``ANSIBLE_NETCONF_SSH_CONFIG`` to ``True`` or custom ssh config file path -- Setting ``ssh_config = 1`` or ``ssh_config = ``under ``netconf_connection`` section + +Bastion/jump host with netconf connection can be enabled by: + - Setting Ansible variable ``ansible_netconf_ssh_config`` either to ``True`` or custom ssh config file path + - Setting environment variable ``ANSIBLE_NETCONF_SSH_CONFIG`` to ``True`` or custom ssh config file path + - Setting ``ssh_config = 1`` or ``ssh_config = `` under ``netconf_connection`` section If the configuration variable is set to 1 the proxycommand and other ssh variables are read from default ssh config file (~/.ssh/config). + If the configuration variable is set to file path the proxycommand and other ssh variables are read from the given custom ssh file path @@ -630,11 +632,28 @@ Example ssh config file (~/.ssh/config) .. code-block:: ini - Host junos01 - HostName junos01 - User myuser - - ProxyCommand ssh user@bastion01 nc %h %p %r + Host jumphost + HostName jumphost.domain.name.com + User jumphost-user + IdentityFile "/path/to/ssh-key.pem" + Port 22 + + # Note: Due to the way that Paramiko reads the SSH Config file, + # you need to specify the NETCONF port that the host uses. + # i.e. It does not automatically use ansible_port + # As a result you need either: + + Host junos01 + HostName junos01 + ProxyCommand ssh -W %h:22 jumphost + + # OR + + Host junos01 + HostName junos01 + ProxyCommand ssh -W %h:830 jumphost + + # Depending on the netconf port used. Example Ansible inventory file