netmiko: p must be exactly 1024, 2048, or 3072 bits long

Hello, i’ve got a problem with a nemiko script :

#!/usr/bin/env python
from netmiko import ConnectHandler

import logging
logging.raiseExceptions=False
logging.basicConfig(filename='2.log', level=logging.DEBUG)
logger = logging.getLogger("netmiko")

key_file = "/home/pascal/.ssh/id_dsa"
alcatel = {
    "device_type": "alcatel_aos",
    "host": "192.168.1.2",
    "username": "admin",
    "use_keys": True,
    "key_file": key_file,
    "ssh_config_file": "./ssh_config",
    "verbose":False,
    "fast_cli": True,
}
net_connect = ConnectHandler(**alcatel)
output = net_connect.send_command("show spantree ports blocking")
print(output)

I run the test on 2 identicals switchs with exactly same dsa pub key. On the first everything works fine no error in log file and the result is OK. On the second i’ve got this error : ValueError: p must be exactly 1024, 2048, or 3072 bits long

Here is the log file :

DEBUG:paramiko.transport:starting thread (client mode): 0xdf0a210L
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_2.4.2
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-OpenSSH_5.0
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_5.0)
DEBUG:paramiko.transport:kex algos:[u'diffie-hellman-group-exchange-sha256', u'diffie-hellman-group-exchange-sha1', u'diffie-hellman-group14-sha1', u'diffie-hellman-group1-sha1'] server key:[u'ssh-dss'] client encrypt:[u'aes128-cbc', u'3des-cbc', u'blowfish-cbc', u'cast128-cbc', u'arcfour128', u'arcfour256', u'arcfour', u'aes192-cbc', u'aes256-cbc', u'rijndael-cbc@lysator.liu.se', u'aes128-ctr', u'aes192-ctr', u'aes256-ctr'] server encrypt:[u'aes128-cbc', u'3des-cbc', u'blowfish-cbc', u'cast128-cbc', u'arcfour128', u'arcfour256', u'arcfour', u'aes192-cbc', u'aes256-cbc', u'rijndael-cbc@lysator.liu.se', u'aes128-ctr', u'aes192-ctr', u'aes256-ctr'] client mac:[u'hmac-md5', u'hmac-sha1', u'umac-64@openssh.com', u'hmac-ripemd160', u'hmac-ripemd160@openssh.com', u'hmac-sha1-96', u'hmac-md5-96'] server mac:[u'hmac-md5', u'hmac-sha1', u'umac-64@openssh.com', u'hmac-ripemd160', u'hmac-ripemd160@openssh.com', u'hmac-sha1-96', u'hmac-md5-96'] client compress:[u'none'] server compress:[u'none'] client lang:[u''] server lang:[u''] kex follows?False
DEBUG:paramiko.transport:Kex agreed: diffie-hellman-group-exchange-sha256
DEBUG:paramiko.transport:HostKey agreed: ssh-dss
DEBUG:paramiko.transport:Cipher agreed: aes128-ctr
DEBUG:paramiko.transport:MAC agreed: hmac-sha1
DEBUG:paramiko.transport:Compression agreed: none
DEBUG:paramiko.transport:Got server p (2048 bits)
ERROR:paramiko.transport:Unknown exception: p must be exactly 1024, 2048, or 3072 bits long
ERROR:paramiko.transport:Traceback (most recent call last):
ERROR:paramiko.transport:  File "/usr/local/lib/python2.7/dist-packages/paramiko/transport.py", line 2002, in run
ERROR:paramiko.transport:    self.kex_engine.parse_next(ptype, m)
ERROR:paramiko.transport:  File "/usr/local/lib/python2.7/dist-packages/paramiko/kex_gex.py", line 101, in parse_next
ERROR:paramiko.transport:    return self._parse_kexdh_gex_reply(m)
ERROR:paramiko.transport:  File "/usr/local/lib/python2.7/dist-packages/paramiko/kex_gex.py", line 281, in _parse_kexdh_gex_reply
ERROR:paramiko.transport:    self.transport._verify_key(host_key, sig)
ERROR:paramiko.transport:  File "/usr/local/lib/python2.7/dist-packages/paramiko/transport.py", line 1813, in _verify_key
ERROR:paramiko.transport:    if not key.verify_ssh_sig(self.H, Message(sig)):
ERROR:paramiko.transport:  File "/usr/local/lib/python2.7/dist-packages/paramiko/dsskey.py", line 153, in verify_ssh_sig
ERROR:paramiko.transport:    ).public_key(backend=default_backend())
ERROR:paramiko.transport:  File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 206, in public_key
ERROR:paramiko.transport:    return backend.load_dsa_public_numbers(self)
ERROR:paramiko.transport:  File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 665, in load_dsa_public_numbers
ERROR:paramiko.transport:    dsa._check_dsa_parameters(numbers.parameter_numbers)
ERROR:paramiko.transport:  File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/primitives/asymmetric/dsa.py", line 132, in _check_dsa_parameters
ERROR:paramiko.transport:    raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
ERROR:paramiko.transport:ValueError: p must be exactly 1024, 2048, or 3072 bits long
ERROR:paramiko.transport:

Does someone could explain me what is the problem ?

Version of netmiko :

python 
Python 2.7.16 (default, Apr  6 2019, 01:42:57) 
[GCC 8.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import netmiko
>>> netmiko.__version__
u'2.3.3'
>>>

Many thanks for your help

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 15 (7 by maintainers)

Most upvoted comments

It’s my post !! 😉

+1
plegrand1 on Nov 13, 2019
Read more comments on GitHub
← netmiko: Netmiko SSH Timeout
netmiko: scp.SCPException: ser **** (100) may not copy files  →