SSH into device fails

SSH into device fails


I have a Cisco 2800 series router, with SSH configured that I can log into using a variety of different clients (linux ssh client, putty, etc.), however the Indeni server fails to connect.

The logs, although set at DEBUG logging, do not reveal any info as to why it fails.

Anyone seen similar behavior? Suggestions?



I've seen this happen before, but it can be caused by several issues. This one is for you or . A good preliminary check is if the SSH credentials are defined with priviledged mode or level 15.

A few tips on how to troubleshoot interrogation.

The vendor is usually good step to start with (unless the remote device is linux based).

Identifying which interrogation script to start with

In order to identify interrogation scripts which sets the vendor: cisco, run grep -R writeTag | grep vendor | grep cisco in the parsers directory:

cisco/ios/ios_device_type_interrogation.ind:        # writeTag("vendor", "cisco")
cisco/ios/show_version_interrogation.ind:    if ( cisco == 1)     { writeTag("vendor", "cisco") }
cisco/nexus/show_version-interrogation.ind:    writeTag("vendor", "cisco")


Line commented out, so not interesting (# writeTag("vendor", "cisco"))


First lines of the indeni script:

name: ios-show-version
description: IOS show version
type: interrogation
vendor: cisco ios

A bit funny how it writes "vendor: cisco" and " ios", but still requires those tags to be set to run the script.


First line of the indeni script

name: nexus-show-version-interrogation
description: fetch system info for interrogation
type: interrogation

show version


No requirements, and cisco is written as vendor.

Tags written by the script:

writeTag("", "nxos")
    writeTag("vendor", "cisco")
    writeTag("product", "switch")
    writeTag("model", model)
    writeTag("hostname", h[1])
    writeTag("os.version", version)


Testing interrogation scripts manually

To test the script manually against the device, run the following command (replace credentials and IP): full-command --verbose --basic-authentication indeniuser,indenipassword --ssh indeniuser,indenipassword show_version-interrogation.ind

Did you get any tags there? If not, could you please paste the output from the log here (please go ahead and obfuscate any details pertaining to your environment).

Hope that helped!