The following question will occur when you end the config mode at IOS XR without commit:

RP/0/0/CPU0:ios-xrv(config)#end
Uncommitted changes found, commit them before exiting(yes/no/cancel)? [cancel]:

Invest in static analysis tools which will help improve code readability, maintainability, and extensibility.

As an example, here's the final output of pylint against Netmiko's (current) master branch:

Global evaluation
-----------------
Your code has been rated at 6.08/10 (previous run: 6.08/10, +0.00)

Besides the CLI tool pylint, other tools that integrate with GitHub include:

• Travis CI
• Scrutinizer CI
• Landscape

There are many other tools, but those are ones I've used. They do things like:

• Run unit tests for you
• Analyze code health
• Graph results over time
• Suggest ways to clean up code
• Review pull requests and perform all of the above for every pull request
• Review all branches

Juniper's CLI supports multiple configuration modes. The more common ones:

• private
• exclusive
• shared

The config_mode() method should incorporate these three common modes. I can work on this later, but an (untested) example is below.

def config_mode(self, mode=''):
    '''
    First check whether currently already in configuration mode.

    Enter config mode (if necessary), specifying the appropriate mode.  `mode` is blank
    by default (global config mode).
    '''

    supported_modes = ("", "private", "exclusive")
    if mode not in supported_modes:
        raise ValueError("Unsupported mode: {0}".format(mode))

    output = self.send_command('\n', strip_prompt=False, strip_command=False)
    if not '[edit' in output:
        command = "configure " + mode + "\n"
        output += self.send_command(command, strip_prompt=False, strip_command=False)
        if 'unknown command' in output:
            raise ValueError("Failed to enter configuration mode")
        if not '[edit' in output:
            raise ValueError("Failed to enter configuration mode")

    return output

Potentially use ')#' as a solution.

Look at what HP ProCurve does in config mode and wider sample of what Cisco does.

These tests need improved

Need unit tests for Comware (located in the netmiko/tests directory).

I am currently returning strings instead of booleans for some functions like enable(), config_mode() would returning booleans be more logical?

Might also exist in other contexts as well.

This is used for HP ProCurve switches.

If ~ssh/id_rsa.pub or ~ssh/id_dsa.pub Paramiko will try to use these and will not use the username/password that you specify.

establish_connection method in BaseSSHConnection prints "SSH connection established to {0}:{1}" even if the device the session is attempting to connect to is not a valid host on the network. Perhaps this message should be moved down right before line 96:

self.remote_conn = self.remote_conn_pre.invoke_shell()

Should improve to all for regular expression patterns.

This changed because of changing find_prompt() behavior and now the unit tests need corrected.

1. Do I need to re-enable paging before I disconnect from device (i.e. is the paging change actually stored in config)?
2. Verify WLC has no enable mode.
3. Verify WLC has no config mode.
4. Prompt typically ends in '>'
5. Need unit tests.

I added some tests into the test_cisco_ios.py, but the tests should be more robust (for example, cover alternate search_patterns than the router prompt; verify that exceptions are actually generated correctly for failure).

Use this instead so not a config command change:

terminal pager 0

Currently, tests require a module that's not part of the repository (for security reasons). However, there's no documentation (other than a note in an issue) as to how to supply the necessary information. Additionally, the tests have hard-set expectations for prompts (and possibly other items). See excerpt below.

    module.EXPECTED_RESPONSES = {
        'base_prompt'      : 'pynet-rtr1',
        'user_exec_prompt' : 'pynet-rtr1>',
        'enable_prompt'    : 'pynet-rtr1#',
        'interface_ip'     : '10.220.88.20',
        'config_mode'      : '(config)',
    }

This means that if a user contributing code (and new tests) wants to actually test his/her changes, he/she must have a device setup precisely this way. Being able to parse a YAML file (in .gitignore) with credentials, expected prompts, IPs, etc. would significantly increase the flexibility and accessibility of these tests.

IOS-XR case
NX-OS case
HP ProCurve case

This issue will be the design spec for Junos and IOS-XR on commit/confirm/rollback

What needs to be included here (please add items I am missing):

1. Standard commit (no confirm):
   a. Messages on exit when no commit (JunOS and IOS-XR are opposite here)
2. Commit with confirm
   a. Should have a parameter for how many minutes the confirm must come in
3. Rollback
   a. Default is rollback 0. Should have a parameter for rollback number
4. Lock / unlock mechanism
5. Juniper Private config mechanism
6. Should be probably cover / consider new Arista commit/confirm/locking mechanism.
7. Unit tests including (Junos and IOS-XR where appropriate)
   a. commit
   b. rollback
   c. failed commit / no commit
   d. commit confirm
   e. lock / unlock
   f. Juniper shared / exclusive / private
   g. IOX-XR exclusive
   h. commit message

What does it do, when does it get updated, is it named properly.

Placeholder as I am concerned how I am currently using this is going to cause problems/confusion.

There are Juniper prompts that are currently not stripped from output. See below.

 ❯ ssh 10.10.1.1
--- JUNOS 12.1X44-D25.5 built 2013-10-24 20:59:21 UTC
No alarms currently active

{primary:node0}
[email protected]> start shell
% rlogin -T node1
�
--- JUNOS 12.1X44-D25.5 built 2013-10-24 20:59:21 UTC

No alarms currently active

{secondary:node1}
[email protected]>

The method strip_context_items() does not currently strip these from output. I will submit a PR for this.

Key-based SSH authentication can be highly desirable, particularly for automation. In #1, though, it was explicitly and statically disabled.

I propose that this be parameterized with a sane default of disabling SSH keys. I will be working on an implementation as I require this functionality for an upcoming project. It will probably be poorly considered as it is strictly for demonstrative purposes, but I may submit a PR with that change within the next week.

What about adding checkpoint device_type. I can test on :
1.CP 1100
2.Edge UTM-1
3. VSX

1. Check enable mode needs added/integrated
2. Exit enable mode needs added/integrated

Also probably a commit confirm time

Both Junos and IOS XR support the Commit Confirm feature. This may be a feature worth implementing it as it can save you from a lot of things. One use case is a commit confirm with a sufficient timeout to run automated tests, at which point the automated tests (or scripts or whatever) can commit the configuration permanently. This can save you from committing a bad change that kills connectivity to the box.

Cleaner to do it this way.

Pip is generally the default ecosystem for installing Python modules. Putting NetMiko in pip could make it easier/more familiar to install and update NetMiko for end users.

setup.py fails to install hp package, leading to ImportError exception when importing netmiko.

Fixed by adding 'netmiko/hp' to packages list in setup.py

python3.4 setup.py install

Traceback (most recent call last):
File "setup.py", line 3, in
import netmiko
File "/home/c102/c1021058/devel/netmiko/netmiko/init.py", line 1, in
from ssh_dispatcher import ssh_dispatcher
ImportError: No module named 'ssh_dispatcher'

The Juniper methods do not implement check_config_mode(). This causes unexpected behavior and unnecessary duplication of code when trying to implement other features. The current config_mode() method in the Juniper file, for example, could be eliminated and a config_mode(config_command="configure") (from ssh_connection.py) could be used instead. I can work on this later, but here are a few notes.

The existing check_config_mode() method should be usable like this: check_config_mode(check_string='[edit'). That should enable certain methods to be written like this:

def config_mode(self):
    '''
    First check whether currently already in configuration mode.

    Enter config mode (if necessary)
    '''

    if not self.check_config_mode(check_string='[edit'):
        output += self.send_command('configure\n', strip_prompt=False, strip_command=False)
        if 'unknown command' in output:
            raise ValueError("Failed to enter configuration mode")
        if not '[edit' in output:
            raise ValueError("Failed to enter configuration mode")

    return output

Other methods could be written as well to take advantage of the check_config_mode() method, such as exit_config_mode(). commit() could probably be rewritten to use check_config_mode() as well as it doesn't make much sense to check to see if you're in config mode, then enter config mode if you're not, then commit the config. That's typically not a valid workflow, and there typically isn't a use case for committing nothing. Maybe there's one I haven't considered, though.

Just wondering what the delay_factor in send_command() is for?

It seems to me it is a delay to wait for output from the device, before receiving it.

My issue lays with grabbing running configuration from Cisco gear - as it seems with a small delay factor all that is received is "Building configuration...\n". Some of the older Sup 720's etc with large configurations can take 40 seconds + to display the running configuration.

Is there no way to wait till a command is processed, instead of a delay factor?

Not a secure way to do this. Should allow for a secure way for this to be accomplished.

This is not what this test does anymore and should be renamed.

send_command_expect() should stop at the expect_string() and return only up to the end of the expect_string.

strip_prompt parameter should be renamed to give you the option of stripping the expect_string which is normally the prompt.

It currently stops on the expect_string, but catches all the data in the output buffer including after the expect_string.