Proxy SG (Blue Coat) enable mode
126 views
Skip to first unread message
vi1...@gmail.com
Dec 22, 2022, 8:18:41 AM12/22/22
to Ansible Project
Dear all,
Does anybody know how to perform the privilege escalation to "enable" in Proxy SG via Ansible?
I have tried the following code, with no luck:
***OS = JUNOS because I could not find SG OS and somebody told us to use "junos" instead. It works to launch regular commands but It does not work to escalate to "enable".
- hosts: bluecoat
gather_facts: no
connection: local
vars:
ansible_connection: network_cli
ansible_user: "{{ lookup('env', 'ANSIBLE_NET_USERNAME') }}"
ansible_password: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
ansible_port: 22
ansible_network_os: junos
tasks:
- name: Show SSL Keyring
cli_command:
command: "show ssl keyring"
#### prompt: "Password:"
#### answer: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
vars:
ansible_become: yes
ansible_become_method: enable
ansible_become_password: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
register: ssl_keyring
gather_facts: no
connection: local
vars:
ansible_connection: network_cli
ansible_user: "{{ lookup('env', 'ANSIBLE_NET_USERNAME') }}"
ansible_password: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
ansible_port: 22
ansible_network_os: junos
tasks:
- name: Show SSL Keyring
cli_command:
command: "show ssl keyring"
#### prompt: "Password:"
#### answer: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
vars:
ansible_become: yes
ansible_become_method: enable
ansible_become_password: "{{ lookup('env', 'ANSIBLE_NET_PASSWORD') }}"
register: ssl_keyring
Error: It says "invalid input" because the command only works in enable mode, so the escalation did not work.
{
"changed": false,
"stdout": "^\n% Invalid input detected at '^' marker.",
"invocation": {
"module_args": {
"command": "show ssl keyring",
"newline": true,
"sendonly": false,
"check_all": false,
"prompt": null,
"answer": null
}
},
"stdout_lines": [
"^",
"% Invalid input detected at '^' marker."
],
"_ansible_no_log": false
}
"changed": false,
"stdout": "^\n% Invalid input detected at '^' marker.",
"invocation": {
"module_args": {
"command": "show ssl keyring",
"newline": true,
"sendonly": false,
"check_all": false,
"prompt": null,
"answer": null
}
},
"stdout_lines": [
"^",
"% Invalid input detected at '^' marker."
],
"_ansible_no_log": false
}
Thank you very much in advance. Your help is really really appreciated.
Regards,
Vicente.
Konpal Maharwal
Mar 8, 2023, 7:26:56 AM3/8/23
to Ansible Project
Hi All,
I am facing similar issues with the enable mode, wondering if we were able to find a solution to this.
Thank you very much in advance. Your help is really really appreciated.
Regards,
I am facing similar issues with the enable mode, wondering if we were able to find a solution to this.
Thank you very much in advance. Your help is really really appreciated.
Regards,
Konpal Maharwal
Peter Howes
Mar 23, 2023, 9:03:25 AM3/23/23
to Ansible Project
Hi all,
I don't think the problem is with enable, you also need to also pass the commend "config t" to enter the config terminal mode in SGOS and then enter the right sub menu, something like this:
# enable
# config t
#(config) ssl
#(config ssl) show ssl keyring
# config t
#(config) ssl
#(config ssl) show ssl keyring
See the CLI example here: https://knowledge.broadcom.com/external/article/168179/renew-the-proxysg-appliance-certificate.html
HTH
Peter
Peter
Reply all
Reply to author
Forward
0 new messages