JSON Config Context issue with credentials per device bases

83 views
Skip to first unread message

Calvin Robson

unread,
Jan 17, 2021, 2:11:48 PM1/17/21
to NetBox

Hello,

I have recently began using netbox and I have searched everywhere for this.
I am having an issue with credentials on a per devices basis, I have tried to place a username and password into the "Config Context" tab but it is not working.

I have used the JSON format:

{
"NAPALM_USERNAME": "username",
"NAPALM_PASSWORD": "password"
}

it is stating that I have used "incorrect authentication" can you please help me with what I am possibly doing wrong?

Is there a different format, if so, how should it be done?

Thanks,

Jeremy Stretch

unread,
Jan 18, 2021, 10:43:29 AM1/18/21
to Calvin Robson, NetBox
NAPALM_USERNAME and NAPALM_PASSWORD are configuration parameters, and must be defined in configuration.py. These can only be set globally, not per device.

--
You received this message because you are subscribed to the Google Groups "NetBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/d04ce58e-a59e-49fe-9ca3-af36b28f65b4n%40googlegroups.com.


--
Jeremy Stretch
Founder
NetVerity, LLC

Brian Candler

unread,
Jan 18, 2021, 11:44:55 AM1/18/21
to NetBox
Note that when using the API, you can override the username/password with x-napalm-username: / x-napalm-password: HTTP headers.

Calvin Robson

unread,
Jan 18, 2021, 5:55:07 PM1/18/21
to NetBox
Thanks for the responses guys.

Calvin Robson

unread,
Jan 18, 2021, 5:57:52 PM1/18/21
to NetBox
I have seen that this can be carried out on API, however, I am trying to have this done on the actual web GUI. Specifically, for when I click on LLDP neighbors and receive all the other "get_facts" information.

I thought about reverse engineering how the napalm driver works and creating a yaml file which has all the credentials, host IPs in it but finding the driver is taking me some time.

On Monday, January 18, 2021 at 4:44:55 PM UTC Brian Candler wrote:

Brian Candler

unread,
Jan 19, 2021, 8:59:00 AM1/19/21
to NetBox
Start here:
https://github.com/netbox-community/netbox/blob/develop/netbox/dcim/views.py#L1236-L1251

Note that the lldp_neighbors page makes an Ajax callback to the API endpoint for performing the napalm query, and the credentials are set here:

For now, you can frig something there directly.  In the end, being able to get the napalm credentials from a secret would be a nice feature.

Jeremy Stretch

unread,
Jan 19, 2021, 9:15:55 AM1/19/21
to Brian Candler, NetBox
> In the end, being able to get the napalm credentials from a secret would be a nice feature.

This has been proposed before, but really just moves the problem around. You don't want to have to send the NAPALM credentials with the request, so you stick them in a secret. But the secret can't be unlocked without a valid session key, so you'd have to manage that instead. Alternatively, we could look for credentials stored as context data, but then you'd be sacrificing security as the credentials would be stored in the clear.

John Schubert

unread,
Jan 19, 2021, 11:02:34 AM1/19/21
to netbox-...@googlegroups.com
My two cents would be making it a secret then gives you logs if it is accessed. Yes you are still managing a credential, but it isn't something that is directly usable.

Calvin Robson

unread,
Jan 19, 2021, 12:10:40 PM1/19/21
to John Schubert, netbox-...@googlegroups.com
Hi John,

How would that work exactly?

I came up with a workaround that would involve creating a json file with the passwords, secrets and username. It will be referred to by the variables the driver uses.

Thanks,
Calvin



Sent from my iPhone

On 19 Jan 2021, at 16:02, John Schubert <jos...@psu.edu> wrote:

 My two cents would be making it a secret then gives you logs if it is accessed. Yes you are still managing a credential, but it isn't something that is directly usable.
You received this message because you are subscribed to a topic in the Google Groups "NetBox" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/netbox-discuss/qh1_-BlIJw4/unsubscribe.
To unsubscribe from this group and all its topics, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/c8701fa7-f275-9c62-c6ee-a41ec30dcfb0%40psu.edu.

John Schubert

unread,
Jan 19, 2021, 1:25:34 PM1/19/21
to Calvin Robson, netbox-...@googlegroups.com
Sorry I don't have any idea how to implement, I was just responding to Jeremy's comment about storing that data in secrets.
Reply all
Reply to author
Forward
0 new messages