-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No output and "Process exited with status 1" for Aruba Switches (S3500) #2
Comments
i can normally ping, the only systems where i get that are the ones where i need to be sudo in order to run ping (because ping is in /sbin or /usr/sbin which is not in $PATH by default) |
Ping was just an example. I receive the "Process exited with status 1" error when attempting to run any command on these Aruba switches. It could very well be a limitation with the Aruba switches, although the Aruba controllers (similar cli) output the results just fine. The only difference between the two is the need to specify the deprecated ciphers in the switches .json file. Please let me know if you need anymore information/logs. Thanks again for your help! |
can you execute those commands just by using ssh, like |
( i also suggest you to test |
Yes, I have no issues executing the commands when directly connecting via ssh with the same credentials specified in the idents file. For me, this utility would be so amazing for simple configs/backups on all my NADs which is why I hope it’s something fixable :D |
everything is fixable! :D I just need to understand why that happens and, without having access to those endpoints and inserting debug messages here and there in the code to test it's very hard :) it'd help the output of |
also any logs you can get server side would be great |
ssh -vv user@host "echo $SHELL" output
RC-MDF-24.json
Server Side Logs |
mmm is it me or it looks like $SHELL is not defined? what if you |
Running ssh -vv user@host "echo $SHELL" output on Aruba Controller (device which Shellz works perfectly on (similar CLI)
ssh -vv user@host "echo $SHELL" output on Aruba Switch (10.100.8.24 device we have been using to test so far)
Please let me know if I can provide any additional information/logs/packet captures...etc. In the meantime, ill try replicating the issues on other host OS's. |
i'd need to login myself via ssh and try to see why that happens ... also, what if you use shellz to execute other commands (say a simple |
I don't know how ArubaOS-Switch works, but maybe the |
possibly? no idea why it's returning exit code 1 but no output, I used CombinedOutput so it should at least get the stderr ... no idea :/ |
Not sure if this is completely irrelevant to this issue, but: Shellz on Working NAD (10.2.1.153 Aruba Controller) SSH Direct on Working NAD (10.2.1.153 Aruba Controller) Shellz on NON Working NAD (10.100.8.24 Aruba Switch) SSH Direct on NON Working NAD (10.100.8.24 Aruba Switch |
also, no matter what command I attempt to execute using Shellz on these Aruba (S3500) Switches, im greeted with the "Process exited with status 1) no output" :( |
Check the ssh error logs (maybe here /var/log/auth.log) and then execute shellez command. You should see some errors. |
i'm googling as hard as i can but i can't find any documented issue with golang, its ssh libraries and Aruba Switches :/ |
Looking into our RADIUS server (Clearpass) I see successful authentications when using Shellz. So the switch is sending the auth request to our radius server and the server is passing the correct roles to the switch. Unfortunately, our entire fleet of access switches consist of the Aruba S3500's. Shellz works as expected on our controllers and core distribution switches. All switches are running the latest code, however, their EoL so worst case, we will be replacing them overtime. You guys are awesome, and I appreciate the level of help you provide to the community! |
any chances you could allow me to access one of the oldest so i can debug myself? i had to try :D |
ok @RIPv1 there's a test you can help me doing! you'll need to compile from source and patch some files, ready? :D
Now you should have additional debug messages when connecting to your switches :) |
No problem, ill work on creating a DMZ on my home network with shell access to an S3500 with some local mgmt creds. Or maybe just a Goto Meeting with a laptop directly connected to the switch ;) |
@evilsocket when I |
you will see this, edit this file and set the variable to Repeat for
Now run shellz normally and you should have more info on the output ... i hope :D |
Okay, I successfully removed the shellz binary, installed from source (go get) and set the variables in both files and ran
So I recreated the idents and shells .json files for the switch and ran ./shellz from the src directory. Unfortunately, it doesn't appear to provide more logs when attempting to connect (see attached) |
your $GOPATH is not defined, otherwise it wouldn't be /bin! :D ... as for the logs, that's weird ... need further investigation |
:D opps! And once you have access to the switch i'm assuming it would make troubleshooting 10000 times easier for you! |
@RIPv1 ping? |
What version of Go are you using (go version)?
go1.11 darwin/amd64
What operating system and processor architecture are you using (go env)?
MacOS 10.14
What did you do?
Attempting to execute a ping command on a single shell with the ciphers specified
What did you expect to see?
A successful reply with round trip latency info
What did you see instead?
(Process exited with status 1)
Not sure if this is a limitation with my Aruba switches, although it works perfect on our Aruba controllers. If this issue doesn't seem to be related to Shellz, sorry for opening an issue. In any case, I have uploaded a screenshot of the issue I'm facing. Thanks again for the deprecated cipher support so quickly! You are awesome!
The text was updated successfully, but these errors were encountered: