def loginSSHradiusWithFallback(self):
        ''' This function is to verify radius authentication when fallback is
        enabled. Login with local password should work when raddius server is
        un reachable'''
        info('########## Test to verify SSH login with radius authenication'
             ' enabled and fallback Enabled ##########\n')
        s1 = self.net.switches[0]
        h1 = self.net.hosts[0]
        h2 = self.net.hosts[1]
        retFallback = self.FallbackEnable()
        # self.checkAccessFiles()
        host_2_IpAddress = self.getHostIP_2()
        s1.cmdCLI("configure terminal")
        s1.cmdCLI("no radius-server host " + host_2_IpAddress)
        h1.cmd("service freeradius stop")
        h2.cmd("service freeradius stop")

        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'Testing')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('admin')
            p.expect('#')
            p.sendline('exit')
            p.kill(0)
            s1.cmdCLI("radius-server host " + host_2_IpAddress)
            s1.cmdCLI("exit")
            info(".### Passed authentication with local password when radius"
                 " server not reachable and fallback enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            s1.cmdCLI("radius-server host " + host_2_IpAddress)
            s1.cmdCLI("exit")
            assert loginpass != 1, "Failed to validate radius authetication" \
                                   " when server is not reachable"
示例#2
0
    def loginSSHradiusWithFallback(self):
        ''' This function is to verify radius authentication when fallback is
        enabled. Login with local password should work when raddius server is
        un reachable'''
        info('########## Test to verify SSH login with radius authenication'
             ' enabled and fallback Enabled ##########\n')
        s1 = self.net.switches[0]
        h1 = self.net.hosts[0]
        h2 = self.net.hosts[1]
        retFallback = self.FallbackEnable()
        # self.checkAccessFiles()
        host_2_IpAddress = self.getHostIP_2()
        s1.cmdCLI("configure terminal")
        s1.cmdCLI("no radius-server host " + host_2_IpAddress)
        h1.cmd("service freeradius stop")
        h2.cmd("service freeradius stop")

        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " netop@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'Testing')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('netop')
            p.expect('#')
            p.sendline('exit')
            p.kill(0)
            s1.cmdCLI("radius-server host " + host_2_IpAddress)
            s1.cmdCLI("exit")
            info(".### Passed authentication with local password when radius"
                 " server not reachable and fallback enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            s1.cmdCLI("radius-server host " + host_2_IpAddress)
            s1.cmdCLI("exit")
            assert loginpass != 1, "Failed to validate radius authetication" \
                                   " when server is not reachable"
示例#3
0
    def loginSSHradiusWithSecondaryServer(self):
        '''This function is to verify radius authentication with the secondary
        radius server when unable to reach primary server - radius is true and
        fallback is false'''
        info('########## Test to verify SSH login with radius authenication'
             ' enabled and fallback disabled to a secondary radius server'
             ' ##########\n')
        s1 = self.net.switches[0]
        retFallback = self.noFallbackEnable()
        sleep(5)
        retAuth = self.radiusAuthEnable()
        sleep(5)
        # self.checkAccessFiles()
        h1 = self.net.hosts[0]
        h2 = self.net.hosts[1]
        h1.cmd("service freeradius stop")
        h2.cmd("service freeradius start")
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " netop@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'testing')
            sleep(2)
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('dummypassword')
            p.expect('password:'******'dummypasswordagain')
            p.kill(0)
            assert loginpass != 0, "Failed to login via secondary radius" \
                                   " server authentication"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed secondary radius server authentication when"
                 " primary radius server is not reachable ###\n")
            return True
    def loginSSHradiusWithSecondaryServer(self):
        '''This function is to verify radius authentication with the secondary
        radius server when unable to reach primary server - radius is true and
        fallback is false'''
        info('########## Test to verify SSH login with radius authenication'
             ' enabled and fallback disabled to a secondary radius server'
             ' ##########\n')
        s1 = self.net.switches[0]
        retFallback = self.noFallbackEnable()
        sleep(5)
        retAuth = self.radiusAuthEnable()
        sleep(5)
        # self.checkAccessFiles()
        h1 = self.net.hosts[0]
        h2 = self.net.hosts[1]
        h1.cmd("service freeradius stop")
        h2.cmd("service freeradius start")
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'testing')
            sleep(2)
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('dummypassword')
            p.expect('password:'******'dummypasswordagain')
            p.kill(0)
            assert loginpass != 0, "Failed to login via secondary radius" \
                                   " server authentication"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed secondary radius server authentication when"
                 " primary radius server is not reachable ###\n")
            return True
示例#5
0
    def loginSSHradius(self):
        '''This function is to verify radius authentication is successful when
        radius is true and fallback is false'''
        info('########## Test to verify SSH login with radius authenication '
             'enabled and fallback disabled ##########\n')
        s1 = self.net.switches[0]
        self.noFallbackEnable()
        sleep(5)
        self.radiusAuthEnable()
        sleep(5)
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        info(".###switchIpAddress: " + switchIpAddress + " ###\n")
        info(".### Running configuration ###\n")
        run = s1.cmdCLI("show running-config")
        print run

        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'testing')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('dummypassword')
            p.expect('password:'******'dummypasswordagain')
            p.kill(0)
            assert loginpass != 0, "Failed to login via radius authentication"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed SSH login with radius authentication ###\n")
            return True
示例#6
0
    def loginSSHradius(self):
        '''This function is to verify radius authentication is successful when
        radius is true and fallback is false'''
        info('########## Test to verify SSH login with radius authenication '
             'enabled and fallback disabled ##########\n')
        s1 = self.net.switches[0]
        self.noFallbackEnable()
        sleep(5)
        self.radiusAuthEnable()
        sleep(5)
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        info(".###switchIpAddress: " + switchIpAddress + " ###\n")
        info(".### Running configuration ###\n")
        run = s1.cmdCLI("show running-config")
        print run

        out = ""
        out += s1.cmd("echo ")
        sshkey= "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'testing')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('dummypassword')
            p.expect('password:'******'dummypasswordagain')
            p.kill(0)
            assert loginpass != 0, "Failed to login via radius authentication"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed SSH login with radius authentication ###\n")
            return True
示例#7
0
    def loginSSHlocalWrongPassword(self):
        ''' This is a negative test case, enable only local authetication
        and try logging with wrong password'''
        info('########## Test to verify SSH login with local authenication'
             ' enabled and Wrong password ##########\n')
        s1 = self.net.switches[0]
        retFallback = self.noFallbackEnable()
        sleep(5)
        retLocalAuth = self.localAuthEnable()
        sleep(5)
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " netop@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'netop1')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('netop2')
            p.expect('password:'******'netop3')
            p.expect('Permission denied')
            p.kill(0)
            info(".### Passed negative test - Authentication fail with wrong"
                 " local password when local authentication enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            assert loginpass != 1, "Failed to validate local authentication"
    def loginSSHlocalWrongPassword(self):
        ''' This is a negative test case, enable only local authetication
        and try logging with wrong password'''
        info('########## Test to verify SSH login with local authenication'
             ' enabled and Wrong password ##########\n')
        s1 = self.net.switches[0]
        retFallback = self.noFallbackEnable()
        sleep(5)
        retLocalAuth = self.localAuthEnable()
        sleep(5)
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'admin1')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('admin2')
            p.expect('password:'******'admin3')
            p.expect('Permission denied')
            p.kill(0)
            info(".### Passed negative test - Authentication fail with wrong"
                 " local password when local authentication enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            assert loginpass != 1, "Failed to validate local authentication"
示例#9
0
    def loginSSHradiusWithLocalPassword(self):
        ''' This is a negative test case to verify login with radius
        authentication by giving loca password'''
        info('########## Test to verify SSH login with radius authenication '
             'enabled and fallback disabled and using local password '
             '##########\n')
        s1 = self.net.switches[0]
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " netop@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'netop')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('netop')
            p.expect('password:'******'netop')
            p.expect('Permission denied')
            p.kill(0)
            info(".### Passed negative test - Authentication fail with local"
                 " password when radius server authentication enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            assert loginpass != 1, "Failed to validate radius authetication" \
                                   " with local password"
    def loginSSHradiusWithLocalPassword(self):
        ''' This is a negative test case to verify login with radius
        authentication by giving loca password'''
        info('########## Test to verify SSH login with radius authenication '
             'enabled and fallback disabled and using local password '
             '##########\n')
        s1 = self.net.switches[0]
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'admin')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('admin')
            p.expect('password:'******'admin')
            p.expect('Permission denied')
            p.kill(0)
            info(".### Passed negative test - Authentication fail with local"
                 " password when radius server authentication enabled ###\n")
            return True
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            assert loginpass != 1, "Failed to validate radius authetication" \
                                   " with local password"
示例#11
0
    def loginSSHlocal(self):
        '''This function is to verify local authentication is successful when
        radius is false and fallback is true'''
        info('########## Test to verify SSH login with local authenication '
             'enabled ##########\n')
        s1 = self.net.switches[0]
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        info(".### switchIpAddress: " + switchIpAddress + " ###\n")
        info(".### Running configuration ###\n")
        run = s1.cmdCLI("show running-config")
        print run
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'admin')
            j = p.expect(['#', 'password:'******'exit')
                p.kill(0)
                info(".### Passed SSH login with local credenticals ###\n")
                return True
            if j == 1:
                p.sendline('dummypassword')
                p.expect('password:'******'dummypasswordagain')
                p.kill(0)
                assert j != 1, "Failed to authenticate with local password"
        elif i == 2:
            assert i != 2, "Failed with SSH command"
示例#12
0
    def loginSSHlocalAgain(self):
        ''' This is again a test case to verify, when local authetication is
        enabled login should properly work with local password'''
        info('########## Test to verify SSH login with local authenication'
             ' enabled again with correct password ##########\n')
        s1 = self.net.switches[0]
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " netop@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'netop')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('netop2')
            p.expect('password:'******'netop3')
            p.expect('Permission denied')
            p.kill(0)
            assert loginpass != 0, "Failed to validate local authentication" \
                                   " with correct password"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed authentication with local password when local"
                 " authentication enabled ###\n")
            return True
示例#13
0
    def loginSSHlocal(self):
        '''This function is to verify local authentication is successful when
        radius is false and fallback is true'''
        info('########## Test to verify SSH login with local authenication '
             'enabled ##########\n')
        s1 = self.net.switches[0]
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        info(".### switchIpAddress: " + switchIpAddress + " ###\n")
        info(".### Running configuration ###\n")
        run = s1.cmdCLI("show running-config")
        print run
        out = ""
        out += s1.cmd("echo ")
        sshkey= "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'admin')
            j = p.expect(['#', 'password:'******'exit')
                p.kill(0)
                info(".### Passed SSH login with local credenticals ###\n")
                return True
            if j == 1:
                p.sendline('dummypassword')
                p.expect('password:'******'dummypasswordagain')
                p.kill(0)
                assert j != 1, "Failed to authenticate with local password"
        elif i == 2:
            assert i != 2, "Failed with SSH command"
    def loginSSHlocalAgain(self):
        ''' This is again a test case to verify, when local authetication is
        enabled login should properly work with local password'''
        info('########## Test to verify SSH login with local authenication'
             ' enabled again with correct password ##########\n')
        s1 = self.net.switches[0]
        # self.checkAccessFiles()
        ssh_newkey = 'Are you sure you want to continue connecting'
        switchIpAddress = self.getSwitchIP()
        out = ""
        out += s1.cmd("echo ")
        sshkey = "ssh-keygen -R " + switchIpAddress
        sshkeygen = pexpect.spawn(sshkey)
        myssh = SSHCLIENT + " admin@" + switchIpAddress
        p = pexpect.spawn(myssh)

        i = p.expect([ssh_newkey, 'password:'******'yes')
            i = p.expect([ssh_newkey, 'password:'******'admin')
        elif i == 2:
            assert i != 2, "Failed with SSH command"
        loginpass = p.expect(['password:'******'#'])
        if loginpass == 0:
            p.sendline('admin2')
            p.expect('password:'******'admin3')
            p.expect('Permission denied')
            p.kill(0)
            assert loginpass != 0, "Failed to validate local authentication" \
                                   " with correct password"
        if loginpass == 1:
            p.sendline('exit')
            p.kill(0)
            info(".### Passed authentication with local password when local"
                 " authentication enabled ###\n")
            return True