Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Troubleshooting Ansible Authentication Errors When Managing Devices Running Junos OS

The following sections outline authentication errors that you might encounter when using Ansible to manage devices running Junos OS. These sections also present potential causes and solutions for each error.

Troubleshooting ConnectAuthError Issues

Problem

Description

During execution of a juniper.device or Juniper.junos module, the Ansible control node generates a ConnectAuthError error for failed authentication. For example:

Cause

The device running Junos OS might fail to authenticate the user for the following reasons:

  • The user does not an have an account on the device running Junos OS.

  • The user has an account with a text-based password configured on the device running Junos OS, but the wrong password or no password is supplied for the user when executing the module.

  • The user has an account on the device running Junos OS with SSH keys configured, but the SSH keys are inaccessible on either the device or the control node.

Solution

Ensure that the user executing the modules has a Junos OS login account on all target devices running Junos OS and that an SSH public/private key pair or text-based password is configured for the account. If SSH keys are configured, verify that the user can access them. For more information, see Authenticating Users Executing Ansible Modules on Devices Running Junos OS.

Troubleshooting Attribute conn_type Errors

Problem

Description

During execution of a juniper.device module on a device running Junos OS, the Ansible control node generates the following error:

Cause

Whereas the the Juniper Networks Juniper.junos modules support using a provider dictionary to define connection and authentication parameters, the juniper.device modules do not support using a provider dictionary and generate the aforementioned error if one is referenced.

Solution

If you supply connection and authentication parameters in the playbook’s play for the juniper.device modules, the parameters must be defined in the location appropriate for the Ansible connection. For persistent connections (connection: juniper.device.pyez), define the parameters under the vars: section. For local connections (connection: local), define the parameters either under the vars: section or as top-level module arguments. For example: