Stats
Actions
Tags
Provides safe Netmiko patterns for read-only SSH collection, batched network device queries, TextFSM parsing, protected config changes, and timeout/error handling.
How this skill is triggered — by the user, by Claude, or both
Slash command
/everything-claude-code:netmiko-ssh-automationThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
在编写或审查使用 Netmiko 连接网络设备的 Python 自动化时使用此技能。保持默认路径为只读;配置更改需要单独的更改窗口、同行审查和回滚计划。
在编写或审查使用 Netmiko 连接网络设备的 Python 自动化时使用此技能。保持默认路径为只读;配置更改需要单独的更改窗口、同行审查和回滚计划。
show 命令输出。send_command() 收集开始。getpass;永远不要硬编码凭据。send_config_set() 之前需要显式操作员标志。save_config()。import os
from getpass import getpass
from netmiko import ConnectHandler
from netmiko.exceptions import (
NetmikoAuthenticationException,
NetmikoTimeoutException,
ReadTimeout,
)
device = {
"device_type": "cisco_ios",
"host": "192.0.2.10",
"username": os.environ.get("NETMIKO_USERNAME") or input("用户名: "),
"password": os.environ.get("NETMIKO_PASSWORD") or getpass("密码: "),
"secret": os.environ.get("NETMIKO_ENABLE_SECRET"),
"conn_timeout": 10,
"auth_timeout": 20,
"banner_timeout": 15,
"read_timeout_override": 30,
}
try:
with ConnectHandler(**device) as conn:
if device.get("secret") and not conn.check_enable_mode():
conn.enable()
output = conn.send_command("show ip interface brief", read_timeout=30)
print(output)
except NetmikoAuthenticationException:
print("身份验证失败")
except NetmikoTimeoutException:
print("SSH 连接超时")
except ReadTimeout:
print("命令读取超时")
在示例中使用文档范围中的占位符地址。将真实清单保留在忽略的本地文件或机密管理系统中。
from concurrent.futures import ThreadPoolExecutor, as_completed
from typing import Any
def collect_show(device: dict[str, Any], command: str) -> dict[str, Any]:
host = device["host"]
try:
with ConnectHandler(**device) as conn:
output = conn.send_command(command, read_timeout=45)
return {"host": host, "ok": True, "output": output}
except (NetmikoAuthenticationException, NetmikoTimeoutException, ReadTimeout) as exc:
return {"host": host, "ok": False, "error": type(exc).__name__}
results = []
with ThreadPoolExecutor(max_workers=8) as pool:
futures = [pool.submit(collect_show, device, "show version") for device in devices]
for future in as_completed(futures):
results.append(future.result())
保持 max_workers 较低,除非已知设备资源和 AAA 系统能处理更高的连接量。
Netmiko 可以请求 TextFSM、TTP 或 Genie 解析支持的命令输出。将解析器输出视为优化,而不是唯一的证据路径。
with ConnectHandler(**device) as conn:
parsed = conn.send_command(
"show ip interface brief",
use_textfsm=True,
raise_parsing_error=False,
read_timeout=30,
)
if isinstance(parsed, str):
print("没有解析器模板匹配;存储原始输出以供审查")
else:
for row in parsed:
print(row)
如果解析驱动阻塞决策,请将原始命令输出与解析结果一起保留,以便操作员可以检查不匹配。
import os
commands = [
"interface GigabitEthernet0/1",
"description CHANGE-1234 UPLINK-TO-CORE",
]
apply_changes = os.environ.get("APPLY_NETWORK_CHANGES") == "1"
if not apply_changes:
print("仅试运行。候选命令:")
print("\n".join(commands))
else:
with ConnectHandler(**device) as conn:
conn.enable()
before = conn.send_command("show running-config interface GigabitEthernet0/1")
output = conn.send_config_set(commands)
after = conn.send_command("show running-config interface GigabitEthernet0/1")
print(before)
print(output)
print(after)
print("在保存启动配置之前验证行为。")
保存配置是一个单独的批准步骤。在生产中,包括回滚片段并在更改记录中捕获前后证据。
conn_timeout、auth_timeout 和命令 read_timeout?save_config() 是否与初始推送分离并与验证相关联?cisco-ios-patternsnetwork-config-validationnetwork-interface-healthnpx claudepluginhub aaione/everything-claude-code-zhProvides safe Netmiko patterns for read-only SSH collection, TextFSM parsing, guarded config changes, and batch collection with timeouts and error handling.
Pre-deployment checks for Cisco IOS/IOS-XE configurations: dangerous commands, duplicate IPs, subnet overlaps, stale references, and management plane risks.
Interact with IoT device shells via telnet for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when testing network-accessible telnet services.