Sometimes it does strange stuff with SSH internally though. Example: Let's say I do " show route table ?" at a router.
Logs show: mgd[62935]: UI_CHILD_START: Starting child '/bin/sh' mgd[68498]: UI_AUTH_EVENT: Authenticated user 'root' at permission level 'super-user' mgd[68498]: UI_LOGIN_EVENT: User 'root' login, class 'super-user' [68498], ssh-connection '<my PC address> 60259 <router address> 22', client-mode 'cli' mgd[68498]: UI_CMDLINE_READ_LINE: User 'root', command 'show route summary | display xml | grep table-name ' mgd[68498]: UI_LOGOUT_EVENT: User 'root' logout mgd[62935]: UI_CHILD_STATUS: Cleanup child '/bin/sh', PID 68494, status 0 Obviously I don't login under root, but somehow my CLI spawns a shell, then sshes to itself under root (?) using my credentials (?) to do a single command. Then it logs out. Every time I request something about route tables. I'm still puzzled why it can't do that in my CLI session. On 21.12.2015 12:04, Matt Bernstein via juniper-nsp wrote: > On 21/12/2015 08:57, Martin T wrote: >> Thanks! So as I understand, the general idea is that it doesn't matter >> much for Junos if the command is executed in the CLI or from the >> remote(management server) NETCONF manager, i.e. Junos is basically >> built around the NETCONF? However, local calls(for example if one >> executes "show version" in Junos CLI) do not travel internally over >> SSH as remote calls would, do they? > Yes. the Junos CLI can itself be considered a (really nice) NETCONF > wrapper. It makes me idly wish other vendors' NETCONF implementations > were good enough that the Junos CLI could be used on them! > > I doubt the CLI uses SSH internally, but I suppose it wouldn't really > matter if it did. > > Matt > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp