In T4917#140304, @Viacheslav wrote:

In T4917#140239, @b- wrote:

Thanks! That’ll help me with what I’m working on :)From where does this limitation originate, anyway? Is there a way to at least add . to the acceptable characters list, so as to allow for foo.sh?  Would that break something that expects to skip over filenames with dots and other characters?

Not sure exactly but it seems this part of code https://github.com/vyos/vyatta-cfg/blob/ec568ce7b432acda01f9639afb509287a0e3d760/src/commit/commit-algorithm.cpp#L846

@lue30499 T4997 was merged, so the script I put above (which adds/updates a firewall group for the DHCP IP of any DHCP-enabled interfaces) can now be installed on an official build of 1.4-rolling!

PR using list_interfaces from vyos-utils:

Openconnect

[edit]
vyos@r14# set vpn openconnect network-settings push-route 100.64.22.0/24
[edit]
vyos@r14# commit
[ vpn openconnect ]
/usr/libexec/vyos/conf_mode/vpn_openconnect.py:32: DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13
  from crypt import crypt, mksalt, METHOD_SHA512

As a temporary workaround, I use the script below. For some reason /etc/rc.local no longer runs automatically on VyOS 1.3.2, so I run it manually after each reboot for now. Until it is run, Phicomm routers keep disconnecting due to failed IPV6CP negotiation incorrectly triggering complete PPPoE session termination. I have two PPPoE servers at different locations for redundancy, both rebooting at the same time is very unlikely, so I can live with it for now.

thank you, yes updating to latest 1.4 rolling has resolved the issue, pls feel free to close this task as duplicate to https://vyos.dev/T4907

@Hazza06 https://github.com/vyos/vyos-1x/commit/09be3e86f2171e8b090fd3270ce05ae67ade58ec T4907

I'd be happy to test anything that implements this. Previously, I (judging from the forum, I'm not the only one) using this EdgeOS-BL-Mgmt with 1.3.x.

are you saying this has been fixed in just the last 2 months ? i reported this on 1.4-rolling-202212280917

There is missed the command tc qdisc add dev eth0 handle ffff: ingress

vyos@r14# tc qdisc show dev eth0
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
[edit]
vyos@r14# 
[edit]
vyos@r14# tc filter add dev eth0 parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0
Error: Parent Qdisc doesn't exists.
We have an error talking to the kernel
[edit]
vyos@r14#

Try the latest rolling release

PR https://github.com/vyos/vyos-1x/pull/1853

vyos@r14:~$ generate public-key-command user foo path https://github.com/xxxxx.keys
# To add this key as an embedded key, run the following commands:
configure
set system login user foo authentication public-keys github@39e9c9ba-408d-4b4b-9aa6-d07f531285bf key xxxxx
set system login user foo authentication public-keys github@39e9c9ba-408d-4b4b-9aa6-d07f531285bf type ssh-rsa
set system login user foo authentication public-keys github@4732d9b0-4bc5-47d1-9028-0e68348a932f key xxxxx
set system login user foo authentication public-keys github@4732d9b0-4bc5-47d1-9028-0e68348a932f type ssh-rsa
set system login user foo authentication public-keys github@a93a85ba-5b63-4c3a-a589-2e82da7c8f1f key xxxxx
set system login user foo authentication public-keys github@a93a85ba-5b63-4c3a-a589-2e82da7c8f1f type ssh-rsa
commit
save
exit
vyos@r14:~$

Yes, apparently so from GitHub.

Do those keys always without an "identifier"?
I mean foo@localhost

ssh-rsa AAA....

Hello - I upgraded to the latest rolling release (1.4-rolling-202302250317), and it appears to be working. I am able to login with a radius account successfully. Thank you for your efforts! I see in you PR's above, the second link is to change the shell from "bash" to "vbash". It appears once I login with a radius privileged account, the shell continues to default to "bash":

including information about Netopee2/sysrepo services, how to integrate it with FRR, where we can utilize the advantages netconf/yang :

I looked into it, but there doesn't seem to be a way to temporarily disable a particular interface in DHCP relay.

Have you try getting same result using VRRP transitions scripts?

PR https://github.com/vyos/vyos-1x/pull/1852

PRs:
https://github.com/vyos/libnss-mapuser/pull/7
https://github.com/vyos/libpam-radius-auth/pull/6
https://github.com/vyos/vyos-1x/pull/1851

https://github.com/vyos/vyos-1x/pull/1850

PR https://github.com/vyos/vyos-1x/pull/1848
PR https://github.com/vyos/vyos-1x/pull/1849