When the Junos Shell Stops Responding...

I spent a decent portion of one day this week angrily screaming at the screen. I couldn’t do anything. I was logged into a switch, and I could type commands that don’t actually do anything. I could enter configure mode, I could even stage changes, but I just couldn’t seem to commit them. The Junos shell would hang every time. Obviously, this can create all sorts of problems, such as exhausting the number of SSH connections allowed. I couldn’t even force logout a user via the Junos shell! To continue troubleshooting, this is what I did:

Login as root.
Type cli to start the Junos shell.
Attempt to troubleshoot.
When the shell inevitably locks during the troubleshooting process:
1. Press ^z (control-z) to suspend the shell process.
2. Once in the shell, enter the following:

sh
kill -9 $(ps aux | grep [c]li | awk '{print $2}')

That’s a bit verbose, so I made it into a script that I dropped into root’s directory on all of my devices. Now, I just type sh kill_cli and POOF! Magic!

Here’s the script I drop into the root folder:

Just make it executable (chmod 700 kill_cli) and then execute it by typing sh kill_cli.

Be warned that this method will kill all of the Junos shells, including your peers’! You’ll need to be a bit more selective if you just want to kill your own (i.e., type ps aux | grep cli | grep -v grep [which can be done from the csh BSD shell that root uses by default] and hunt down the PIDs [number in the second column] for your user)

Extra Tip

Remember I mentioned that you can exhaust SSH connections? Here’s how you can force a user to disconnect from the FreeBSD shell:

sh
SSH_USER=tyler
kill -9 $(ps aux | egrep [s]shd.*$SSH_USER)

Replace tyler above with the login name of the user you wish to disconnect. You can also just omit SSH_USER and replace $(SSH_USER) above with the user name (tyler, in our example).

This is another good candidate for a script!

First, scp the script to the root user’s $HOME directory. Make it executable:

chmod 700 logout_user

Finally, execute it with sh logout_user $SSH_USER, replacing $SSH_USER with the user you want to kick out (such as tyler).

This post is part of the #30in30 challenge.

*Posts*

Dissecting-the-CCNP-SPADVROUTE-Syllabus:-BGP,-Part-3.md

Dissecting-the-CCNP-SPADVROUTE-Syllabus:-BGP,-Part-2.md

Dissecting-the-CCNP-SPADVROUTE-Syllabus:-BGP,-Part-1.md

OSPF-Totally-Stubby-Area-in-IOS-and-IOS-XR.md

OSPF-Stub-Area-in-IOS-and-IOS-XR.md

Aker-Gateway-for-Lab-Management.md

Single-Area-OSPF-in-IOS-(XE)-and-IOS-XR.md

Custom-Exceptions-in-Ruby-and-Python.md

Hashes-(or-Dictionaries)-are-Overused.md

Testing-with-Python:-DocTest.md

Beyond-junos-eznc-(PyEZ).md

Automation-Does-Not-Preclude-Networking.md

Contributing-to-GitHub-Projects.md

ansible-netmiko-stdlib.md

Open-Source-is-Tricky.md

Automation-Workflow.md

Add-SSH-Key-Automagically.md

Updating-Router-Interface-A-Records.md

RANCID-Login-Wrapper.md

Reflecting-on-the-30in30-Challenge-(2/6).md

Junos-Annotate-Feature.md

Reflecting-on-Being-an-On-Call-SysAdmin.md

Did-You-Read-the-E-mail?.md

MFA-with-TACACS+,-OpenLDAP,-and-Google-Authenticator.md

Reflecting-on-the-30in30-Challenge-(1/6).md

Git,-Gitweb,-and-RANCID:-Automated-Installation.md

Gathering-Troubleshooting-Data-Every-N-Seconds-in-Junos.md

When-the-Junos-Shell-Stops-Responding....md

Network-Status-API---Part-2.md

Network-Status-API.md

Crash-Course:-Git.md

Ansible-Network-Automation.md

Things-You-Don't-Know-About-Your-Network.md

Snippet:-Juniper-NTP-Configuration-and-Protection.md

Exploring-Junos-Traffic-Monitoring.md

Snippet:-F5-sFlow-Configuration.md

Using-Python-to-Retrieve-Routes.md

Using-Python-to-Retrieve-Port-Status.md

Centralized-Logging-and-Live-Monitoring.md

Crash-Course---Linux.md

TACACS+-[3/3]---Nexus-Configuration.md

TACACS+-[2/3]---Junos-Configuration.md

TACACS+-[1/3]---Downloading-and-Compiling.md

TACACS+-[0/3]---Introduction-to-AAA.md

When the Junos Shell Stops Responding...

Extra Tip

Share

Comments

Posts