PLUGINS_CONFIG = {
'netbox_napalm_plugin': {
'NAPALM_USERNAME': 'napalm',
'NAPALM_PASSWORD': 'secretsquirrels',
'NAPALM_ARGS': {
'optional_args': {
# This is used globally for all napalm connections
'key_file': '/home/netbox/.ssh/id_ed25519-napalm',
'use_keys': True,
'allow_agent': False,
},
},
},
}
I finally got around to playing with NAPALM integration in Netbox more. I’ve been bothered by the fact that it’s assumed you’ll configure a napalm username and plaintext password in netbox/configuration.py and then go configure that same username and password on all of your devices. Passwords suck, especially hardcoded passwords, what about if you use SSH keys for user logins on your devices?

Per-platform/driver SSH key config
I accidentally found the answer to this and it’s passing extra arguments to NAPALM drivers via the Netbox config to specify using a key_file (some drivers may want key_filename?) containing a private SSH key. You can do this globally in PLUGINS_CONFIG in configuration.py, or you can add it on a per-platform config basis:
Just make sure the SSH key file is owned and readable by the user that runs Netbox, e.g. netbox. Else you get weird “TCP connection problems” on the web UI and it tries to SSH to the device and nothing is logged. I don’t know how well this is known to other Netbox users, it wasn’t immediately obvious to me but I’m surfacing it here so hopefully others can find it.
Ubiquiti EdgeSwitch driver
I have several EdgeSwitches and their CLI is different enough that none of the existing NAPALM drivers will work for it. So I had claude write me one: https://github.com/bwann/napalm-edgeswitch. It’s been tested against my switches and seems to work fine. Annoyingly despite what I just wrote above about SSH keys, EdgeSwitches only support password authentication so I still have to carry username "napalm" password hashhashhash in my configs.
Ubiquiti EdgeRouter driver fix
I have forked an existing napalm-edgeos repo to fix fetching configuration, something about a get_config() not implemented. I need to test it and review it before I send a PR to the other dude, but my work-in-progress version is at: https://github.com/bwann/napalm-edgeos