fix: switch from paramiko to libssh with publickey_algorithms for Cisco

Paramiko works from ansible-navigator but fails from AAP runner with
"key cannot be used for signing" due to how runner injects credentials.

The new network EE (based on AAP 2.6 / netcommon 8.1.0) supports
ansible_libssh_publickey_algorithms, so we can use the default libssh
transport with the ssh-rsa algorithm explicitly allowed. This works
in both ansible-navigator and AAP Controller contexts.

Made-with: Cursor

Author: IPvSean

roles/manage_ec2_instances/tasks/inventory/addhost_network.yml

@@ -40,7 +40,7 @@
     username: "{{ item.tags.Student }}"
     ansible_user: "{{ item.tags.username }}"
     ansible_port: "{{ ssh_port }}"
-    ansible_network_cli_ssh_type: "paramiko"
+    ansible_libssh_publickey_algorithms: "ssh-rsa"
     ansible_ssh_private_key_file: "{{ playbook_dir }}/{{ ec2_name_prefix|lower }}/{{ ec2_name_prefix|lower }}-private.pem"
     private_ip: "{{ item.private_ip_address }}"
     ansible_network_os: "{{ item.tags.ansible_network_os }}"

roles/manage_ec2_instances/templates/instructor_inventory/instructor_inventory_network.j2

@@ -25,7 +25,7 @@ ansible_ssh_private_key_file="{{ playbook_dir }}/{{ ec2_name_prefix }}/{{ ec2_na
 {% endfor %}
 {% for host in rtr1_node_facts.instances %}
 {% if 'student' ~ number == host.tags.Student %}
-{{ host.tags.Student }}-{{ host.tags.short_name }} ansible_host={{ host.public_ip_address }} ansible_user={{ host.tags.username }} ansible_network_os={{ host.tags.ansible_network_os }} ansible_connection=network_cli ansible_network_cli_ssh_type=paramiko
+{{ host.tags.Student }}-{{ host.tags.short_name }} ansible_host={{ host.public_ip_address }} ansible_user={{ host.tags.username }} ansible_network_os={{ host.tags.ansible_network_os }} ansible_connection=network_cli ansible_libssh_publickey_algorithms=ssh-rsa
 {% endif %}
 {% endfor %}
 {% for host in rtr2_node_facts.instances %}

roles/manage_ec2_instances/templates/student_inventory/instances_network.j2

@@ -52,7 +52,7 @@ arista
 [cisco:vars]
 ansible_network_os=ios
 ansible_connection=network_cli
-ansible_network_cli_ssh_type=paramiko
+ansible_libssh_publickey_algorithms=ssh-rsa
 {% endif %}
 
 {% if network_type == "multivendor" or network_type == "juniper" %}

roles/populate_controller/vars/network.yml

@@ -165,7 +165,7 @@ controller_groups:
     variables:
       ansible_network_os: ios
       ansible_connection: network_cli
-      ansible_network_cli_ssh_type: paramiko
+      ansible_libssh_publickey_algorithms: ssh-rsa
   - name: arista
     inventory: "Workshop Inventory"
     variables: