04-29-2010 11:57 AM
Hi, I have a legacy ServerIron XL8, running sw 7.5.0. I'm having a few issues trying to script SSH sessions from Windows using Batch or PowerShell.
Using PLINK verbose mode I see this:
Server version: SSH-1.5-1.2.27
Is there a way to use SSH 2.0 ?
Using the SharpSSH library, I get a connect failure, I believe because that library might be coded to look for SSH 1 or 2 only. It doesn't recognize the version string.
Using PLINK I can open an interactive session just fine.
Using PLINK with -m to supply a command file and -v for verbose (or instead of -m just listing a command directly after plink parameters) I see this:
☺This is not SCP commands
Server sent disconnect message:
Piping commands to PLINK like this:
echo "show server bind" | plink ... OR echo "show server bind" "exit" "exit" | plink ...
Gives the expected results at a command prompt however the session hangs. Since input to plink was piped, I can't pipe more commands so the session just hangs, idle.
When calling PLINK from a script with that method, the result of the command is not sent back to the calling script since PLINK never ends.
Why does PLINK not end when I'm sending exit exit ? I believe it's because piping commands to PLINK causes them all to be sent to the SI at once. Perhaps the SI doesn't do a good job of buffering command input so it ignores the 'exit' that it receives while it's still processing the show server bind command.
So the things I have tried and don't work are:
Any suggestions on how to work around these issues or some other nifty way to pull information through a script virtual server binds, real server stats, session table, etc... ??
Perhaps I could set CLI timeout at 2 seconds so the SI will kill the session automatically?
If I do that could it affect only one user account?
A way to slow down the pace of piped commands?
A ServerIron API?
Some other tool or technique?
04-29-2010 01:39 PM
Some things to try
The echo command will not do want you want - see this test
C:\Users\mschipp>echo "test" "1" "2"
"test" "1" "2"
Notice that there is no CR/LF after test or 2, all gets outputed on one line so the SI will test 1 2.
Maybe, try turning off SCP (as you had an error about that) and retest with plink -m -v
Use ip ssh scp disable | enable to configure Secure Copy (SCP). The deafult is enable.
ServerIron(config)#ip ssh scp disable
Try turning off RSA Auth and retest SharpSSH
Use ip ssh rsa-authentication yes | no to configure RSA challenge-response authentication, which is enabled (yes) by default.
To disable RSA challenge-response authentication:
ServerIron(config)#ip ssh rsa-authentication no
If you wish to time out the SSH session use the following (will time all sessions out and does not care about who the user is)
SI(config)#ip ssh timeout 60 (60 is seconds)
04-29-2010 02:06 PM
ok with a bit of a play I have worked this out
e:\test.txt is a file with all the commands your want
type e:\test.txt | plink -pw yuorpassword user@ipaddr
I do not have SI XL here but tested with a SX1600 and worked fine. ( when using the -m switch of plink I too got the SCP error)
for the SI XL you may need the -1 switch of plink to force version 1 - or maybe not - try and post the results please.
04-29-2010 02:55 PM
Thanks for your help and attention. I have not yet had a chance to re-try SharpSSH. Here is my testing with your PLINK solution:
I gave our SI the following commands:
SSH@LB_A(config)#ip ssh rsa-auth ?
SSH@LB_A(config)#ip ssh rsa-auth no ?
SSH@LB_A(config)#ip ssh rsa-auth no
Ambiguous input -> , ip ssh rsa-auth no
SSH@LB_A(config)#no ip ssh rsa-auth yes
SSH@LB_A(config)#ip ssh scp disable