In order to verify a newly implemented firewall rule, I typically do the following manually:
Ex. Firewall rule: SRC-ip, DST-ip, DST-port, (protocol=TCP)
Login to the SRC box
Open up a cmd window on the SRC box (assuming Windows OS)
telnet (and check for connectivity)
I would like to automate this (to verify a long list of rules) using batch-scripting or PowerShell scripting.
I would like to be able to run the script on a third machine (other than SRC/DST).
I tried to use "Enter-PSSession" on PowerShell window to fire off remote telnet command but it didn't work, the telnet command just returned nothing.
Please share any ideas on how to implement this script.
Thanks,
Jatin
check this one: http://thesurlyadmin.com/2013/04/04/using-powershell-as-a-telnet-client/ which based on Lee-Holmes code:
http://www.leeholmes.com/blog/2006/08/30/replacing-telnet-exe-now-removed-from-vista/
Also you can add your commands to a text file and execute it using plink.exe(Putty Link) with the -m switch
-m file read remote command(s) from file
Related
I have local Windows 10 and remote Ubuntu server.
I want to automate connection to server and write executable script witch connects by ssh to server and open new terminal from another server.
What it's supposed to look like
I double click on bat
And then script
inits ssh connect
writes password
gives the user a terminal with a ready ssh connection.
That is, it mimics the following
Problems
How to wait ssh password request? All commands executes immediately.
(additional) can I write it in .sh script, run script, execute all in "start" terminal (from which I run .sh script) and then pass ssh control to invoked terminal?
It's best if someone writes a ready-made script
Automatically enter SSH password with script
Answers:
Direct answer - use expects. But sshpass is better. Also RSA-key can be used.
Can`t tell anything.
Can be done without any 3rd party tools like this:
$env:TMPPW=Get-Content -Path 'secure_file.txt' ; $un='MyUserName'
$j=Start-Job -ScriptBlock{Start-Sleep -Seconds 1
(New-Object -ComObject wscript.shell).SendKeys("$env:TMPPW{ENTER}")}
& ssh.exe -q -4 -l $un 127.0.0.1 'whoami'
$env:TMPPW=([guid]::NewGuid()).Guid ; $env:TMPPW=$null
So I have a serious fundamental gap in my knowledge that I'm sure has an easy answer, but after googling and looking on here, I can't find what I'm looking for:
I use nmap and telnet on an almost daily basis for checking ports and logging into IP codecs and I use them through either the powershell or cmd consoles, but when I tried to script something and run that script with either a .bat or .ps1 suffix, either will give me the classic not recognized... message. But, if you're able to run it in the console, you should be able to script it, right? How can one go about that?
Sample code for telnet (that works in when inputting to either console, but not in script form):
telnet 192.168.87.21
Sample code for nmap (again, works when inputting to either console, but not in script form):
nmap -p 9999 192.168.87.101
Add a '&' symbol before 'telnet' like that: & telnet 127.0.0.1
For more information how to run executables from Powershell look there: https://social.technet.microsoft.com/wiki/contents/articles/7703.powershell-running-executables.aspx
I have a scenario where I need to run a linux shell command frequently (with different filenames) from windows. I am using PuTTY and WinSCP to do that (requires login name and password). The file is copied to a predefined folder in the linux machine through WinSCP and then the command is run from PuTTY. Is there a way by which I can automate this through a program. Ideally I would like to right click the file from windows and issue the command which would copy the file to remote machine and run the predefined command (in PuTTy) with the filename as argument.
Putty usually comes with the "plink" utility.
This is essentially the "ssh" command line command implemented as a windows .exe.
It pretty well documented in the putty manual under "Using the command line tool plink".
You just need to wrap a command like:
plink root#myserver /etc/backups/do-backup.sh
in a .bat script.
You can also use common shell constructs, like semicolons to execute multiple commands. e.g:
plink read#myhost ls -lrt /home/read/files;/etc/backups/do-backup.sh
There could be security issues with common methods for auto-login.
One of the most easiest ways is documented below:
Running Putty from the Windows Command Line
And as for the part the executes the command
In putty UI, Connection>SSH> there's a field for remote command.
4.17 The SSH panel
The SSH panel allows you to configure
options that only apply to SSH
sessions.
4.17.1 Executing a specific command on the server
In SSH, you don't have to run a
general shell session on the server.
Instead, you can choose to run a
single specific command (such as a
mail user agent, for example). If you
want to do this, enter the command in
the "Remote command" box.
http://the.earth.li/~sgtatham/putty/0.53/htmldoc/Chapter4.html
in short, your answers might just as well be similar to the text below:
let Putty run command in remote server
You can write a TCL script and establish SSH session to that Linux machine and issue commands automatically. Check http://wiki.tcl.tk/11542 for a short tutorial.
You can create a putty session, and auto load the script on the server, when starting the session:
putty -load "sessionName"
At remote command, point to the remote script.
You can do both tasks (the upload and the command execution) using WinSCP. Use WinSCP script like:
option batch abort
option confirm off
open your_session
put %1%
call script.sh
exit
Reference for the call command:
https://winscp.net/eng/docs/scriptcommand_call
Reference for the %1% syntax:
https://winscp.net/eng/docs/scripting#syntax
You can then run the script like:
winscp.exe /console /script=script_path\upload.txt /parameter file_to_upload.dat
Actually, you can put a shortcut to the above command to the Windows Explorer's Send To menu, so that you can then just right-click any file and go to the Send To > Upload using WinSCP and Execute Remote Command (=name of the shortcut).
For that, go to the folder %USERPROFILE%\SendTo and create a shortcut with the following target:
winscp_path\winscp.exe /console /script=script_path\upload.txt /parameter %1
See Creating entry in Explorer's "Send To" menu.
Here is a totally out of the box solution.
Install AutoHotKey (ahk)
Map the script to a key (e.g. F9)
In the ahk script,
a) Ftp the commands (.ksh) file to the linux machine
b) Use plink like below. Plink should be installed if you have putty.
plink sessionname -l username -pw password test.ksh
or
plink -ssh example.com -l username -pw password test.ksh
All the steps will be performed in sequence whenever you press F9 in windows.
Code:
using System;
using System.Diagnostics;
namespace playSound
{
class Program
{
public static void Main(string[] args)
{
Console.WriteLine(args[0]);
Process amixerMediaProcess = new Process();
amixerMediaProcess.StartInfo.CreateNoWindow = false;
amixerMediaProcess.StartInfo.UseShellExecute = false;
amixerMediaProcess.StartInfo.ErrorDialog = false;
amixerMediaProcess.StartInfo.RedirectStandardOutput = false;
amixerMediaProcess.StartInfo.RedirectStandardInput = false;
amixerMediaProcess.StartInfo.RedirectStandardError = false;
amixerMediaProcess.EnableRaisingEvents = true;
amixerMediaProcess.StartInfo.Arguments = string.Format("{0}","-ssh username#"+args[0]+" -pw password -m commands.txt");
amixerMediaProcess.StartInfo.FileName = "plink.exe";
amixerMediaProcess.Start();
Console.Write("Presskey to continue . . . ");
Console.ReadKey(true);
}
}
}
Sample commands.txt:
ps
Link: https://huseyincakir.wordpress.com/2015/08/27/send-commands-to-a-remote-device-over-puttyssh-putty-send-command-from-command-line/
Try MtPutty,
you can automate the ssh login in it. Its a great tool especially if you need to login to multiple servers many times. Try it here
Another tool worth trying is TeraTerm. Its really easy to use for the ssh automation stuff. You can get it here. But my favorite one is always MtPutty.
In case you are using Key based authentication, using saved Putty session seems to work great, for example to run a shell script on a remote server(In my case an ec2).Saved configuration will take care of authentication.
C:\Users> plink saved_putty_session_name path_to_shell_file/filename.sh
Please remember if you save your session with name like(user#hostname), this command would not work as it will be treated as part of the remote command.
I have powershell script that open putty.exe in process and i want to send data to this process, how can i do that???
PLEASE HELP!
The process:
$solExe = [diagnostics.process]::start("putty.exe", "-raw -P 2000 127.0.0.1")
The command line interface for putty is plink.exe. You can use plink to send commands over ssh.
For example:
PS C:> c:\progra~2\putty\plink.exe -i C:\credentials\mykeyfile.ppk root#myserver.com "ls";
Things to remember:
The first time you connect to a server, you'll have to add it to your registry, so this won't work in a non-interactive mode for brand new servers. There isn't a way to disable this.
The key file has to be in ppk format for plink.exe to recognize it. If yours is in pem format, use puttygen.exe to create a ppk file.
The path to the key file cannot contain any spaces, or the command above won't work.
If you want to send multiple commands at once, write them to a file and use the -m switch with plink.exe.
If you need to transfer files, you can use pscp.exe in a similar fashion.
Is it possible to have a Perl script run shell aliases? I am running into a situation where we've got a Perl module I don't have access to modify and one of the things it does is logs into multiple servers via SSH to run some commands remotely. Sadly some of the systems (which I also don't have access to modify) have a buggy SSH server that will disconnect as soon as my system tries to send an SSH public key. I have the SSH agent running because I need it to connect to some other servers.
My initial solution was to set up an alias to set ssh to ssh -o PubkeyAuthentication=no, but Perl runs the ssh binary it finds in the PATH instead of trying to use the alias.
It looks like the only solutions are disable the SSH agent while I am connecting to the problem servers or override the Perl module that does the actual connection.
Perhaps you could put a command called ssh in PATH ahead of the ssh which runs ssh as you want it to be run.
Alter the PATH before you run the perl script, or use this in your .ssh/config
Host *
PubkeyAuthentication no
Why don't you skip the alias and just create a shell script called ssh in a directory somewhere, then change the path to put that directory before the one containing the real ssh?
I had to do this recently with iostat because the new version output a different format that a third-party product couldn't handle (it scanned the output to generate a report).
I just created an iostat shell script which called the real iostat (with hardcoded path, but you could be more sophisticated), passing the output through an awk script to massage it into the original format. Then, I changed the path for the third-party program and it started working fine.
You could declare a function in .bashrc (or .profile or whatever) with that name. It could look like this (might break):
function ssh {
/usr/bin/ssh -o PubkeyAuthentication=no "$#"
}
But using a config file might be the best solution in your case.