Radek Asked that "Rsh command is no longer available in Windows 7 & Windows 2008, which begs the question: what is plan B?What I mean by that is the fact that a lot of scripting & some host-side utilities (like perfstat) rely heavily on remote shell & won't run without it.What I found out is that apparently there is additional package from Microsoft called Subsystem for Unix Applications (SUA), but a) some people says it actually doesn't include rsh, b) I try to install it on Windows 7 few times & it fails each time.


Any hints / tips / suggestions?"

 

I thought to explain how to make SSH working and can replace the RSH call. SSH is very much a secured protocol and a simple following statement states the need of SSH

 

o rsh is a remote shell program that gives you a login connection on a remote machine. The protocol it uses passes your password in cleartext! Anyone sniffing the network between the two machins can capture your password.

o ssh uses black-magic encryption to encode your datastreams so that only the two machines can understand each other. This is a great scheme provided you can trust both machines!

 

 

To make SSH to work for scripting the following steps should be followed/configured.

 

 

You can use ssh authorized keys from you host to use no password ssh connection to your NetApp Storage Systems

 

1. On the monitoring host:(Linux/Solaris/Windows)

 

  - create pair ssh keys, private & public by ssh-keygen from SSH pkg like

 

     ssh-keygen -t dsa -b 1024  [without paraphrase]

 

  - save both keys in root home folder, for Solaris&Linux it's /.ssh

 

Note : Incase of Windows you can check the plink putty command line utility (http://the.earth.li/~sgtatham/putty/0.53b/htmldoc/Chapter7.html)

 

2. On the Netapp Storage System Root Volume side (Be careful if you do rm command it will blow up ur Filer etc directory and huge security risk)

 

     o mount /vol/vol0   on the Host machine

 

     o cd to etc on netapp, further cd sshd/root/.ssh if not exists create it

 

     o in NetApp Storage System go to /etc/sshd/root/.ssh copy public key generated on the monitoring host here with  authorized_keys name, make sure it has 600 root permissions

        as well as .ssh directory

 

3. On the Netapp Storage System console

 

     o Run the Secure Admin Setup using the command  secureadmin setup ssh  Setup will now generate the host keys. It will take a minute. After Setup is finished the SSH server will start automatically.

 

     o make sure that ssh option on Netapp "ssh.pubkey_auth.enable" is on

 

4. Test the Connection from host

 

     o You can now run ssh remotely from your host to NetApp to get info like:

 

         [21:46][danielpr@siml9 ~] >ssh 192.168.1.2 -l root 'vol status -f'


          Broken disks (empty)

         [21:46][danielpr@siml9 ~] >

 

 

Perl script; need only Perl

===========================

#!/usr/bin/perl

use strict;

# Provide the user and filer to your username/filer hostname

my $sshcmd = "/usr/local/bin/ssh user\@filer";

my $rv = `$sshcmd "fcp show adapter -v"`;

if ($rv eq "") {

    die "something's wrong\n";

}

# print the output.

print $rv;

 

my $rv = `$sshcmd "lun config_check"`;

unless ($rv =~ "No Problems Found") {

         print "!!! lun config_check FAILED !!!\n";

         print "Error was $rv\n";

}

print $rv;

 

my $rv = `$sshcmd "fcp status"`;

if ($rv =~ /FCP service is running/) {

         print $rv;

} else {

         print "!!!! FCP status FAILED !!!!\n";

         print "Error was $rv\n";

}

 

# etc.

 

exit;

 

 

Another Perl script using SSH lib

==========================

 

use Net::SSH::Perl;

$host = "remote hostname or ip";

$user = "username";

$pass = "password";

$cmd = "/fullpath/remote_script.pl";

my $ssh = Net::SSH::Perl->new($host);

$ssh->login($user, $pass);

my($stdout, $stderr, $exit) = $ssh->cmd($cmd);

 

Expect script

=============

 

    Expect script will look something like :

 

    #!/usr/bin/env expect -f

 

    set timeout -1

    set stty_init -echo

 

    spawn ssh 192.168.1.2 -l root

    match_max 100000

    expect "Are you sure you want to continue connecting"

    send -- "yes\r"

    expect "password:"

    send -- "root-password-here\r"

 

    stty echo

 

    expect "sent unsupported channel request"

    send -- "\r"

    expect -exact "FILER1>"

    send -- "fcp show adapter -v\r"

 

    expect -exact "FILER1>"

    send -- "lun config_check\r"

 

    expect -exact "FILER1>"

    send -- "fcp status\r"

 

    expect -exact "SLAFILE1>"

    send -- "logout telnet"

Filter Blog

By date:
By tag: