Execute remote command (SSH)¶

Prerequisites¶

Modules

osp-scripts

Checkout branches

git checkout origin/osp-scripts-configuration .

Description¶

In this tutorial you will learn how to enable a script to execute a command on a remote device. This method can be used for example to fetch information on a remote host, or launch some external process.

Logical schema

@startuml
skinparam backgroundColor transparent

node script as "osp-scripts"
node host as "remote-host"

script -[#black]> host : <size:11><color:black>**Via SSH execute command "ls / | wc -l"**
@enduml

Configuration¶

Steps¶

1. Create a detached script¶

root/script/detached.scripts

The detached script has the task to execute the script every 30 seconds.

{
    "moduleId" : "modules.scripts.scripts-1",
    "sourceFile" : "root/script/script.js",
    "accessedValues" : [],
    "scheduledExecutions" : ["0/10 * * ? * * *"]
}

1. Create a script to execute on a remote target (via SSH)¶

root/script/script.js

Note

Change the IP/hostname and check if the SSH is enabled on your test target.

main();

function main() {
    
    log.info("Execute example script with schedule execution and certificate authentification");
    // Create the runner for SSH with CERTIFICATE
    let runner = ssh.certCmdBuilder("10.100.0.77", 51234, "osp", "test")
    // Set the maximum time to establish the connection (keep it low)
    .setConnectionTimeout(5)
    // Set a maximum time after witch the SSH drop the line.
    .setMaxCommandTime(5)
    .build();

    // Establish a SSH connexion and run a command.
    let res = runner.run(["echo \"executed\"", ">", "/tmp/script-execution-result"]);

    // If SSH failure
    if (res.exceptionCode !== 0) 
    {
        log.error("Fail to establish the SSH connection with error code [" + res.exceptionCode + "]");    
        return;
    }

    if (res.returnCode !== 0) 
    {
        log.error("Fail to execute the command error code [" + res.exceptionCode + "] and stdin [" + res.stdIn + "] and stderr [" + res.stdErr +"]" );    
        return;
    }
    
    log.info("Execution success output is [" + res.stdIn + "]");
}

3. Add the SSH certificates as resource¶

Note

The certificate must be generated in PEM format. The OPENSSH format is not supported by the lib used to establish the SSH connection. You can for example use ssh-keygen -t rsa -m PEM

modules/script/scripts-1/module.resources

{
    "resources": [
        {
            "source": "root/ssh/",
            "destination": "/certs"
        }
    ]
}

root/ssh/test

root/ssh/test.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3Lqz+BEd1XECTLTQgjEvyshc1liWHH2GFLum28gx3i81JLS58ERpMO8j3vG7PwHZB2tMqpHYlRZ8jpWVJgPcpztlkLrXBCYtrbKpsprr9vcBDakJabmaZ/DVpi82s25WAzCsuRcPYG/j6rHypVLz6gMF7zF3ZjCZleMkIyMfD9GkOG2WvdWPz49s7b68qiOB3RdGjJElRHoqnSZQFOWElD5Vyrb8dRtWfGJL8DAfHSKoqwQF3TaRIWRY4mxU3YbhuxXRgU6gQMCTHnhF7FG8/8agAO37jKd563ZqPf8vm2wIAfdzTmULEoVrdpbxCfmbwOWuYkM0FZSD1t5kWmOQVaVKtw7FbG5loKTwvQMEoRwha8N1sVjp2L6RM8+Ra/Tr0e98oeTsO8dB6Q6U0gi0Nvrp8z1wn4ru6eRgMuYH0olgzbWd0olbs0vRXMUaZF8uBKRnIx+X5IyyPLZHfcIzjWPPsGBWd6WqIBMFbqSlZkobJxxsjrfbAasg87qgFh3c= manticore@manticore

1. Deploy the SSH key on host¶

To authenticate with SSH key the host must have the public key listed inside its ~/.ssh/authorized_keys file. Use one of the following method :

use ssh-copy-id from a linux host

ssh-copy-id -i [] user@host

write the public key inside the file

cat [pubkey.pem] >> ~/.ssh/authorized_keys