[f-nsp] scripting

David Ball davidtball at gmail.com
Fri Jul 10 09:07:50 EDT 2009 

  I've not tried RSA keys with a Foundry device, but if you say it
doesn't work, would a Perl module such as Net::SSH(2) not help in this
regard?

http://search.cpan.org/dist/Net-SSH-Perl/lib/Net/SSH/Perl.pm

David


2009/7/10 Nick Morrison <nick at nick.on.net>:
> Hey all,
>
> I'm slowly working up a bunch of scripts that do useful network-adminy
> things for Foundry switches - mostly perl scripts that run from a unix
> management host.  There's a lot you can get using the
> SNMP::Info::Layer3::Foundry library
> (http://search.cpan.org/~maxb/SNMP-Info-2.01/Info/Layer3/Foundry.pm)
> and its ilk, but there ain't a MIB for everything, sadly.  For
> example, I'd like to get a full mac address table out.. but it appears
> the only mac-related OIDs are to get the *static* mac table.
>
> First: I could be wrong!  Has anyone else done much mucking with
> perl+snmp+foundry who could comment?
>
> Second: for the times that it's just not possible, it would be *super*
> useful to be able to use ssh in the old rsh style of running a command
> against a switch without logging into it (eg using a passphrase-less
> rsa key) and without having to navigate the prompt.
>
> With Cisco devices running IOS (or unix hosts running sshd), you can
> do things like this:
>
> unixhost:~ > ssh user at router show ver
> Cisco Internetwork Operating System Software
> IOS (tm) 2500 Software (C2500-D-L), Version 12.0(18b), RELEASE SOFTWARE (fc1)
> Copyright (c) 1986-2002 by cisco Systems, Inc.
> Compiled Mon 11-Feb-02 02:32 by kellythw
> Image text-base: 0x03038A80, data-base: 0x00001000
>
> ROM: System Bootstrap, Version 11.0(10c), SOFTWARE
> BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
> RELEASE SOFTWARE (fc1)
>
> antares uptime is 11 minutes
> System restarted by reload
> System image file is "flash:c2500-d-l.120-18b.bin"
>
> cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory.
> Processor board ID 07092223, with hardware revision 00000000
> Bridging software.
> X.25 software, Version 3.0.0.
> 2 Ethernet/IEEE 802.3 interface(s)
> 2 Serial network interface(s)
> 32K bytes of non-volatile configuration memory.
> 16384K bytes of processor board System flash (Read ONLY)
>
> Configuration register is 0x2102
> unixhost:~ >
>
> ... to another unix box..
>
> host1:~ > ssh user at host2 ls -la
> total 8410
> drwxr-xr-x  12 user  user     1024 Jul  9 14:39 .
> drwxr-xr-x   7 root   wheel      512 Jul  7 12:20 ..
> drwxr-xr-x   5 root   user      512 Jul  7 14:27 .cpan
> -rw-r--r--   1 user  user      758 May 23 17:04 .cshrc
> -rw-------   1 user  user      119 May 23 16:16 .history
> drwx------   2 user  user      512 Jul  7 10:48 .irssi
> -rw-------   1 root   user      112 Jul  2 08:12 .lesshst
> drwxr-xr-x   2 root   user      512 Jun  1 07:21 .lftp
> -rw-r--r--   1 user  user      258 May 23 17:04 .login
> -rw-r--r--   1 user  user      167 May 23 17:04 .login_conf
> -rw-------   1 user  user      379 May 23 17:04 .mail_aliases
> <snip>
>
> ... in other words, your script can grab output without having to go
> through the process of logging in, expecting a prompt, running a
> command, etc.  This is of course a fairly standard ssh feature.  and
> useful!
>
> ... but foundry's software doesn't seem to support it.
>
> unixhost:~ > ssh user at foundryrouter show ver
> Protocol error, doesn't start with scp!
> unixhost:~ >
>
> ... which disappoints me greatly.
>
>
> What I'd really love to see is a community-oriented site, collating
> handy scripts and tips on automating administrative checks and the
> like.  Is anyone else interested in this kind of venture?  Has anyone
> gone far down this path without going mad? :-)  I'd be very happy to
> lead or assist with a project aimed this way, as there is currently
> not much out there (in my experience - please correct me if I'm
> wrong), and with Brocade's new involvement I think we could get some
> momentum behind us.  We could even put some collective pressure on
> Brocade to extend their ssh implementation to support these features..
>
> What do you think?
>
> --
> Nick Morrison <nick at nick.on.net>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

More information about the foundry-nsp mailing list