SSH: Running single commands from SSH command line
Veit
Posts: 21 Freshman Member
Hi,
I have got a suggestion for future ZyNOS releases:
It would be nice to be able to run single commands via SSH on the switches instead of opening a login shell. This would help to orchestrate a bigger amount of switches by (client-side) scripting and might allow easier/better monitoring.
Example:
To run a command like "show system-information", instead of...
$ ssh admin@192.168.1.1
admin@192.168.1.1's password:
Copyright (c) 1994 - 2017 Zyxel Communications Corp.
XGS2210# show system-information
Product Model : XGS2210-28
System Name : XGS2210
System Mode : Standalone
System Contact :
System Location :
System up Time : 25:56:29 (8e806a ticks)
Ethernet Address : 5c:e2:8c:5e:24:fc
Bootbase Version : V1.0 | 01/25/2016
ZyNOS F/W Version : V4.50(AAZJ.0) | 09/08/2017
Config Boot Image : 1
Current Boot Image : 1
Current Configuration : 1
RomRasSize : 7338278
XGS2210# exit
Write failed: Broken pipe
$
... one could execute a single command on the switch like this instead:
$ ssh admin@192.168.1.1 -- show system-information
admin@192.168.1.1's password:
Product Model : XGS2210-28
System Name : XGS2210
System Mode : Standalone
System Contact :
System Location :
System up Time : 25:56:29 (8e806a ticks)
Ethernet Address : xx:xx:xx:xx:xx:xx
Bootbase Version : V1.0 | 01/25/2016
ZyNOS F/W Version : V4.50(AAZJ.0) | 09/08/2017
Config Boot Image : 1
Current Boot Image : 1
Current Configuration : 1
RomRasSize : 7338278
$
So a script could gather and process the output.
For even better processing it would be nice if an exit code would be set, so the script/caller can determine whether an error (and with different exit codes: which error) has occured without the need to parse the output.
Also sending error/warning messages to stderr instead of stdout would be great.
Alternative syntax (if easier to implement) could be quoting the complete command:
$ ssh admin@192.168.1.1 -- 'show system-information'
All this is currently not possible, and to archieve similar integration to our management infrastructure, we had to implement expect-like wrappers, that are much more complicated and time-consuming to build and slower to execute, and much more likely to fail because of changes in the output of future ZyNOS releases.
Best regards,
// Veit
I have got a suggestion for future ZyNOS releases:
It would be nice to be able to run single commands via SSH on the switches instead of opening a login shell. This would help to orchestrate a bigger amount of switches by (client-side) scripting and might allow easier/better monitoring.
Example:
To run a command like "show system-information", instead of...
$ ssh admin@192.168.1.1
admin@192.168.1.1's password:
Copyright (c) 1994 - 2017 Zyxel Communications Corp.
XGS2210# show system-information
Product Model : XGS2210-28
System Name : XGS2210
System Mode : Standalone
System Contact :
System Location :
System up Time : 25:56:29 (8e806a ticks)
Ethernet Address : 5c:e2:8c:5e:24:fc
Bootbase Version : V1.0 | 01/25/2016
ZyNOS F/W Version : V4.50(AAZJ.0) | 09/08/2017
Config Boot Image : 1
Current Boot Image : 1
Current Configuration : 1
RomRasSize : 7338278
XGS2210# exit
Write failed: Broken pipe
$
... one could execute a single command on the switch like this instead:
$ ssh admin@192.168.1.1 -- show system-information
admin@192.168.1.1's password:
Product Model : XGS2210-28
System Name : XGS2210
System Mode : Standalone
System Contact :
System Location :
System up Time : 25:56:29 (8e806a ticks)
Ethernet Address : xx:xx:xx:xx:xx:xx
Bootbase Version : V1.0 | 01/25/2016
ZyNOS F/W Version : V4.50(AAZJ.0) | 09/08/2017
Config Boot Image : 1
Current Boot Image : 1
Current Configuration : 1
RomRasSize : 7338278
$
So a script could gather and process the output.
For even better processing it would be nice if an exit code would be set, so the script/caller can determine whether an error (and with different exit codes: which error) has occured without the need to parse the output.
Also sending error/warning messages to stderr instead of stdout would be great.
Alternative syntax (if easier to implement) could be quoting the complete command:
$ ssh admin@192.168.1.1 -- 'show system-information'
All this is currently not possible, and to archieve similar integration to our management infrastructure, we had to implement expect-like wrappers, that are much more complicated and time-consuming to build and slower to execute, and much more likely to fail because of changes in the output of future ZyNOS releases.
Best regards,
// Veit
1
Comments
-
If your purpose is to let it easier when you use a script, what is the difference between
ssh admin@192.168.1.1 \r
password \r
show system-information \r
and
ssh admin@192.168.1.1 "show system-information" \r
password \r
They are all written in one script, right?
0 -
Well, there are several advantages of the method requested:
1. It will be instantly robust and automatically return when the command has been processed. There is no need to analyze the output of the command at this point to tell whether the command has finished.
2. Running a command directly will (should) omit the welcome message shown after log-in. This is especially handy when processing the output a command returns.
3. When executing the command returns a valid exit code, one can tell whether a command has been executed successfully or not (and what happened) without the need to look at the output at all. This makes the script robust against changes in the output format (e.g. after firmware upgrade) and will work across different switch models. You may even simply chain commands in scripts based on success of previous commands.
4. It is simply much less work to script.
Regards,
// Veit
0 -
Thanks @Chris77 share his comment with us.
Here is his original topic: Zyxel XS1930-12HP SSH command over libssh (C++)
Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight