The transition to NetApp MS Azure AD B2C is complete. If you missed the pre-registration, you will be invited to reigister at next log in.
Please note that access to your NetApp data may take up to 1 hour.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Microsoft Virtualization Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Microsoft Virtualization Discussions

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Start a New Post

Invoke-NcSsh credential

kahuna
NetApp
‎2017-01-31 09:34 AM

 

Hi all,

 

I am trying to run SSH commands on a filer but cannot make the credentials work with "Read-Host"

 

Here is what I am doing:

 

 

$lif = Read-Host "Please enter the node IP address (management LIF)"
$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"
$password = ConvertTo-SecureString $pass -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$password
Invoke-NcSsh -name $lif -command version -credential $cred

 

Here is what I am getting:



Invoke-NcSsh : User cannot be authenticated.
At C:\script.ps1:7 char:1
+ Invoke-NcSsh -name $lif -command version -credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: ( [Invoke-NcSsh], SshAuthenticationException
    + FullyQualifiedErrorId : SshExecFailed,DataONTAP.C.PowerShell.SDK.Cmdlets.Toolkit.Ssh.InvokeNcSsh

 

 

any ideas?

0 Kudos
View By:
1 ACCEPTED SOLUTION

JGPSHNTAP
‎2017-02-01 03:45 AM
In response to kahuna

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

View solution in original post

5 REPLIES 5

asulliva
NetApp
‎2017-01-31 09:59 AM

You don't need to convert the string to a secure string if you're collecting it as one.  This works:

 

$lif = Read-Host "Please enter hostname or LIF address"

$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"

$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$pass

Invoke-NcSsh -Controller $lif -Command version -Credential $cred

You could also just prompt for a credential:

 

$cred = Get-Credential

Invoke-NcSsh ... -Credential $cred

I elaborated on this a bit in my post here.

 

Hope that helps.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

kahuna
NetApp
‎2017-01-31 10:42 PM
In response to asulliva

thanks guys

 

Prompt is fine. However, I need to run a few commands and send each to a text file (see below). Each time I run Invoke-NcSsh it prompts for credentials which is unacceptable

what I was thinking is either a) find a way to keep the Credentials in cache somehow and let the subsequent commands get it from there, or b) use one command but with some kind of a function

 

any ideas?

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$cred = Get-Credential

Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command sysstat -x -c 40 | Out-File C:\sysstat.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command ps | Out-File C:\ps.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -b 
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -e | Out-File C:\statit.txt
0 Kudos

JGPSHNTAP
‎2017-02-01 03:45 AM
In response to kahuna

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

View solution in original post

kahuna
NetApp
‎2017-02-01 04:12 AM
In response to JGPSHNTAP

it works!

 

here is what I did:

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$user = Read-Host "Please enter the username"
Read-Host "Enter Password" -AsSecureString |  ConvertFrom-SecureString | Out-File "C:\ssh\Password.txt"
$pass = Get-Content "C:\ssh\Password.txt" | ConvertTo-SecureString
$File = "C:\ssh\Password.txt"
$MyCredential=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, (Get-Content $File | ConvertTo-SecureString)
Invoke-NcSsh -name $node -Credential $MyCredential -Command command1 | Out-File C:\command1.txt
Invoke-NcSsh -name $node -Credential $MyCredential -Command command2 | Out-File C:\command2.txt

thank you all!

0 Kudos

JGPSHNTAP
‎2017-01-31 09:50 AM

First of all, you always want to try to use the builtin cmdlets when they are available.

 

Look at get-ncsystemversion.  That should do the trick.   I only tend to use invoke-ncssh when necassary

0 Kudos
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

View All
NetApp Insights to Action
I2A Banner
All Community Forums
Learn about the Community Get Started
Still have Questions Start a Discussion
Rules of the Community Read More
© 2021 NetApp
Let us know
Public