The transition to NetApp MS Azure AD B2C is complete. If you missed the pre-registration, you will be invited to reigister at next log in.
Please note that access to your NetApp data may take up to 1 hour.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Microsoft Virtualization Discussions

Invoke-NcSsh credential

kahuna

 

Hi all,

 

I am trying to run SSH commands on a filer but cannot make the credentials work with "Read-Host"

 

Here is what I am doing:

 

 

$lif = Read-Host "Please enter the node IP address (management LIF)"
$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"
$password = ConvertTo-SecureString $pass -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$password
Invoke-NcSsh -name $lif -command version -credential $cred

 

Here is what I am getting:



Invoke-NcSsh : User cannot be authenticated.
At C:\script.ps1:7 char:1
+ Invoke-NcSsh -name $lif -command version -credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: ( [Invoke-NcSsh], SshAuthenticationException
    + FullyQualifiedErrorId : SshExecFailed,DataONTAP.C.PowerShell.SDK.Cmdlets.Toolkit.Ssh.InvokeNcSsh

 

 

any ideas?

1 ACCEPTED SOLUTION

JGPSHNTAP

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

View solution in original post

5 REPLIES 5

asulliva

You don't need to convert the string to a secure string if you're collecting it as one.  This works:

 

$lif = Read-Host "Please enter hostname or LIF address"

$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"

$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$pass

Invoke-NcSsh -Controller $lif -Command version -Credential $cred

You could also just prompt for a credential:

 

$cred = Get-Credential

Invoke-NcSsh ... -Credential $cred

I elaborated on this a bit in my post here.

 

Hope that helps.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

kahuna

thanks guys

 

Prompt is fine. However, I need to run a few commands and send each to a text file (see below). Each time I run Invoke-NcSsh it prompts for credentials which is unacceptable

what I was thinking is either a) find a way to keep the Credentials in cache somehow and let the subsequent commands get it from there, or b) use one command but with some kind of a function

 

any ideas?

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$cred = Get-Credential

Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command sysstat -x -c 40 | Out-File C:\sysstat.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command ps | Out-File C:\ps.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -b 
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -e | Out-File C:\statit.txt

JGPSHNTAP

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

View solution in original post

kahuna

it works!

 

here is what I did:

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$user = Read-Host "Please enter the username"
Read-Host "Enter Password" -AsSecureString |  ConvertFrom-SecureString | Out-File "C:\ssh\Password.txt"
$pass = Get-Content "C:\ssh\Password.txt" | ConvertTo-SecureString
$File = "C:\ssh\Password.txt"
$MyCredential=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, (Get-Content $File | ConvertTo-SecureString)
Invoke-NcSsh -name $node -Credential $MyCredential -Command command1 | Out-File C:\command1.txt
Invoke-NcSsh -name $node -Credential $MyCredential -Command command2 | Out-File C:\command2.txt

thank you all!

JGPSHNTAP

First of all, you always want to try to use the builtin cmdlets when they are available.

 

Look at get-ncsystemversion.  That should do the trick.   I only tend to use invoke-ncssh when necassary

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public