Microsoft Virtualization Discussions

Invoke-NcSsh credential

kahuna
7,339 Views

 

Hi all,

 

I am trying to run SSH commands on a filer but cannot make the credentials work with "Read-Host"

 

Here is what I am doing:

 

 

$lif = Read-Host "Please enter the node IP address (management LIF)"
$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"
$password = ConvertTo-SecureString $pass -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$password
Invoke-NcSsh -name $lif -command version -credential $cred

 

Here is what I am getting:



Invoke-NcSsh : User cannot be authenticated.
At C:\script.ps1:7 char:1
+ Invoke-NcSsh -name $lif -command version -credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: ( [Invoke-NcSsh], SshAuthenticationException
    + FullyQualifiedErrorId : SshExecFailed,DataONTAP.C.PowerShell.SDK.Cmdlets.Toolkit.Ssh.InvokeNcSsh

 

 

any ideas?

1 ACCEPTED SOLUTION

JGPSHNTAP
7,250 Views

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

View solution in original post

5 REPLIES 5

JGPSHNTAP
7,327 Views

First of all, you always want to try to use the builtin cmdlets when they are available.

 

Look at get-ncsystemversion.  That should do the trick.   I only tend to use invoke-ncssh when necassary

asulliva
7,318 Views

You don't need to convert the string to a secure string if you're collecting it as one.  This works:

 

$lif = Read-Host "Please enter hostname or LIF address"

$user = Read-Host "Please enter the username"
$pass = Read-Host -assecurestring "Please enter your password"

$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$pass

Invoke-NcSsh -Controller $lif -Command version -Credential $cred

You could also just prompt for a credential:

 

$cred = Get-Credential

Invoke-NcSsh ... -Credential $cred

I elaborated on this a bit in my post here.

 

Hope that helps.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

kahuna
7,268 Views

thanks guys

 

Prompt is fine. However, I need to run a few commands and send each to a text file (see below). Each time I run Invoke-NcSsh it prompts for credentials which is unacceptable

what I was thinking is either a) find a way to keep the Credentials in cache somehow and let the subsequent commands get it from there, or b) use one command but with some kind of a function

 

any ideas?

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$cred = Get-Credential

Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command sysstat -x -c 40 | Out-File C:\sysstat.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command ps | Out-File C:\ps.txt
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -b 
Invoke-NcSsh -name $node -Credential $cred -Command node run -node $nodename -command statit -e | Out-File C:\statit.txt

JGPSHNTAP
7,251 Views

B/c you aren't storing your credential cache right when you connect to the controller

 

do a man connect-nccontroller -full and look at example on storing credentials. 

 

Also, read this article.

 

https://www.adminarsenal.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

kahuna
7,242 Views

it works!

 

here is what I did:

 

$node = Read-Host "Please enter the node IP address (management LIF)"
$nodename = Read-Host "Please enter the node name"
$user = Read-Host "Please enter the username"
Read-Host "Enter Password" -AsSecureString |  ConvertFrom-SecureString | Out-File "C:\ssh\Password.txt"
$pass = Get-Content "C:\ssh\Password.txt" | ConvertTo-SecureString
$File = "C:\ssh\Password.txt"
$MyCredential=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, (Get-Content $File | ConvertTo-SecureString)
Invoke-NcSsh -name $node -Credential $MyCredential -Command command1 | Out-File C:\command1.txt
Invoke-NcSsh -name $node -Credential $MyCredential -Command command2 | Out-File C:\command2.txt

thank you all!

Public