I was recently asked by a couple of customers who were integrating the Windows Azure Pack with their datacenter if it was possible to manage Linux servers and network devices using SMA by leveraging Secure Shell (SSH). This in fact turns out to be fairly straightforward by utilizing a well-known application that a lot of Windows customers who leverage SSH will be familiar with – PuTTY. You can learn more about and download PuTTY from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html.
The specific tool that I will use in my module example will be plink.exe (PuTTY Link) that is also available from the PuTTY download page. This is a command line version of PuTTY that is designed around automating tasks on SSH enabled hosts programmatically.
I won’t go into details on enabling SSH on hosts as there is quite a lot of documentation on the web about this, including using public key authentication so that you don’t send your password to the host.
Based on plink.exe, I have created a sample SSH PowerShell module that allows for authenticating using either a password or a key file.
This sample module is available from Script Center http://gallery.technet.microsoft.com/Sample-PowerShell-module-8d961a1c
To prepare the module for use, you will need to download the SSH.zip file from Script Center, and then extract the contents to your computer. You then need to download the plink.exe tool and put this file into the PuttyFiles folder within the unzipped module.
Once this is complete, you can zip up the SSH folder again and import this module into SMA. Make sure when you zip up the module it has the following files and folder, as shown below:
The below sample runbook shows how you can use the activity available in the SSH module to make calls using SSH. It demonstrates making calls using a password (that is retrieved from an SMA variable asset called SSHPassword) as well as making calls using a host key file you have provided a path to using the KeyFilePath parameter.
The below image shows the output of running this runbook.
This sample cmdlet also accepts an optional switch parameter to automatically accept the host key. It is recommended that you do not use this setting because it can cause a runbook to accept any change in a server, including any that are for malicious purposes. By selecting this option, you are instructing the cmdlet to connect to any server, regardless of the host key. Only use this option for testing purposes.
As you can see from the above example, it is easy to connect to SSH enabled hosts using SMA runbooks by leveraging either keys or passwords for authentication, depending on what you require. There are other SSH clients besides PuTTY available on Windows computers. A good example is on codeplex http://sshnet.codeplex.com, and you should be able to build a PowerShell module for them in a similar manner, depending on their implementation.
This should get you started managing systems in your datacenter that don’t have PowerShell available using the same tools you use to manage the systems that do have PowerShell available – creating a single location for all your automation needs, independent of what operating systems you need to manage.