{"id":683,"date":"2021-05-16T19:18:44","date_gmt":"2021-05-16T18:18:44","guid":{"rendered":"http:\/\/192.168.8.14\/?p=683"},"modified":"2021-05-16T19:18:44","modified_gmt":"2021-05-16T18:18:44","slug":"using-sshshellstream","status":"publish","type":"post","link":"https:\/\/www.jasonstreet.com\/?p=683","title":{"rendered":"Using SSHShellStream"},"content":{"rendered":"\n

One of my pet projects I am working on is a fully auto VCSA certificate checking script. I want to check the machine, root and STS certificates. I still have some problems to over come but I think I have solved my most pressing problem. That problem was how do I SSH to the VCSA and issue a string of commands. Normally I use the invoke-sshcommand command but that is disjointed as sometimes the commands execute in there own little “session” . A good example is NetApp.<\/p>\n\n\n\n

I want to run a command in advanced user mode. So I would normally issue the commands<\/p>\n\n\n

\npriv set advanced\ny\nCommand-that-uses-advanced-priv\n<\/pre><\/div>\n\n\n
Using invoke-sshcommand the Command-that-uses-advanced-priv will not run with advanced privileges.<\/p>\n\n\n\n
In my googling for an answer I found the Posh-SSH new-SSHShellStream command but no info that I could understand and use. Eventually I found something that allowed me to work it out. LucD had some code that I could understand here <\/a><\/p>\n\n\n\n
So before I forget, here is my using SSHShellStream for normals guide<\/strong><\/p>\n\n\n\n
We must create an SSH session as normal but we then create the SSHShellStream. once we have that we can use the objects methods (Writeline and Read) to to get data in and out of the session.<\/p>\n\n\n\n
Below is a section of code from my auto VCSA cert checker script. I will then explain what (I think) is going on.<\/p>\n\n\n
\n# connect to vcsa with SSH and open the SSh stream\n$session = New-SSHSession -ComputerName $vcsa -Credential $cred \u2013AcceptKey\n$stream = New-SSHShellStream -SSHSession $session -TerminalName tty\n\n# send the commands and get the results in to $CertList and $STSCertList\n# drop to the BASH shell\n$stream.WriteLine('shell')\nsleep 3\n# send a BASH one liner to list the crets and there info\n$stream.WriteLine('for i in $(\/usr\/lib\/vmware-vmafd\/bin\/vecs-cli store list); do echo STORE $i; sudo \/usr\/lib\/vmware-vmafd\/bin\/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done')\nsleep 3\n# read the result of that in to the variable $CertList\n$CertList = $stream.Read()\nsleep 3\n$stream.WriteLine('cd \/tmp')\nsleep 3\n$DontCare = $stream.Read()\nsleep 3\n# run the checksys python script in \/tmp (if that is where you have deployed it to)\n$stream.WriteLine('python checksts.py')\nsleep 3\n# get the output of that script in to the $STSCertList variable\n$STSCertList = $stream.Read()\n\n# close the SSH session and stream\n$stream.Close()\nRemove-SSHSession -SSHSession $session | Out-Null\n<\/pre><\/div>\n\n\n
Line 2,  I am connecting to my VCSA with root credentials with the session object saved imaginably named $session.<\/p>\n\n\n\n
Line 2, I new create a SSHShellStream  using my $Session object and save that as an object called $Stream<\/p>\n\n\n\n
Line 7, I send the stream the string “shell” using the WriteLine method to enable the Bash shell on the VCSA.<\/p>\n\n\n\n
Line 8, add a pause in case the command takes a while to execute.<\/p>\n\n\n\n
Line 9, I “input” a line of script using the WriteLine method.<\/p>\n\n\n\n
Line 10, another pause in case it takes a while to run.<\/p>\n\n\n\n
Line 13, I use the read method to read everything “outputted” from the Bash script, saving it to the variable $CertList<\/p>\n\n\n\n
I then do some more stuff<\/p>\n\n\n\n
Line 26, I close the stream <\/p>\n\n\n\n
Line 27, And I close the SSH session.<\/p>\n\n\n\n
<\/p>\n\n\n\n
 <\/p>\n\n\n\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
One of my pet projects I am working on is a fully auto VCSA certificate checking script. I want to check the machine, root and STS certificates. I still have some problems to over come but I think I have solved my most pressing problem. That problem was how do I SSH to the VCSA…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[4,27],"tags":[136,135,13,137,102],"class_list":["post-683","post","type-post","status-publish","format-standard","hentry","category-powershell","category-tutorial","tag-module","tag-posh-ssh","tag-powershell","tag-shellstream","tag-ssh"],"_links":{"self":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=683"}],"version-history":[{"count":3,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/683\/revisions"}],"predecessor-version":[{"id":686,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=\/wp\/v2\/posts\/683\/revisions\/686"}],"wp:attachment":[{"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jasonstreet.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}