I've not tried RSA keys with a Foundry device, but if you say it doesn't work, would a Perl module such as Net::SSH(2) not help in this regard?
http://search.cpan.org/dist/Net-SSH-Perl/lib/Net/SSH/Perl.pm David 2009/7/10 Nick Morrison <[email protected]>: > Hey all, > > I'm slowly working up a bunch of scripts that do useful network-adminy > things for Foundry switches - mostly perl scripts that run from a unix > management host. There's a lot you can get using the > SNMP::Info::Layer3::Foundry library > (http://search.cpan.org/~maxb/SNMP-Info-2.01/Info/Layer3/Foundry.pm) > and its ilk, but there ain't a MIB for everything, sadly. For > example, I'd like to get a full mac address table out.. but it appears > the only mac-related OIDs are to get the *static* mac table. > > First: I could be wrong! Has anyone else done much mucking with > perl+snmp+foundry who could comment? > > Second: for the times that it's just not possible, it would be *super* > useful to be able to use ssh in the old rsh style of running a command > against a switch without logging into it (eg using a passphrase-less > rsa key) and without having to navigate the prompt. > > With Cisco devices running IOS (or unix hosts running sshd), you can > do things like this: > > unixhost:~ > ssh u...@router show ver > Cisco Internetwork Operating System Software > IOS (tm) 2500 Software (C2500-D-L), Version 12.0(18b), RELEASE SOFTWARE (fc1) > Copyright (c) 1986-2002 by cisco Systems, Inc. > Compiled Mon 11-Feb-02 02:32 by kellythw > Image text-base: 0x03038A80, data-base: 0x00001000 > > ROM: System Bootstrap, Version 11.0(10c), SOFTWARE > BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), > RELEASE SOFTWARE (fc1) > > antares uptime is 11 minutes > System restarted by reload > System image file is "flash:c2500-d-l.120-18b.bin" > > cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory. > Processor board ID 07092223, with hardware revision 00000000 > Bridging software. > X.25 software, Version 3.0.0. > 2 Ethernet/IEEE 802.3 interface(s) > 2 Serial network interface(s) > 32K bytes of non-volatile configuration memory. > 16384K bytes of processor board System flash (Read ONLY) > > Configuration register is 0x2102 > unixhost:~ > > > ... to another unix box.. > > host1:~ > ssh u...@host2 ls -la > total 8410 > drwxr-xr-x 12 user user 1024 Jul 9 14:39 . > drwxr-xr-x 7 root wheel 512 Jul 7 12:20 .. > drwxr-xr-x 5 root user 512 Jul 7 14:27 .cpan > -rw-r--r-- 1 user user 758 May 23 17:04 .cshrc > -rw------- 1 user user 119 May 23 16:16 .history > drwx------ 2 user user 512 Jul 7 10:48 .irssi > -rw------- 1 root user 112 Jul 2 08:12 .lesshst > drwxr-xr-x 2 root user 512 Jun 1 07:21 .lftp > -rw-r--r-- 1 user user 258 May 23 17:04 .login > -rw-r--r-- 1 user user 167 May 23 17:04 .login_conf > -rw------- 1 user user 379 May 23 17:04 .mail_aliases > <snip> > > ... in other words, your script can grab output without having to go > through the process of logging in, expecting a prompt, running a > command, etc. This is of course a fairly standard ssh feature. and > useful! > > ... but foundry's software doesn't seem to support it. > > unixhost:~ > ssh u...@foundryrouter show ver > Protocol error, doesn't start with scp! > unixhost:~ > > > ... which disappoints me greatly. > > > What I'd really love to see is a community-oriented site, collating > handy scripts and tips on automating administrative checks and the > like. Is anyone else interested in this kind of venture? Has anyone > gone far down this path without going mad? :-) I'd be very happy to > lead or assist with a project aimed this way, as there is currently > not much out there (in my experience - please correct me if I'm > wrong), and with Brocade's new involvement I think we could get some > momentum behind us. We could even put some collective pressure on > Brocade to extend their ssh implementation to support these features.. > > What do you think? > > -- > Nick Morrison <[email protected]> > _______________________________________________ > foundry-nsp mailing list > [email protected] > http://puck.nether.net/mailman/listinfo/foundry-nsp _______________________________________________ foundry-nsp mailing list [email protected] http://puck.nether.net/mailman/listinfo/foundry-nsp
