APC UPS Data Center & Enterprise Solutions Forum
Schneider, APC support forum to share knowledge about installation and configuration for Data Center and Business Power UPSs, Accessories, Software, Services.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
I have a number of 8xxx series PDUs. I want to write bash scripts to collect information from them. Is it possible to authorize an ssh key for a management card user so that it can connect without a password. Ideally I want to create a readonly type user on each device and authorize that user to authenticate with an ssh key instead of a password.
I can use either a local user account or I could configure radius. A ssh key solution for either type would work for me. (either uploading the ssh key to the device or having RADIUS provide the ssh key)
Also, it seems that when I it does not accept scripted command via ssh. for example, "ssh
Most devices are currently running 5.1.6 and I am in the process of upgrading them to 633 (I think that is 6.0.33 -- the current release)
In the 6.x documentation I saw references to scripting via the command line interface. What is the typical way to do that?
--BobG
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
FYI, I have written a BASH library that manipulates ssh to communicate with the APC gen 2 management cards that are in the 8xxx series pdus. If anyone is interested in getting it, PM me.
Here is an example script that would run a command passed to it and display the results. The library has the default passwords hard coded for the known usernames. If you specify a different username, it prompts you to enter the password. It would make sense to leave the readonly password to the default and change the others so that the script could be used without any password for readonly access but for users you add, it would prompt for a passowrd. Of course you could choose to hard code your admin password in your scripts too.
I will also add methods to the APCPDU class to manipulate outlets, etc...
cat pduRun
#!/bin/bash
#usage: pduRun
source bg_APCPDU.sh
device="${1:-$myPDU.example.com}"; [ $# -gt 0 ] && shift
username="${1:-readonly}"; [ $# -gt 0 ] && shift
declare -A pdu=()
ConstructObject APCPDU pdu "$device"
$pdu.connect "$username" "$promptForPass"
$pdu.execCommand "$*"
echo "$($pdu.get buf)"
$pdu.disconnect
Link copied. Please paste this link to share this article on your social media post.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Hi Bob,
We don't support key based authentication at this time unfortunately. And so that second question doesn't work either as you have to be logged in to issue commands. I will inquire more about key based authentication but I don't think we plan to implement it in the immediate future.
The scripting help we have is just a guide to the command line interface (and also mentions SNMP as an option) -> http://www.apc.com/support/index?page=content&country=ITB〈=en&locale=en_US&id=FA156163
And yes, for the AP8XXX series/models of PDU, AOS (APC OS) 6.3.2 /rpdu2g APP 6.3.3 is the latest. We'll be coming out with a new rev shortly (AOS 6.3.3 I think) with some security changes but the answers to your questions won't change with that release. We are removing RC4 ciphers, providing TLS 1.2, SHA-2 hash signatures, etc.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Thank you for your quick response. Disappointing, but at least I know.
I hope to see a more complete sshd implementation on these devices in the future.
--BobG
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
Link copied. Please paste this link to share this article on your social media post.
Posted: 2021-07-09 04:03 AM . Last Modified: 2024-02-14 11:13 PM
FYI, I have written a BASH library that manipulates ssh to communicate with the APC gen 2 management cards that are in the 8xxx series pdus. If anyone is interested in getting it, PM me.
Here is an example script that would run a command passed to it and display the results. The library has the default passwords hard coded for the known usernames. If you specify a different username, it prompts you to enter the password. It would make sense to leave the readonly password to the default and change the others so that the script could be used without any password for readonly access but for users you add, it would prompt for a passowrd. Of course you could choose to hard code your admin password in your scripts too.
I will also add methods to the APCPDU class to manipulate outlets, etc...
cat pduRun
#!/bin/bash
#usage: pduRun
source bg_APCPDU.sh
device="${1:-$myPDU.example.com}"; [ $# -gt 0 ] && shift
username="${1:-readonly}"; [ $# -gt 0 ] && shift
declare -A pdu=()
ConstructObject APCPDU pdu "$device"
$pdu.connect "$username" "$promptForPass"
$pdu.execCommand "$*"
echo "$($pdu.get buf)"
$pdu.disconnect
Link copied. Please paste this link to share this article on your social media post.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2024-05-18 02:03 AM
Hello Bob
Could you send me the scripts/library please?
Thank you
Link copied. Please paste this link to share this article on your social media post.
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.