• Skip to primary navigation
  • Skip to main content
Carbon60

Carbon60

The Managed Cloud Difference

  • Show Search
  • Contact Us
  • Get Started
Hide Search
  • Cloud Adoption
    Cloud Adoption

    Starting or continuing on your cloud journey — whether public, private or hybrid — is a complex undertaking. But no matter your company size or industry, our cloud consulting experts can help with end-to-end solutions to plan, migrate and operate your business in the cloud.

    • Cloud Readiness Assessment

      Chart a new course for your IT environment with a Cloud Readiness Assessment. With a proven process, we take into consideration your technology, people and business strategy and tailor a public, private or hybrid cloud environment that will set your organization up for success.

      Learn more
    • Cloud Migration Services

      Cloud migration can transform your business and give you a competitive edge – when done properly. Our cloud experts will help you move complex workloads to the right cloud environment, the right way – tailored for your specific needs.

      Learn more
    • Cloud Launchpad
    • Modernization
    • Cloud Security & Compliance
  • Managed Cloud
    Managed Cloud

    Get the most out of the cloud and keep your IT team out of the weeds. Gain predictability and control around security, compliance, agility, reliability, performance – and cost – by tapping into our standard-setting managed cloud services.

    • Managed Private Cloud

      Safe, stable, fast, compliant, secure and fully managed – get a reliable and data sovereign cloud infrastructure platform for your applications.

      Learn more
    • Managed Public Cloud

      Experience matters. Whether you choose Managed AWS, Azure or Google Cloud, we can take care of the heavy lifting while you focus on your business.

      Learn more
    • Cloud Backup
    • Cloud Disaster Recovery
    • Security
    • Managed Public Cloud
    • Cloud Disaster Recovery
    • Applications
  • Industries
    Industries

    When it comes to financial services, healthcare, public sector and technology – there is simply no room for error or uncertainty when it comes to data security and compliance. There are specific and important considerations that we are well-versed in navigating. We’re trusted by governments and organizations to safely house mission-critical functions every day.

    • Financial Services

      Increase go-to-market speed, while meeting SOC2, PCI-DSS and OSFI B10 regulatory and organizational obligations.

      Learn more
    • Healthcare

      Get secure, scalable high-performance data, while improving the patient experience and addressing every compliance and privacy requirement.

      Learn more
    • Public Sector
    • Technology
  • Partners
    Partners

    Simply put – the right technology and the right platform is the one that’s right for your business. We’re highly certified and experienced in the major public clouds – so regardless of complexity, customization or preference – we’re well-equipped to have your back every step of the way.

    • AWS

      AWS Premier Partner with 100+ AWS certifications and counting.

      Learn more
    • Microsoft Azure

      Gold Microsoft Azure Partner with core competencies and certifications.

      Learn more
    • Google Cloud
    • VMware
  • Insights
    Insights

    Sharing knowledge and expertise is a big part of how we’ve evolved - and how we help our customers.

    • Blog

      Stay up to date with the latest trends and developments in the fast-moving world of digital transformation.

      Read
    • Events

      Make sure to join us for our next event and connect with cloud experts who have a lot to share.

      Attend
    • Resources

      Your toolkit to do a deeper dive with case studies, info sheets, checklists and more.

      Explore
  • About
    About

    We’re on a mission to bring digital transformation to more businesses, by making forward-thinking cloud strategy – and high-performance cloud services – more accessible.

    • Leadership

      Meet the leadership team who are driving our vision forward.

      Learn more
    • About Carbon60

      Learn more about who we are, and how we help our customers evolve with confidence.

      Learn more
    • Careers
    • News
  • Contact Us
  • Get Started

PowerShell SSH Module for Nonstandard Devices Like Cisco ASA

October 28, 2014

So I needed to automate some configuration tasks on a Cisco ASA firewall, and thought it will be an easy task since it has an SSH interface. But after a couple of failed tries and some searching on the web, I realized that I could not use the standard SSH command mode to access the ASA and that the only working and reliable solution out there (that I found) was on this post: “How to automate scripted commands to a Cisco ASA via ssh“. However, it relies on the “Expect” Linux command, and in my case, I preferred to execute the script directly from the System Center Orchestrator machine, which is windows based. Some blogs mentioned the windows Plink.exe command as an option too, this solution worked but it did not allow to do validations and extra logic during the script execution, as the script is sent to the device in one block. I also found this PowerShell module “SSH from PowerShell using the SSH.NET library” that sounded promising at first, but works with the standard SSH command and when trying to use it, I was not able to connect to my ASA firewall.
Finally, I decided to develop my own PowerShell module base on the SSH.Net library, but unlike the above module, I will be using only the SSH shell stream to interact with the device. The tricky part of working with shell stream is that there is no notification when a command execution is completed. One way to overcome this is by checking for available data on the output stream. Most of the commands’ script are easy to handle because it is valid to assume that the command execution is completed as soon as there is something in the output stream. The problem is that this assumption is not true for long-running commands that report their progress during the execution. To support this kind of commands I needed to add support for specifying a timeout before assuming the command was completed and also allow to specify a regular expression to ignore progress messages when waiting for the command output. The module also handle cleaning extra BS(u0008) characters from the output stream. That noise characters usually appeared when executing a long command.

Proof of concept – script to create a new network object:

[code language=”powershell”]
Import-Module SshShell

$elevatedPrompt = "#.$"
$configPrompt = "(config)#.$"
$objectPrompt = "object)#.$"

$s = New-SshSession -SshHost $asaIP -User $user -Password $password
Send-SshCommand $s "enable" -Expect "Password:"
Send-SshCommand $s "$elevatedPassword" -Expect $elevatedPrompt

Send-SshCommand $s "show run object id $objectId" -Expect $elevatedPrompt

if ($s.LastResult -match "does not exist") {
Send-SshCommand $s "conf t" -Expect $configPrompt
Send-SshCommand $s "object network $objectId" -Expect $objectPrompt
Send-SshCommand $s "description $description" -Expect $objectPrompt
Send-SshCommand $s "host $hostIP" -Expect $objectPrompt
Send-SshCommand $s "end" -Expect $elevatedPrompt
Send-SshCommand $s "write mem" -Expect "[OK]" -WaitUnlimitedOn "configuration…|Cryptochecksum|copied"
}

Close-SshSession $s
[/code]

Notes:

  • These PowerShell variables are prepopulated with values and have self-explanatory names: $asaIP, $user, $password, $elevatedPassword, $objectId, $description, $hostIP.
  • The value of the “Expect” parameter is a regular expression. If the result of the command doesn’t match that expression an exception will be thrown.
  • To access the result of the Send-SshCommand cmdlet you can either use the cmdlet output or use one of the session variable properties: LastResult, LastResultLine or AllResult.

To deploy the module, just copy the SshShell folder to one of the PSModulePath values (for Orchestrator server copy it to “SystemRoot%SysWOW64WindowsPowerShellv1.0Modules”) and make sure the dll files are not blocked. The module works with PowerShell 2.0 and require .net framework 3.5.

Download the module and the source

IT Advice Orchestrator, PowerShell, System Center

Related posts

Validating User Resources for Deploying a Service Template

October 1, 2012

Executing System Center Orchestrator 2012 Runbooks from C#

August 15, 2012

Integrating SharePoint with Service Management Automation (SMA)

February 18, 2015

Subscribe to receive Carbon60 news

Stay up to date on insights, blog articles, events and services from Carbon60 delivered to your inbox.

Subscribe
Carbon60
  • Cloud Adoption
    • Cloud Readiness Assessment
    • Cloud Migration Services
    • Cloud Launchpad
    • Modernization
    • Cloud Security & Compliance
  • Managed Cloud
    • Managed Private Cloud
    • Managed Public Cloud
    • Cloud Backup
    • Cloud Disaster Recovery
    • Security
    • Applications
  • Industries
    • Financial Services
    • Healthcare
    • Public Sector
    • Technology
Follow us on LinkedIn Follow us on Twitter Follow us on YouTube

© Copyright Carbon60 2023

  • Privacy Policy
  • Terms & Conditions
  • Contact Us