SSH login to XG with powershell

Hello Community,

has anybody a working Powershell script to connect to the XG Firewall? I'm testing with POSH-SSH module. If I try to connect to the XG with this command "New-SSHSession -ComputerName firewall" I get after entering my credentials this (german) error message: "Die angegebene Methode wird nicht unterstützt".

Connecting via PuTTY or build in Windows ssh command is no problem. My idea is to automate some setup things on CLI like to set to UDP timeout and so on.

Thanks,

Ben



Added TAG
[edited by: emmosophos at 10:49 PM (GMT -7) on 10 Aug 2021]
Parents
  • Why are u trying to connect via "New-SSHSession" just type ssh username@hostIp and done :) although new-sshsession isnt a native command.

    Install-Module 'Posh-SSH'
    Import-Module 'Posh-SSH'

    But for my understanding this isnt a regular ssh for any connection. I thing this is for MS systems ?

    __________SETUP___________

    HP Small Form Factor:  i5 4Cores, 8Gb of RAM.
    Intel Network Card 5x Eth
    SSD: 256Gb

Reply
  • Why are u trying to connect via "New-SSHSession" just type ssh username@hostIp and done :) although new-sshsession isnt a native command.

    Install-Module 'Posh-SSH'
    Import-Module 'Posh-SSH'

    But for my understanding this isnt a regular ssh for any connection. I thing this is for MS systems ?

    __________SETUP___________

    HP Small Form Factor:  i5 4Cores, 8Gb of RAM.
    Intel Network Card 5x Eth
    SSD: 256Gb

Children
  • Hello all,

    I wrote a script to execute commands on XG with PowerShell. This script uses only the Windows build in ssh command, and it works very well with public key authentication on XG. 

    param (
        [string]$Command = "show date",
        [string]$Firewall = "172.16.16.16",
        [switch]$AdvancedShell,
        [switch]$yes
    )
    
    $outfile = "${env:TEMP}\_${Firewall}.txt"
    $output = $false
    $add_yes = ""
    
    if ($yes) {
        $add_yes = "y`r"
    }
    
    $keyword = $Command.Split(" ")[0]
    
    if ($AdvancedShell) {
        $cmd_exec ="5`r3`r${Command}`rexit`r0`r0"
        $search_start = "# ${keyword}" 
        $search_end = "# exit"
    } else {
        $cmd_exec ="4`r${Command}`r${add_yes}exit`r0"
        $search_start = "> ${keyword}" 
        $search_end = "> exit"
    }
    
    $cmd_exec | ssh admin@${Firewall} -tt > $outfile 2>$Null
    
    foreach ($line in get-content $outfile) {
        if ($line -like "*${search_start}*") {
        $output = $true 
        } 
        if ($line -like "*${search_end}*") {
            $output = $false
        }
        if ($output) {
        $line
        }
    }

    
    

    Examples for usage:

    To set the udp-timeout-stream on XG:
    .\execute-FirewallCommand.ps1 -Firewall 192.168.17.1 -Command "set advanced-firewall udp-timeout-stream 150"
    To disable the capcha for VPN login (you have to add '-yes' for the question):
    .\execute-FirewallCommand.ps1 -Firewall 192.168.17.1 -Command "system captcha-authentication-vpn disable" -yes
    To execute a command on the advanced shell:
    .\execute-FirewallCommand.ps1 -Firewall 192.168.17.1 -AdvancedShell -Command "ls -la *.pid"
    I hope that the script helps someone. 

    Ben


    Formatting
    [edited by: Ben@Network at 12:15 PM (GMT -7) on 14 Oct 2021]