Monthly Archives: March 2021

How configure ssh_config for windows openssh client, for example for PubkeyAcceptedKeyTypes=+ssh-dss

March 17, 2021 by Munkhtuvshin Baatar
No comments

Since win10 you have openssh ssh.exe in

C:\Windows\System32\OpenSSH

So to use passwordless ssh connection you maybe need to provide ssh.exe “PubkeyAcceptedKeyTypes=+ssh-dss”

For this you can create ssh_config file anywhere (for example in c:\users\yourname\.ssh near your id_dsa private key file) with only one line:

PubkeyAcceptedKeyTypes=+ssh-dss

so now you can:

ssh yourname@1.1.1.1 -F "c:\users\yourname\.ssh\ssh_config"

where 1.1.1.1 for example your ssh server, san_switch, HPE virtual connect manager, nimble storage and so on

ps
the same is true for openssh server installed from home site on win2016 server
only ssh.exe file will be in
“C:\Program Files\OpenSSH-Win64” (by default installation)… Read the rest

Allow for new user of FC san switch to use passwordless access

March 15, 2021 by Munkhtuvshin Baatar
No comments

on SAN switch run:

sshutil allowuser moguy
sshutil importpubkey

if your san switch cannot importpubkey, in other words access back to your windows admin workstation over wcp for pub key file due to the lack of firewall access, then download openssh package and install it on windows pc in the storage array environment/subnet, copy to c:\users\moguy\.ssh\ folder of this jump server/adminpc id_dsa.pub and using sshutil importpubkey download/import/install pub key from this openssh server (not from originally generated admin workstation). For example if you installed openssh on windows with 1.1.1.1:22, then:

san_switch_00:moguy@itforce.local> sshutil importpubkey
Enter user name for whom key is
Read the rest

Generate pub and private ssh keys for passwordless ssh access

March 15, 2021 by Munkhtuvshin Baatar
No comments 
in the linux (for windows users i highly recommend to install WSL2 with shared C and D disk file system among win10 and ubuntu; your existing network firewall ACL of main admin workstation to brocade is enough, WSL will NAT your linux) run below command:
ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/moguy/.ssh/id_dsa):
/home/moguy/.ssh/id_dsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/moguy/.ssh/id_dsa.
Your public key has been saved in /home/moguy/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:NW9kX0RJNKDza22347348734123984794721ppqXegwtY moguy@ws008-101.itforce.local
The
Read the rest

Add passwordless ssh access for brocade san switch

March 15, 2021 by Munkhtuvshin Baatar
No comments
  1. on administrator workstation generate pub and private ssh keys
  2. on brocade san switch create new user
  3. on brocade san switch allow for above new user to use passwordless access and import into brocade switch previouosly generated pub key for ssh access (the brocade user name should be the same as in public key, as initial linux system user name)

 

now you can script multiple san brocade san switches , for example to get WWN of each switch from both fabrics, from bash of linux/WSL:

inputline="san_switch_12.itforce.local san_switch_13.itforce.local san_switch_14.itforce.local san_switch_15.itforce.local san_switch_16.itforce.local san_switch_17.itforce.local san_switch_18.itforce.local san_switch_19.itforce.local san_switch_22.itforce.local san_switch_23.itforce.local san_switch_24.itforce.local san_switch_25.itforce.local san_switch_26.itforce.local san_switch_27.itforce.local san_switch_28.itforce.local
Read the rest

Use powershell module to automate Nimble storage administration

March 15, 2021 by Munkhtuvshin Baatar
No comments

Install Nimble module for powershell

Install-Module -Name HPENimblePowerShellToolkit -RequiredVersion 3.0.0

Use below script to connect to nimble SAN storage, and create LUN, Access InitiatorGroup and assign the LUN access group

import-module HPENimblePowerShellToolkit
#this section for inputs, what should be changed
$arrayname = "nimble-group02.itforce.local"
$nm_uid = "admin"
$nm_password = ConvertTo-SecureString -String "[your-password]" -AsPlainText -Force
$nm_cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $nm_uid,$nm_password
Connect-NSGroup -group $arrayname -credential $nm_cred -IgnoreServerCertificate

# The following commands are used if creating an FC connection
$servername="cbuat"
$wwn01="50:01:43:80:26:66:b2:e4"
$wwn02="50:01:43:80:26:66:b2:e6"
$volumename="cbuat-lun001"

$port0=$servername+"_p1"
$port1=$servername+"_p2"
$description="Initiator Group for ”+$servername
$performancepolicyid=Get-NSPerformancePolicy -name default | select -ExpandProperty id

New-NSInitiatorGroup –name $servername –access_protocol fc –description
Read the rest