Projects > Basic SSH Send Commands

Description

This script enables quick automation of devices without having to put together a script each time. This could be used to gather data for troubleshooting purposes or deploying one off changes to a group of devices.

The Code


#Created by Brian Winning Jr. https://www.brianwinning.com/
#Script Name: Basic SSH Send Commands
#Description: This script enables quick automation of devices without having to put together a script each time. This could be used to gather data for troubleshooting purposes or deploying one off changes to a group of devices.
#Version: 1.4
import datetime, getpass, yaml, paramiko, sys
from netmiko import ConnectHandler
requiredmodules = ['datetime', 'getpass', 'yaml', 'paramiko', 'netmiko']
for requiredmodule in requiredmodules:
	if requiredmodule not in sys.modules:
		print (requiredmodule, ' is not installed. Please install using "pip3 install', requiredmodule, '"')
		exit()
username = input ('Username: ')
userpass = getpass.getpass ('Password: ')
confirmuserpass = getpass.getpass ('Confirm Password: ')
if confirmuserpass != userpass:
	exit('Passwords do not match, exiting script please try again. Executing the wrong password when executing this script could cause your account to become locked out.')
print ("""
Popular Device Types: 
Cisco ASA: cisco_asa
Cisco IOS: cisco_ios
Cisco IOS XE: cisco_xe
Cisco IOS XR: cisco_xr
Cisco Nexus: cisco_nxos
F5 LTM: f5_ltm
F5 TMSH: f5_tmsh
F5 Linux: f5_linux
Juniper: juniper_junos
Linux: linux
Other: generic
Palo Alto: paloalto_panos

All Device Types:

a10, accedian, adtran_os, alcatel_aos, alcatel_sros, apresia_aeos, arista_eos, aruba_os, aruba_osswitch, aruba_procurve, avaya_ers, avaya_vsp, broadcom_icos, brocade_fastiron, brocade_netiron, brocade_nos, brocade_vdx, brocade_vyos, checkpoint_gaia, calix_b6, centec_os, ciena_saos, cisco_asa, cisco_ftd, cisco_ios, cisco_nxos, cisco_s300, cisco_tp, cisco_wlc, cisco_xe, cisco_xr, cloudgenix_ion, coriant, dell_dnos9, dell_force10, dell_os6, dell_os9, dell_os10, dell_powerconnect, dell_isilon, dlink_ds, endace, eltex, eltex_esr, enterasys, extreme, extreme_ers, extreme_exos, extreme_netiron, extreme_nos, extreme_slx, extreme_vdx, extreme_vsp, extreme_wing, f5_ltm, f5_tmsh, f5_linux, flexvnf, fortinet, generic, generic_termserver, hp_comware, hp_procurve, huawei, huawei_smartax, huawei_olt, huawei_vrpv8, ipinfusion_ocnos, juniper, juniper_junos, juniper_screenos, keymile, keymile_nos, linux, mikrotik_routeros, mikrotik_switchos, mellanox, mellanox_mlnxos, mrv_lx, mrv_optiswitch, netapp_cdot, netgear_prosafe, netscaler, nokia_sros, oneaccess_oneos, ovs_linux, paloalto_panos, pluribus, quanta_mesh, rad_etx, raisecom_roap, ruckus_fastiron, ruijie_os, sixwind_os, sophos_sfos, tplink_jetstream, ubiquiti_edge, ubiquiti_edgerouter, ubiquiti_edgeswitch, ubiquiti_unifiswitch, vyatta_vyos, vyos, watchguard_fireware, zte_zxros, yamaha

""")
alldevicetypes = ['a10', 'accedian', 'adtran_os', 'alcatel_aos', 'alcatel_sros', 'apresia_aeos', 'arista_eos', 'aruba_os', 'aruba_osswitch', 'aruba_procurve', 'avaya_ers', 'avaya_vsp', 'broadcom_icos', 'brocade_fastiron', 'brocade_netiron', 'brocade_nos', 'brocade_vdx', 'brocade_vyos', 'checkpoint_gaia', 'calix_b6', 'centec_os', 'ciena_saos', 'cisco_asa', 'cisco_ftd', 'cisco_ios', 'cisco_nxos', 'cisco_s300', 'cisco_tp', 'cisco_wlc', 'cisco_xe', 'cisco_xr', 'cloudgenix_ion', 'coriant', 'dell_dnos9', 'dell_force10', 'dell_os6', 'dell_os9', 'dell_os10', 'dell_powerconnect', 'dell_isilon', 'dlink_ds', 'endace', 'eltex', 'eltex_esr', 'enterasys', 'extreme', 'extreme_ers', 'extreme_exos', 'extreme_netiron', 'extreme_nos', 'extreme_slx', 'extreme_vdx', 'extreme_vsp', 'extreme_wing', 'f5_ltm', 'f5_tmsh', 'f5_linux', 'flexvnf', 'fortinet', 'generic', 'generic_termserver', 'hp_comware', 'hp_procurve', 'huawei', 'huawei_smartax', 'huawei_olt', 'huawei_vrpv8', 'ipinfusion_ocnos', 'juniper', 'juniper_junos', 'juniper_screenos', 'keymile', 'keymile_nos', 'linux', 'mikrotik_routeros', 'mikrotik_switchos', 'mellanox', 'mellanox_mlnxos', 'mrv_lx', 'mrv_optiswitch', 'netapp_cdot', 'netgear_prosafe', 'netscaler', 'nokia_sros', 'oneaccess_oneos', 'ovs_linux', 'paloalto_panos', 'pluribus', 'quanta_mesh', 'rad_etx', 'raisecom_roap', 'ruckus_fastiron', 'ruijie_os', 'sixwind_os', 'sophos_sfos', 'tplink_jetstream', 'ubiquiti_edge', 'ubiquiti_edgerouter', 'ubiquiti_edgeswitch', 'ubiquiti_unifiswitch', 'vyatta_vyos', 'vyos', 'watchguard_fireware', 'zte_zxros', 'yamaha']
while True:
	devicetype = input ('Specify device type: ')
	if devicetype not in alldevicetypes:
		print ('Invalid device type entered, please try again.')
	else:
		break
devices = input ('Enter the device names seperated by a comma ",": ')
devices2 = devices.split(',')
commands = input ('Enter the operational commands you want to execute followed by a comma ",": ')
config_commands = input('Enter the configuration commands you want to send if any seperated by a comma ",": ')
if len(config_commands)!=0:
	after_config_commands = input('Enter the operational commands you want to execute after the configuration commands seperated by a comma ",": ')
	after_config_commands2 = after_config_commands.split(',')
else:
	after_config_commands2 = ['']
commands2 = commands.split(',')
config_commands2 = config_commands.split(',')
print('')
print('')
while True:
	print ('The operational commands: ',  commands2, ', configuration commands:',config_commands2, ', and after configuration operational commands: ', after_config_commands2, ' will be run against the following devices in the order that they are entered ', devices2)
	approvaltoproceed = input ('Would you like to proceed? Type yes or no: ')
	if 'yes' in approvaltoproceed:
		print('Proceeding to send commands, this may take a few seconds before you start to see output.')
		for device in devices2:
			try:
				net_connect = ConnectHandler(device_type=devicetype, host=device, username=username, password=userpass)
				for sendcommand in commands2:
					output = net_connect.send_command(sendcommand)
					print ('#'*80)
					print(device, sendcommand)
					print(str(datetime.datetime.now()))
					print ('#'*80)
					print (output)
					print ('#'*80)
					print ('')
					print ('')
				config_command_output = net_connect.send_config_set(config_commands2)
				print ('#'*80)
				print(device, config_commands2)
				print(str(datetime.datetime.now()))
				print ('#'*80)
				print (config_command_output)
				print ('#'*80)
				print ('')
				print ('')
				for afterconfigcommand in after_config_commands2:
					after_config_command_output = net_connect.send_command(afterconfigcommand)
					print ('#'*80)
					print(device, afterconfigcommand)
					print(str(datetime.datetime.now()))
					print ('#'*80)
					print (after_config_command_output)
					print ('#'*80)
					print ('')
					print ('')
			except paramiko.SSHException:
				print ('Connection faled against:  ', device)
			except Exception:
				print ('Could not connect to ' , device, '.')
				pass
				continue
	elif 'no' in approvaltoproceed:
		print('Action cancelled by user, exiting script. No commands run against the devices.')
		exit()
	else:
		print('Invalid response entered, please try again.')

Example Run

Note: This is simply an example against fictious Cisco IOS devices. Actual output may vary depending on device type, version, etc. While this example shows only two devices, many like devices could be specified.


python3 basic_ssh_send_commands.py

Username: username
Password: 
Confirm Password: 

Popular Device Types: 
Cisco ASA: cisco_asa
Cisco IOS: cisco_ios
Cisco IOS XE: cisco_xe
Cisco IOS XR: cisco_xr
Cisco Nexus: cisco_nxos
F5 LTM: f5_ltm
F5 TMSH: f5_tmsh
F5 Linux: f5_linux
Juniper: juniper_junos
Linux: linux
Other: generic
Palo Alto: paloalto_panos

All Device Types:

a10, accedian, adtran_os, alcatel_aos, alcatel_sros, apresia_aeos, arista_eos, aruba_os, aruba_osswitch, aruba_procurve, avaya_ers, avaya_vsp, broadcom_icos, brocade_fastiron, brocade_netiron, brocade_nos, brocade_vdx, brocade_vyos, checkpoint_gaia, calix_b6, centec_os, ciena_saos, cisco_asa, cisco_ftd, cisco_ios, cisco_nxos, cisco_s300, cisco_tp, cisco_wlc, cisco_xe, cisco_xr, cloudgenix_ion, coriant, dell_dnos9, dell_force10, dell_os6, dell_os9, dell_os10, dell_powerconnect, dell_isilon, dlink_ds, endace, eltex, eltex_esr, enterasys, extreme, extreme_ers, extreme_exos, extreme_netiron, extreme_nos, extreme_slx, extreme_vdx, extreme_vsp, extreme_wing, f5_ltm, f5_tmsh, f5_linux, flexvnf, fortinet, generic, generic_termserver, hp_comware, hp_procurve, huawei, huawei_smartax, huawei_olt, huawei_vrpv8, ipinfusion_ocnos, juniper, juniper_junos, juniper_screenos, keymile, keymile_nos, linux, mikrotik_routeros, mikrotik_switchos, mellanox, mellanox_mlnxos, mrv_lx, mrv_optiswitch, netapp_cdot, netgear_prosafe, netscaler, nokia_sros, oneaccess_oneos, ovs_linux, paloalto_panos, pluribus, quanta_mesh, rad_etx, raisecom_roap, ruckus_fastiron, ruijie_os, sixwind_os, sophos_sfos, tplink_jetstream, ubiquiti_edge, ubiquiti_edgerouter, ubiquiti_edgeswitch, ubiquiti_unifiswitch, vyatta_vyos, vyos, watchguard_fireware, zte_zxros, yamaha


Specify device type: cisco_ios
Enter the device names seperated by a comma ",": device1.example.com,device2.example.com
Enter the operational commands you want to execute followed by a comma ",": show run | inc http
Enter the configuration commands you want to send if any seperated by a comma ",": no ip http server,no ip http secure-server
Enter the operational commands you want to exectute after the configuration commands seperated by a comma ",": wr,show run | inc http, show ip http server


The operational commands:  ['show run | inc http'] , configuration commands: ['no ip http server', 'no ip http secure-server'] , and after configuration operational commands:  ['wr', 'show run | inc http']  will be run against the following devices in the order that they are entered  ['device1.example.com', 'device2.example.com']
Would you like to proceed? Type yes or no: yes
Proceeding to send commands, this may take a few seconds before you start to see output.
################################################################################
device1.example.com show run | inc http
2021-02-15 20:40:22.150364
################################################################################
ip http server
ip http secure-server
################################################################################


################################################################################
device1.examplecom ['no ip http server', 'no ip http secure-server']
2021-02-15 20:40:32.023714
################################################################################
configure terminal
device1(conf)#no ip http server
device1(conf)#no ip http secure-server
device1(conf)#end
device1#
################################################################################


################################################################################
device1.example.com wr
2021-02-15 20:40:35.311612
################################################################################
!

################################################################################


################################################################################
device2.example.com show run | inc http
2021-02-15 20:40:36.353632
################################################################################
no ip http server
no ip http secure-server
################################################################################


################################################################################
device2.example.com ['no ip http server', 'no ip http secure-server']
2021-02-15 20:40:55.311523
################################################################################
configure terminal
device2(conf)#no ip http server
device2(conf)#no ip http secure-server
device2(conf)#end
device2#
################################################################################


################################################################################
device2.example.com wr
2021-02-15 20:40:59.020303
################################################################################
!

################################################################################


################################################################################
device2.example.com show run | inc http
2021-02-15 20:40:59.777247
################################################################################
no ip http server
no ip http secure-server
################################################################################


Features

  • - Checks for required python modules before looping through script.
  • - Prompts user for credentials for connecting to devices. Allow's user to specify their own credentials or specify local credentials without requiring credentials to be stored.
  • - Prompts user to confirm their password before continuing to prevent a bad run and potential account lockout.
  • - Prompts user for the device type to optimize the experience in Netmiko. Input is checked to ensure validity.
  • - Prompts user for the devices to connect to, multiple devices can be defined by seperating them with a comma.
  • - Prompts user for operational commands to send to the device(s). Multiple commands can be defined by seperating them with a comma. Commands are sent to the device in the order they are entered.
  • - Prompts user for configuration commands to secnd to the device(s). Multiple commands can be defined by seperating them with a comma. Commands are sent to the device in the order they are entered.
  • - Prompts user for operational commands to send after any configuration commands, if anything was entered in that input field. Multiple commands can be defined by seperating them with a comma. Commands are sent to the device in the order they are entered.
  • - User is shown the actions about to be performed based on their input. They then must select yes to proceed or no to kill the script. Invalid responses are validated.
  • - Output is cleanly divided and shown to the user.
  • - Timestamped output for each action against a device. This can aid in troubleshooting of network events related to your change and for auditing purposes.
  • - Basic error catching.

Download




Download Verification:
  • SHA-512: d20da879b8ad319536b6742a2850533f0988e314db720d7e0e2015f5b5760088646166ad9005ac9c22ab3e0755e5c65233a89d0385b716b7fb11f55a46e6852f
  • SHA-256: 7f1c834e36bc803602f67aa3d3786a047f0878e9919738c9b6425efde7a4eaed
  • SHA1: ae273d4c9627c8d449a8e03a59a143d88bef1bce
  • MD5: 6e2bf561a500c7f43a921444e5a5f4d0

  • Version 1.4: Added confirm password input field which will exit the script if the passwords do not match. This will help to prevent account lockout issues if you enter the incorrect password. Released February 19th 2021
  • Version 1.3: Added input field for configuration commands to use netmiko's send_config_set function, added an additional send_command input field to send operational commands post-config changes, and added datetime stamps under each command action for event correlation. Released February 15th 2021.
  • Version 1.2: First public release, January 20th 2021.

Disclaimer

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.