We want to run commands on our network devices via SSH from within a powershell script. I know that we can do:
ssh [email protected]
But this is interactive and requires you to accept the RSA key into your known host and stuff. So we were using PoshSSH as a module to achieve our goal in the past. But we have some issues with PoshSSH and were wondering after all these years, if there is a native solution within powershell that achieves the same result without installing a module?
Assuming these devices are not brand new out of box, their RSA hostkeys will be static, which means you can (and I would say should) keep a persistent known_hosts file that your script can use.
Gather the hostkeys for all devices (using
ssh-keyscanif needed), put the file on a network share (or next to the script), usessh -o GlobalKnownHostsFile=to have everyone's scripts access it.(Hostkeys are a security measure – if your script just blindly sends the password to any unknown device, what's to stop someone from replacing a device with one that collects the passwords it receives, and gaining access to potentially all such devices in your network?)
The other source of interactivity would be the password entry, but that also can be solved using a RSA user keypair that's uploaded to all devices.
No; Microsoft chose to bundle OpenSSH with Windows instead of creating their own SSH client implementation – even PSRemoting-over-SSH uses the
sshprogram.Did you read the manual?. The
sshcommand on MS-Windows is the openssh client which provides a HUGE amount of flexibility. If you don't want it to verify the HOST key, then tell it not to verify the host key. If you want to run a specific command in the ssh session, then specify a command to run in the ssh session.