21 Replies Latest reply on Mar 1, 2016 4:35 AM by silverbacksays

    How do you access your switches/routers with SSH?

    rschroeder

      Let's say you've got 500+ switches & routers & devices you want to SSH to.

       

      What tool do you use to open a quick & easy SSH session to the right device?

       

      What tool makes it easy for you to quickly find the right device by name or IP address (or by something else?), and then open that SSH session to it?

       

      I've tried Secure-CRT and Putty Connection Manager.  Neither are quick & easy to setup that many devices, although you can import a .csv file if you've got one.  Suppose you don't?  What do you use?

        • Re: How do you access your switches/routers with SSH?
          superfly99

          I used to use Secure-CRT and now use ZOC. Both are as good as the other. And both need you to plug in all the information. Once it's all set up, it's easy to keep up to date. But the initial configuration is a pain.

           

          One thing I've also done is set Solarwinds up so that when I'm on a device I can click on the Telnet link in Node Details and it will automatically open ZOC and telnet to the device. Actually I just realised that it doesn't open it up as SSH.

          • Re: How do you access your switches/routers with SSH?
            Mohamed Hasan

            Hi , I'm using secure CRT it's really good you can configure once your devices one by one and configuring the crediabtials.

             

            i would like to suggest you using SolarWinds NCM product u can use it for SSH access and configure your credantiails once , More over you can push the same configuration at once by creating script templates and select the network devices and push it at once.

             

             

            Best Regareds

            • Re: How do you access your switches/routers with SSH?
              John Handberg

              I mostly use SSH Secure Shell.  www.ssh.com.   We don't have a ton of devices though so I have not run into a limit yet.

               

              At one time I tried to get NPM or NCM's old telnet link to fire up an ssh program directly, but never got it working.  Now that link isn't even there in the products.  That would be the other wish list item.  Click something in a node to directory fire up SSH to that node.  Of course, that link or ability would need to be able to be limited to the proper admins.  I wouldn't even want to see failed attempts of someone not authorized clicked that link. 

              • Re: How do you access your switches/routers with SSH?
                texasdivers

                I use mRemoteNG as my main tool for SSH. You can create folders for your connections and it is tabbed at the top when you open a connection so you can switch between the tabs. Also it does other protocols such as rdp, http/https and vnc as well. Very good tool for sure. Once your setup has been entered in you can share the xml file and others can import it.

                 

                mRemoteNG

                1 of 1 people found this helpful
                • Re: How do you access your switches/routers with SSH?
                  ecklerwr1

                  For command line on windows I use putty (it also has small nice gui)... it's free and it works with every type of ssh configuration under the sun including with using keypairs and also allow passing Xwindows thru ssh:  Download PuTTY - a free SSH and telnet client for Windows

                  putty is the quick and dirty ssh client for windows... all the features and zero of the fluff!  Also you can save all of your clients in the one click list or make shortcuts.   If you're using keypairs then you can just doubleclick your shortcut and not even have to enter credentials... well for unix at least.  I use putty with everything ssh from windows.

                   

                  Of course on unix and linux I use built in ssh.  For many of us there really isn't anything else... we can't use any plaintext network protocols anymore.... no more telnet, rsh, ftp, etc.

                  1 of 1 people found this helpful
                    • Re: How do you access your switches/routers with SSH?
                      rschroeder

                      I use Putty, too.  Still looking for a way to get it to work quickly with NPM while hovering over a node's icon, though.  Or an easy way to get Orion's Telnet link to use SSH. 

                        • Re: How do you access your switches/routers with SSH?
                          RichardLetts

                          see How to customize your ssh and telnet buttons to open your ssh client in the node details of NPM

                           

                          in my environment I have to pass through a jump/bastion host to reach routers. In order to do this (using putty)

                          1. Setup putty and your jump host so you can logon to your jump host using a ssh key (I load this into pagent at the start of my day)

                           

                          2. Setup a putty profile for a new jump host entry (e.g. jumphost)

                               on the Connection –> Proxy page, select “Local” as the proxy type enter the following as the local proxy command: plink.exe jumphostname -l username -agent -nc %host:%port

                          replace jumphostname and username with your actual jump host name and user name

                           

                          3. Use the following registry file

                          REGEDIT4
                          
                          [HKEY_CLASSES_ROOT\ssh]
                          @="URL:ssh2 Protocol"
                          "EditFlags"=dword:00000002
                          "FriendlyTypeName"="@C:\\Windows\\System32\\ieframe.dll,-907"
                          "URL Protocol"=""
                          
                          [HKEY_CLASSES_ROOT\ssh\DefaultIcon]
                          @="C:\\Windows\\System32\\url.dll,0"
                          
                          [HKEY_CLASSES_ROOT\ssh\shell]
                          
                          [HKEY_CLASSES_ROOT\ssh\shell\open]
                          
                          [HKEY_CLASSES_ROOT\ssh\shell\open\command]
                          @="\"C:\\Program Files (x86)\\PuTTY\\putty.exe\" -ssh -load \"jumphost\" %1:22"
                          
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
                          "PresentationHost.exe"=dword:00000001
                          "iexplore.exe"=dword:00000000
                          
                          [HKEY_CLASSES_ROOT\telnet]
                          @="URL:telnet Protocol"
                          "EditFlags"=dword:00000002
                          "FriendlyTypeName"="@C:\\Windows\\System32\\ieframe.dll,-907"
                          "URL Protocol"="
                          
                          [HKEY_CLASSES_ROOT\telnet\DefaultIcon]
                          @="C:\\Windows\\System32\\url.dll,0"
                          
                          [HKEY_CLASSES_ROOT\telnet\shell]
                          
                          [HKEY_CLASSES_ROOT\telnet\shell\open]
                          
                          [HKEY_CLASSES_ROOT\telnet\shell\open\command]
                          @="\"C:\\Program Files (x86)\\PuTTY\\putty.exe\" -ssh -load \"jumphost\" %1:22"
                          

                           

                           

                          now, when putty starts it will load the profile, including the proxy, and allow you to ssh directly from the links in NPM

                            • Re: How do you access your switches/routers with SSH?
                              rschroeder

                              We use Secure-CRT and Putty Connection Manager.  Neither are easy enough, in my opinion, simply due to the tedious work of getting all our nodes into each one.

                               

                              Ideally I’d like an Orion map with all of my 750 nodes on it.  All nodes would change color as their status changed.  Right-Click on a node and you’d get a drop-down of options, including SSH (via your favorite tool), shortcuts to the node’s NPM page and NCM page and various other Orion tools—including the Toolset tools.

                               

                              Maybe one day Solarwinds will come up with this.  I had it back in the ‘90’s on an all 3Com network, and I made it work with HP OpenView in an all Cisco Network around 2000. 

                               

                              Of course, Nortel’s ESM could do the same thing for Nortel boxes, and it had JDM to boot.

                        • Re: How do you access your switches/routers with SSH?
                          jpashton

                          I currently use Secure CRT and PuTTY.  Secure CRT has options to make it the default SSH program and works with NPM's SSH button. 

                          • Re: How do you access your switches/routers with SSH?
                            sparda963

                            We use Putty CM. We have all of our switches and routers setup in it. It works nicely for us.

                            • Re: How do you access your switches/routers with SSH?
                              branfarm

                              I'd recommend checking out RoyalTS.   Our team has used it for years and it works great.

                              • Re: How do you access your switches/routers with SSH?
                                dhanson

                                I use SecureCRT to login to a Linux machine that we use as a management jump box. From there, I have configured CLOGIN, an automated login tool for SSH devices. With CLOGIN, all I have to know is hostnames/IP's of devices, and CLOGIN saves my credentials.

                                 

                                It also has functionality that can allow you to automate the execution of code on your devices, for instance "clogin -c "show run" switch1" would execute the command "show run" on "switch1". Also, "-x" can be used to execute a file on the device. This can then be used to automate some really cool things...like an auto save feature, or executing VLAN changes remotely across all your devices.

                                 

                                If I need to access to multiple machines, I just open another window to my linux box and SSH in, so I have another SecureCRT tab with the 2nd device. Or, I can just use 'screen', another Linux tool, to open a 2nd session on my linux box in the same window, and can toggle between them. I can have numerous screen sessions going at a time, so its helpful when I'm transferring IOS code throughout my environment...or it did, until I automated IOS transfers with a perl script utilizing CLOGIN.

                                • Re: How do you access your switches/routers with SSH?
                                  Parker Robinson

                                  I use SecureCRT, and make sure you use the latest version.  There is a BIG difference with the GUI interface between the latest version and the versions from a couple years ago.  In the new version, you can actually drag and drop the window list of nodes.  For new installs, say you get a new network engineer, you can configure the program to use a template or saved list of all of your devices.  So you don't have to waste time adding or finding all of the devices on your network. 

                                  • Re: How do you access your switches/routers with SSH?
                                    edsando

                                    I have always used the BitVise SSH client.

                                    Bitvise SSH Client

                                     

                                    Excellent features and, in fact, can tunnel X and RDC when you need extra stuff.  But the SSH config and parameters are nice.

                                    • Re: How do you access your switches/routers with SSH?
                                      jeff.stewart

                                      I'm not indicating we are, but I'd love to gather interest level on a  web-based SSH tool within Orion.  Is that something you'd be interested in---assuming it was awesome and worked well?

                                      3 of 3 people found this helpful
                                        • Re: How do you access your switches/routers with SSH?
                                          rschroeder

                                          Yes, I'm very interested.  CLI is too powerful to be inconvenient and non-intuitive.

                                           

                                          At a minimum I'd constantly use the ability to hover over a node (which I have to do to see its IP address now) and then be given an open to SSH to it directly from that hover.

                                           

                                          At a luxury Tesla level, I'd want an analogy to the Nortel Enterprise Switch Manager's ability to discover/map L2 and L3 switches & routers, display them intuitively, rearrange and keep the rearrangement,  display their condition via color, right-click on them to select a drop-down menu of options to include:

                                          • SSH (with easy options to select your favorite tool, whether Putty or anything else)
                                          • NO Telnet option (OK, put it in, but disable it by default)
                                          • HTTPS (that allows for using ASDM, and not for Cisco's sorry switch GUI)
                                          • All the Toolset tools' options
                                          • All the intuitive links deeper into NCM, NPM, NTA, etc.