Run task on startup, connect via SSH run one command

[Eds89]

I'm not hugely clued up on the process of running tasks and commands from FreeNAS at boot, but I am looking to create a task to do one thing;

I want FreeNAS to connect to a host over SSH, run one command, and then disconnect.
Can anyone assist me in writing the command or script to accomplish this?

Cheers
Eds

 

[kdragon75]

This is fairly easy! I won't just tell you type this here but I did find an article about running commands over SSH and exiting. It should be exactly what you need.
How To Run Multiple SSH Command On Remote Machine And Exit Safely
This will help you write your one liner and for the next part:
FreeNAS Docs - Init/Shutdown Scripts

Let us know if that's what you needed!

 

[Eds89]

Ok does look very easy, didn't know that commands could be passed directly to the SSH command.

I cannot see a switch to provide a password for the SSH connection though? I see -i is identity file; do I need to create a file containing a username and password combo to be supplied to the SSH command to achieve authentication when an SSH password is used?

I guess then I simply need to create an init script in the form of
ssh root@server.local "command && exit"

 

[kdragon75]

I guess we have to muddy the waters a bit.
https://serverfault.com/questions/241588/how-to-automate-ssh-login-with-password

You will have to setup key based authentication. It's not difficult but not as easy as being able to to pass a password.

 

[Eds89]

Is the process of copying an SSH key to a target machine the same, if the target is an ESXi host?
I guess it should work as the hypervisor is *nix based?

 

[kdragon75]

Is the process of copying an SSH key to a target machine the same, if the target is an ESXi host?
I guess it should work as the hypervisor is *nix based?

I have never setup key based auth on an ESXI host. I know VMware has a lot of great documentation in their knowledgebase. Try googling and let us know what you find.

 

[Eds89]

Ok so it seems to be quite straight forward if you know Linux and private/public keys (which really I'm not totally clued up on).

In any case, I found a nice simple article to generate a key pair on a linux box, and then append the private key to the appropriate placed in esxi here:
http://www.ogris.de/sshesxi/

After having done this, I SSHd into FreeNAS, and then managed to SSH from there to my ESXi host using my public key.

Now I have what I need to write an appropriate startup script, but I am wondering what the best place to store my public key in FreeNAS would be?
Rather than storing it in my pool, should I put it into somewhere like /root or /usr?

Cheers
Eds

 

[PhilipS]

If FreeNAS is the client, it should have the private key - the ESXi server should have the public key. The public key is typically stored in a file called authorized_keys in the users .ssh directory, but this is configurable and may need to be changed based on your security policy.

 

[Eds89]

If FreeNAS is the client, it should have the private key - the ESXi server should have the public key. The public key is typically stored in a file called authorized_keys in the users .ssh directory, but this is configurable and may need to be changed based on your security policy.

Yes sorry, that's what I meant, just typed it the wrong way round in my post.

What's the most appropriate place to store the private key on FreeNAS, if the plan is to refer to it in a startup script?

 

[PhilipS]

You could place it in the .ssh folder of the user - just make sure you give the full path in your startup script. Also make sure you are using the full path to ssh in your cron command - cron will run with a minimal shell and won't have any path variables set.

/usr/bin/ssh on FreeNAS

 

[Eds89]

Not sure what cron is, but assume init scripts use cron?
Do init scripts run as root?

 

[PhilipS]

Not sure what cron is, but assume init scripts use cron?
Do init scripts run as root?

cron is the scheduler - Sorry, didn't pay close enough attention that you were using init scripts - not sure if they require the full path, but it wouldn't hurt.

 

[Chris Moore]

cron: http://doc.freenas.org/11/tasks.html?highlight=cron#cron-jobs

Init Scripts: http://doc.freenas.org/11/tasks.html?highlight=cron#init-shutdown-scripts

I am not sure if FreeNAS is using cron 'under the hood' to execute the init scripts, but on other operating systems it can be done that way. Cron is a very flexible task scheduler.

It is always best to use the full path.

I would store the key in the pool, it is safer that way. I have stored files in my /root/scripts directory and, under the right circumstances, they can be lost.

 

[Eds89]

Thanks both.

I have stored my key in the pool, and have created a init script as per the below:

Code:

/usr/bin/ssh -i /mnt/VMs/ssh_keys/esxi root@10.0.0.10 "esxcli storage core adapter rescan --adapter vmhba64 && exit"

I can't test it yet, as if I reboot and it doesn't work I won't be able to start things back up remotely (at work currently).
Once I get home, I will reboot everything, and ensure that the host completes a rescan of the iSCSI HBA, to allow VMs to start.

 

[Eds89]

Other than an issue with ESXi ignoring my start delay, this script is working well.
If I can't sort the delay issue, I might just have to add a bit to this script to start specific VMs with a delay in there somewhere instead.

 

[PhilipS]

You can easily add a delay to your script with /bin/sleep <seconds> if you need it.