February 3rd, 2009

This is a must do task if you want to securely script the NetApp or N-Series filers in any way. I never use RSH and don’t recommend using it either. Creating pre-shared keys is pretty straight forward and simple, and should be a one time operation anyway, so doesn’t add much hassle, but adds plenty of peace of mind. This is vital if you want to use any of the scripts I have listed in my blog pages.

If you’re using Linux already, this process should not be foreign to you. I haven’t got a Linux box in front of me right now (sat in a hotel room writing some stuff up), so I’ll just go over the process from a very high level. I will come back and update this when I’m back at the lab to test it out.

1)      Mount up the filer “/etc” folder via NFS or SMB.

2)      Create (if it doesn’t already exist) “/etc/sshd/root/.ssh

3)      Create an “authorized_keys” text file

4)      Copy all the public key contents into this file

5)      If you are using different users other than root, create a different folder structure above “/etc/sshd/user_name/.ssh”. This user would need to exist on the filer also, and may make things a bit more secure and trackable.

6)      Test it!

a.       ssh -c 3des root@filer_name df -h

Multiple commands can be daisy chained together on the filer to make scripts more efficient and to reduce the number of SSH sessions open at any one time.

ssh -c 3des root@filer_name “snap list; snap delete vol0 snap.3; snap rename vol0 snap.2 snap.3; snap rename vol0 snap.1 snap.2; snap rename vol0 snap.0 snap.1; snap create vol0 snap.0”

  1. | #1

    Can this be schedule as well, like cron?

  2. | #2

    You can’t schedule any commands directly on the filer, but yes, you could schedule the ssh command using cron from a linux/unix management host. This is how you script consistent backups of VMware and Oracle if you don’t have the relevant SnapManager product. I have this running on quite a few customer sites. This makes it quite powerful actually as you can script FlexClones and other things.

  3. Ed Grigson
    | #3

    Thanks, I was looking for how to script multiple commands via SSH and the example at the end worked perfectly for me.

  1. No trackbacks yet.

This site is not affiliated or sponsored in anyway by NetApp or any other company mentioned within.
%d bloggers like this: