Run SSH commands from within a flow

#1

Hi,

Is it possible to run SSH commands either locally or on remote systems via node-red and process some sort of reply ?

For example how can I run the following command on a remote computer 192.168.1.234 port 22 and get a response ?

sudo dhclient -cf /etc/dhclient.conf eth0
0 Likes

#2

You can run pretty much everything from the exec node. You will get back the text you would see on the console so you may have to do some split foo if you need to process it. Easy enough to dump to a UI page though if that's all you need.

You will have to work out how to run a script remotely though. Get it all running in a local script file then call that from Node-RED.

0 Likes

#3

Hi @TotallyInformation

Thanks for replying I looked at the exec node but could not work it out, especially if I want to send the command to a remote computer - would an exec node, join to a tcp node maybe to achieve that ?

By any chance, do you have any examples of the exec node doing command line calls locally, such as a cat command or something basic to get me started ?

0 Likes

#4

You can execute a remote command within exec using the SSH command to execute a single remote command. Look at the docs for ssh to see how to do that. If you want a remote sudo command then you will have to set the remote computer to allow sudo of that command without a password.

1 Like

#5

Sorry Colin, what do you mean exactly, is there any example you can share ? I entered the following into the command box, and used a timestamp inject node, and it gave me an error.

cat /proc/cpuinfo

Error:

msg.payload : string[46]
string[46]
cat: 1537907221924: No such file or directory
0 Likes

#6

Hi @nodecentral

there are two parts to this.

  1. setting up SSH so you can securely run a command on another device. That's probably beyond the scope of this forum - but it is a very commonly done thing so there will be plenty of guides on how to do it.

  2. using the exec node to invoke a command - which is firmly in scope of this forum.

By default, the exec node appends msg.payload to the command you ask it to run. So if you entered cat /proc/cpuinfo, and triggered it with an inject node, then the command run was:

cat /proc/cpuinfo 1537907221924

Hence the error - as its trying to cat a file called 1537907221924 - ie, the timestamp the Inject node sent.

You need to untick the Append msg.payload option in the Exec node to stop that happening.

0 Likes

#7

Hi @knolleary

Thanks for helping out,

Ok, I’ve tried to make the changes suggested, but still no joy.

I have an inject node, pushing a timestamp payload, into the exec node with cat /proc/cpuinfo entered in the command box (and the append message payload box unchecked.)

Once deployed and run, it returns nothing via the debug node ?

I’m obviously missing something, any idea what from the above ?

0 Likes

#8

Have you got all of the Exec node outputs wired to the Debug node? Make sure you read the Exec node help in the sidebar that explains what the different outputs are used for.

0 Likes

#9

Doh ! Thanks so much @knolleary, that was it I did not have all the outputs connected, I just linked the 2nd one (which was for errors).

Regarding making SSH calls on remote systems via node Red, would you be able to point me somewhere you know of that could help? Is this potential something that might be on the future feature list ?

0 Likes

#10

This does not need to be on any future todo list... everything you need is already in node-red. However, you are asking a lower-level question: how can one computer execute a command on another computer and see the results...

You really only have two choices, either

  • computer A connects to computer B through ssh, runs the command remotely, and captures the output results directly, or
  • computer A sends a msg to computer B, which executes a pre-determined command, and sends the results back to computer A

The first solution requires you to exchange public/private keys and establish the logins correctly between the two computers. This is not node-red specific -- IT people have been working this way for decades, but it requires root access and knowledge of the OSes involved.

The second solution relies on having node-red running on both computers A (the master) and B (the slave). Computer B listens for outside msgs through any of the supported protocols (http, tcp, udp, websocket, mqtt, etc). A flow running on computer A sends the request to Computer B, which runs the cat /proc/cpuinfo command in an exec node, and the output is sent back to Computer A.

Running commands on remote computers is supposed to hard to do -- otherwise none of our computing infrastructure would be safe.

Actually there is at least one more way to collect information from remote machines... and it's more inline with IoT and node-red's sweet spot. Each target machine runs its own automomous flows in node-red. Set an inject node to run a flow every X minutes, that get the data and pushes it into either a central database (sql, influx, redis, etc) or a pub/sub queue (i.e. mqtt). Then, whenever the master flow needs to see what's happening at the remote machines, it just gets the data from that source database or queue. Much cleaner that way, imo.

0 Likes

#11

here is the basic way to do it

https://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/

Craig

0 Likes

#12

There are, of course, many more than two :smile:

Agree that this certainly isn't a Node-RED question however. Best asked on Stack Overflow. Though doubtless SO already has some answers to this question.

0 Likes

#13

Indeed -- "Our three weapons are..." hahahaha!!!

1 Like

#14

And I’m just looking for ‘ruthless efficiency’

0 Likes

#15

"NO-body expects that..."

0 Likes

#16

Thanks for everyone’s input

If anyone is interested; one of the reasons for my interest in this was to see if I can migrate some of my iOS workflows from the Workflow app (now called Shortcut) over to node-red ; as Workflow/Shortcut has this ‘Run Script over SSH’ module.

That particular Workflow/Shortcut feature provides me with the ability to login to a remote device and execute my required script/command and capture the response (if one is provided), which can be onwardly used in the workflow. (The problem with the Workflow app is that it only really allows you to manually run your flows)

The idea I had was that my modem/router sometimes loses it connection to the internet (during the isp is refresh) and that either requires a reboot or for me to SSH on to the box and run a dhclient refresh request from the command line.

My ideal plan was to have a node red flow that checks if the internet is accessible, if it’s not then after x minutes it would log onto the modme/router and automatically run the command line code dhclient refresh to restore internet connectivity in the house.

0 Likes

#17

Simplify it further - get a $5 Sonoff Basic - connect the router to it - if the router/internet is not responding then reboot it through a Node-red call to the Sonoff.

I have a number of my critical devices running like this

Craig

0 Likes

#18

Yep, agree - and I actually have a z-wave plug that was in scope to be my plan B. But that command line call , is much quicker and more efficient - but you can only work with what you've got. :slight_smile:

Thanks again all.

0 Likes