For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Perl Ssh Access

Problem this snippet solves:

A perl sample illustrating how to configure ssh access to a BIG-IP.

perl .\SSHAccess.pl bigip user pass¶

  • Query SSH Access settings.

perl .\SSHAccess.pl bigip user pass STATE_ENABLED¶

  • Enable SSH Access for all IP addresses

perl .\SSHAccess.pl bigip user pass STATE_ENABLED "10.10.10.10,20.20.20.20"¶

  • Enable SSH Access for ip addresses 10.10.10.10 and 20.20.20.20

Code :

#!/usr/bin/perl

#use SOAP::Lite + trace => qw(method debug);
use SOAP::Lite;

sub SOAP::Deserializer::typecast-->
{
  my ($self, $value, $name, $attrs, $children, $type) = @_;
  return $value;
}

#----------------------------------------------------------------------------
# Validate Arguments
#----------------------------------------------------------------------------
my $sHost = $ARGV[0];
my $sUID = $ARGV[1];
my $sPWD = $ARGV[2];
my $sSTATE = $ARGV[3];
my $sADDRS = $ARGV[4];

if ( ($sHost eq "") or ($sUID eq "") or ($sPWD eq "") )
{
  die ("Usage: SystemState.pl host port uid pwd\n");
}

#----------------------------------------------------------------------------
# Transport Information
#----------------------------------------------------------------------------
sub SOAP::Transport::HTTP::Client::get_basic_credentials-->
{
  return "$sUID" => "$sPWD";
}

$Services = SOAP::Lite
  -> uri('urn
  -> proxy("https://$sHost/iControl/iControlPortal.cgi");
eval { $Services->transport->http_request->header
(
  'Authorization' => 
    'Basic ' . MIME::Base64::encode("$sUID:$sPWD", '')-->
); };


#----------------------------------------------------------------------------
# sub getSSHAccess
#----------------------------------------------------------------------------
sub getSSHAccess()
{
my $soapResponse = $Services->get_ssh_access_v2();
&checkResponse($soapResponse);

my $SSHAccessV2 = $soapResponse->result;
my $state = $SSHAccessV2->{"state"};
my @addresses = @{ $SSHAccessV2->{"addresses"} };

print "State: $state\n";
foreach $address (@addresses)
{
print " -> $address\n";
}
}

#----------------------------------------------------------------------------
# sub setSSHAccess
#----------------------------------------------------------------------------
sub setSSHAccess()
{
my ($state, $addrlist) = (@_);

my @addresses = split(/,/, $addrlist);

my $SSHAccessV2 = {
state => $state,
addresses => [@addresses]
};

my $soapResponse = $Services->set_ssh_access_v2(
SOAP::Data->name(access => $SSHAccessV2)
);
&checkResponse($soapResponse);
}

#----------------------------------------------------------------------------
# checkResponse
#----------------------------------------------------------------------------
sub checkResponse()
{
my ($soapResponse) = (@_);
if ( $soapResponse->fault )
{
print $soapResponse->faultcode, " ", $soapResponse->faultstring, "\n";
exit();
}
}

#----------------------------------------------------------------------------
# Main program logic
#----------------------------------------------------------------------------

if ( $sSTATE eq "" )
{
&getSSHAccess();
}
elsif ( $sADDRS eq "" )
{
&setSSHAccess($sSTATE, "ALL");
&getSSHAccess();
}
else
{
&setSSHAccess($sSTATE, $sADDRS);
&getSSHAccess();
}
Published Mar 09, 2015
Version 1.0
devops
iControl
perl
No CommentsBe the first to comment