Automate Cisco commands from Windows

In the previous article, Running commands on a Cisco device from the Windows command line , I wrote on how to run commands from the Windows command line against a Cisco device. The article was based on using the Unix utility rsh aka Remote Shell. The biggest downfall of using rsh is the security issues around the protocol. How about another method of doing the same thing, but with using a more secure process?

Putty has a sister program that is called plink. Like putty, plink is a standalone executable that is capable of accessing remote devices using telnet or ssh. Plink is basically used in place of putty when you want the input/output of the program to use STDIN/STDOUT. So, for example you can open a command prompt, invoke plink and connect to a device. The interaction with the session will look just as if it would when using the telnet.exe from the XP/Vista command line. One of the features of plink is that it can share the saved sessions created in Putty. By default, putty will use the Windows registry to store saved connection information. However, the configuration can be changed to store the sessions in the local file system.

In this initial example, lets configure a router to accept an incoming ssh connection with a locally defined username/password combination. The basic IOS configuration to accomplish this task will look like the following:

R1(config)#int fa0/0
R1(config-if)#ip address

! Define the hostname on the router - required for enabling ssh
Router(config)#hostname R1

! Define the domain name on the router - required for enabling ssh
R1(config)#ip domain-name

! Generate encryption keys for use with ssh
R1(config)#crypto key generate rsa general-keys
The name for the keys will be:
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]:
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

! Use the latest version of ssh
R1(config)#ip ssh version 2

! Locally defined username on the router
R1(config)#username xpresslearn privilege 15 secret pa55w0rd

! Enable aaa
R1(config)#aaa new-model

! Set all logins by default to use the local username entries
R1(config)#aaa authentication login default local

! Use the priviledge level defined in the local username statement
R1(config)#aaa authorization exec default local

Now, from the command line, let's use the plink.exe program to show the interfaces of the Cisco device. But first, lets take a look at the options available from the plink executable:

Command line options for plink.exe

As you can see, one of the options is a -m to run remote commands from a file. In order to automatically run commands without interaction, the commands you want to run need to be inserted into a text file.

Text file to use with plink.exe

Now, run the program with the proper command line options. Which in the following example is:

Running plink.exe in batch mode

As you can see, the output from the command is displayed as standard program output. This output can just as easily be piped to a text file. Next, let's use this method to back up the configuration of the router. First, we will put the proper commands in the text file for batch processing.

Backup cisco configuration via plink.exe

Now, run plink.exe with the same command line options and add the pipe to end:

Router backup using plink.exe

So we ran plink with the commands in the text file and piped them to a file called R1.txt. In the above screen shot, you can see where we view the text file after the program has executed. The text file contains the complete configuration of the device, which was displayed using the show run command. FYI: the term length 0 command is used to prevent paging when showing the running configuration.