Script

Validate/change SSH access to ESXi hosts

This is another script that I’ve posted earlier this year on twitter and pastbin.

 

This script is very basic, it enables you to get the SSH status of a given vCenter or change it. It takes multiple input, meaning you will be able to stop and disable the service on all host with one command – Aswell as start or view the status of the hosts.

 

This should cover most use cases. An example would be to stop and disable the SSH service and then list new state in order to valid it. As it can be seen below in the script description.

<# .SYNOPSIS     SSH_Status.ps1 .DESCRIPTION     This script makes it possible to enable/disable SSH-TSM policy and start/stop SSH-TSM service, aswell as get SSH-TSM status .PARAMETER Command     Specifies the command you want to execute, chooses are:                 ViewServiceSSH - Output Current status:                                                 VMHost              Key                             Running Policy                         ------              ---                             ------- ------                         VMhost01            TSM-SSH                           False off                         StartServiceSSH - Startes the SSH-TSM service on all host                 StopServiceSSH - Stops the SSH-TSM service on all host                 DisableServiceSSH - Disables the SSH-TSM service on all host                 EnableServiceSSH - Enables the SSH-TSM service on all host .PARAMETER $vcenterserver     Specifies the vCenter to which you want to connect to, in order to get data from. .EXAMPLE     C:\PS>SSH_Status.ps1 ViewServiceSSH vcenter.local.domain
                or

        C:\PS>SSH_Status.ps1 "StopServiceSSH;DisableServiceSSH;ViewServiceSSH" vcenter.local.domain
.OUTPUTS

                        VMHost              Key                             Running Policy
                        ------              ---                             ------- ------
                        VMhost01            TSM-SSH                           False off

.NOTES
    Author: Michael Ryom
    Date:   November 28, 2012    
#>
param(
[Parameter(Mandatory=$false)]
[string]$Command = 'get-help $MyInvocation.MyCommand.Definition -full',
[Parameter(Mandatory=$false)]
[string]$vcenterserver)

#ADD VMWARE SNAPIN
        if(!(Get-PSSnapin | where {$_.Name -eq "VMware.VimAutomation.Core"})){
                add-pssnapin VMware.VimAutomation.Core
        }

#If not already logged in to vCenter, login    
        if($vcenterserver -ne ($global:DefaultVIServers | %{$_.Name}) -and $vcenterserver){
        Connect-VIServer $vcenterserver}

        write-host
        write-host

        if($vcenterserver -eq ($global:DefaultVIServers | %{$_.Name})){
        $VMHost = Get-VMHost
        }

function ViewServiceSSH {
 foreach ($VMHost in $VMHost) {
   Get-VMHostService -VMHost $VMHost | where {$_.Key -eq "TSM-SSH"} | Select @{N="VMHost";E={$VMHost.Name}},Key,Running,Policy
  }
}

function StartServiceSSH {
 foreach ($VMHost in $VMHost) {
   Get-VMHostService -VMHost $VMHost | where {$_.Key -eq "TSM-SSH" -and $_.running -ne $true} | Start-VMHostService -confirm:$false | Select @{N="VMHost";E={$VMHost.Name}},Key,Running,Policy | FT
  }
}

function StopServiceSSH {
 foreach ($VMHost in $VMHost) {
   Get-VMHostService -VMHost $VMHost | where {$_.Key -eq "TSM-SSH" -and $_.running -ne $false} | Stop-VMHostService -confirm:$false | Select @{N="VMHost";E={$VMHost.Name}},Key,Running,Policy | FT
  }
}

function DisableServiceSSH {
 foreach ($VMHost in $VMHost) {
   Get-VMHostService -VMHost $VMHost | where {$_.Key -eq "TSM-SSH" -and $_.Policy -ne "off"} | Set-VMHostService -Policy "off" -confirm:$false | Select @{N="VMHost";E={$VMHost.Name}},Key,Running,Policy | FT
  }
}

function EnableServiceSSH {
param(
[Parameter(Mandatory=$true)]
[string]$policy = "on")

 foreach ($VMHost in $VMHost) {
   Get-VMHostService -VMHost $VMHost | where {$_.Key -eq "TSM-SSH" -and $_.Policy -ne $policy} | Set-VMHostService -Policy $policy -confirm:$false | Select @{N="VMHost";E={$VMHost.Name}},Key,Running,Policy | FT
  }
}

Invoke-Expression $Command

Write-Host "Press any key to continue ..."
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")   
if($vcenterserver -eq ($global:DefaultVIServers | %{$_.Name})){
Disconnect-VIServer -confirm:$false
}

Leave a Reply

Your email address will not be published. Required fields are marked *