執行 SSH 命令Run SSH Command

重要

此版本的 Orchestrator 已達終止支援,建議您 升級至 Orchestrator 2019This version of Orchestrator has reached the end of support, we recommend you to upgrade to Orchestrator 2019.

[執行 SSH 命令] 活動會開啟與遠端伺服器的 SSH 連線,並在該伺服器上執行 shell 命令。The Run SSH Command activity opens an SSH connection to a remote server and runs shell commands on that server. 使用 [執行 SSH 命令] 活動來執行備份應用程式,或執行在非 Windows 電腦上執行一組複雜命令的批次腳本。Use the Run SSH Command activity to run backup applications or a batch script that runs a set of complex commands on a non-Windows computer. 執行 SSH 命令活動可以在安全殼層中執行任何命令。The Run SSH Command activity can run any command in a Secure Shell.

執行 SSH 命令活動是以 PuTTY Beta. 70 為基礎。Run SSH Command activity is based on PuTTY beta .70. SSH 在「執行 SSH 命令」中的執行有某些限制:The implementation of SSH in "Run SSH Command" has certain limitations:

  • 「執行 SSH 命令」活動無法針對所有 SSH-1 和 SSH-2 伺服器運作。The Run SSH Command activity does not work against all SSH-1 and SSH-2 servers. 一般情況下,此活動會與大部分的 SSH 伺服器搭配運作,但不適用於所有的 SSH 伺服器。In general, this activity functions with most SSH servers, but it does not work for all SSH server implementations.

  • 您必須下載並使用 PuTTy 金鑰產生工具來建立「執行 SSH 命令」活動的金鑰。You must download and use the PuTTy key generation tool to create keys for the Run SSH Command activity. 您可以從下載 PuTTY 取得金鑰產生工具,這是適用 于 Windows 的免費 SSH 和 telnet 用戶端The key generation tool is available at Download PuTTY - a free SSH and telnet client for Windows.

  • 「執行 SSH 命令」活動支援 SSH-1。The Run SSH Command activity supports SSH-1. Microsoft 不建議使用 SSH-1。Microsoft does not recommend the use of SSH-1. 如果您想要防止執行 SSH 命令活動使用 SSH-1,您應該使用金鑰檔,其中包含不支援 SSH 1 的金鑰。If you want to prevent The Run SSH Command activity from using SSH-1, you should use a key file that contains keys that do not support SSH-1. 請勿使用「使用者名稱」和「密碼」配對來使用金鑰檔。Do not use a username and password pair use a key file.

  • 屬性 接受主機金鑰變更 不是建議的設定。The property Accept Host Key Change is not a recommended setting. 當金鑰儲存在 runbook 伺服器上時,這個屬性只能用來建立與電腦的初始連接。This property should only be used to establish the initial connection to a computer when the key is stored on the runbook server. 包含「執行 SSH 命令」活動的 runbook 應設定為停用「 接受主機金鑰變更 」。Runbooks that contain the Run SSH Command activity should be configured with Accept Host Key Change disabled. 當您使用這個屬性時,它會停用 SSH 伺服器身分識別的驗證,並表示安全性風險。When you use this property it disables the validation of the identity of the SSH server and represents a security risk.

  • 如果 PuTTY 支援的密碼編譯加密,您應該檢查清單,該密碼位於 [ https://the.earth.li/~sgtatham/putty/0.70/htmldoc/Chapter4.html#config-ssh-encryption) 。You should review the list if cryptographic ciphers supported by PuTTY, which is found at [https://the.earth.li/~sgtatham/putty/0.70/htmldoc/Chapter4.html#config-ssh-encryption).

  • PuTTY Beta. 61 使用的虛擬亂數產生器適用于大部分的密碼編譯用途。PuTTY beta .61 uses a pseudorandom number generator suitable for most cryptographic purposes. 不建議產生長期密碼編譯金鑰。It is not recommended for the generation of long-term cryptographic keys.

    如需 PuTTY 的詳細資訊,請移至 下載 PuTTY-適用于 Windows 的免費 SSH 和 telnet 用戶端For more information about PuTTY, go to Download PuTTY - a free SSH and telnet client for Windows.

設定執行 SSH 命令活動Configuring the Run SSH Command Activity

設定「執行 SSH 命令」活動之前,您必須決定下列各項:Before you configure the Run SSH Command activity, you need to determine the following:

  • 裝載您要連線之 SSH 伺服器的電腦連接資訊。Connection information for the computer that hosts the SSH server that you want to connect to.

  • 您要執行的命令。Commands that you want to run.

  • 您是否需要金鑰檔來登入伺服器,才能執行命令;這取決於您的 SSH 伺服器。Whether you require a key file to log into the server before you are able to run commands; this depends on your SSH server.

您可以使用下列資訊來設定「執行 SSH 命令」活動。Use the following information to configure the Run SSH Command activity.

詳細資料Details

設定Settings 組態指示Configuration Instructions
電腦Computer 輸入 SSH 伺服器執行所在的電腦名稱稱或 IP 位址。Type the name of the computer or IP address where the SSH server is running. 您也可以使用省略號 ** ( ... ) ** 按鈕來流覽電腦。You can also use the ellipsis (...) button to browse for the computer.
連接埠Port 輸入您需要用來連線到 SSH 伺服器的埠號碼。Type the port number that you need to use to connect to the SSH server.
執行命令Run Command 選取此選項,並在建立連線之後,輸入您要在 SSH 伺服器上執行的命令。Select this option and type the command that you want to run on the SSH server after the connection has been established.
命令集檔案Command Set File 選取此選項,並指定一個檔案,其中包含一組將在建立連線時在 SSH 伺服器上執行的命令。Select this option and specify a file that contains a set of commands that will be run on the SSH server when the connection has been established. 命令集檔案必須使用 SSH 伺服器上原生 shell 的指令碼語言。The command set file must use the scripting language of the native shell on the SSH server.
接受主機金鑰變更Accept Host Key Change 選取此選項可在發生主機金鑰變更時接受變更。Select this option to accept host key changes when they occur. 安全性注意事項: 建議您不要使用此設定,因為它可能會讓 runbook 接受伺服器中的任何變更,包括任何適用于惡意用途的變更。Security Note: It is recommended that you do not use this setting because it can cause a runbook to accept any change in a server, including any that are for malicious purposes. 選取此選項,即會指示活動連接至任何伺服器,不論主機金鑰為何。By selecting this option, you are instructing the activity to connect to any server, regardless of the host key. 基於測試目的,請使用此選項。Only use this option for testing purposes.
連接逾時Connection Timeout 指定執行 SSH 命令活動等候 SSH 命令完成的時間量(以秒為單位)。Specify the amount of time, in seconds, that the Run SSH Command activity will wait for the SSH command to complete. 將 (零的值設定為 0 零) ,或將方塊保留空白,以無限期等候。Configure a value of 0 (zero), or leave the box blank, to wait indefinitely.

經過超時時間後,執行 SSH 命令活動會超時並傳回警告。After the timeout period has elapsed, the Run SSH Command activity times out and returns a warning. 無論執行 SSH 命令活動是否超時,您執行的命令都可能會繼續執行。The command that you ran may continue running, regardless of whether the Run SSH Command activity times out.

進階Advanced

設定Settings 組態指示Configuration Instructions
使用者名稱Username 輸入您需要登入 SSH 伺服器的使用者名稱。Type the username that you need to log into the SSH server.
密碼Password 選取此選項,並輸入與您指定的使用者名稱相關聯的密碼。Select this option and type the password that is associated with the Username that you specified.
金鑰檔Key File 選取此選項可指定要使用的金鑰檔。Select this option to specify a key file to use. 您必須使用 PuTTY 金鑰檔產生器來建立金鑰檔。You must use the PuTTY key file generator to create a key file. 您可以從 下載 PuTTY (適用于 Windows 的免費 SSH 和 telnet 用戶端)下載此工具。You can download this tool from Download PuTTY - a free SSH and telnet client for Windows.
密碼Passphrase 輸入與您指定之金鑰檔相關聯的複雜密碼。Type the passphrase that is associated with the key file that you specified.

已發佈資料Published Data

下表列出已發佈的資料項目。The following table lists the published data items.

ItemItem 描述Description
CommandCommand 在 SSH 伺服器上執行的命令。The command that ran on the SSH server. 選取 [ 命令集 檔案] 選項時,無法使用此資料。This data is not available when the Command Set File option is selected.
命令集檔案Command Set file 用來在 SSH 伺服器上執行命令的命令集檔案。The command set file that was used to run commands on the SSH server. 選取 [ 執行命令 ] 選項時,無法使用此選項。This option is not available when the Run Command option is selected.
電腦名稱Computer name SSH 伺服器的名稱或 IP 位址。The name or IP address of the SSH server.
執行結果Execution Result 從 SSH 伺服器上執行之命令的輸出發佈的文字。The text that was published as output from the commands that were run on the SSH server.
結束碼Exit Code 命令所發佈的結束代碼。The exit code published by the command. 使用命令集檔案時,這會是檔案中最後一個命令的結束代碼。When using a command set file, this will be the exit code of the last command in the file.
金鑰檔案路徑Key file path 用來向 SSH 伺服器進行驗證的金鑰檔路徑。The path of the key file that was used to authenticate with the SSH server.
連接埠Port 用來連接到 SSH 伺服器的埠。The port used to connect to the SSH server.
使用者名稱Username 用來登入 SSH 伺服器的使用者名稱。The username used to log into the SSH server.

後續步驟Next steps

請參閱有關如何取得 SNMP 變數的文章。see the article on how to get the SNMP variables.