From 0ce48bd409e9c0481c3ad16b64263b7c46c8f1a7 Mon Sep 17 00:00:00 2001 From: Annie Mao Date: Tue, 16 Mar 2021 11:59:48 -0700 Subject: [PATCH] change to pass auth variable --- SetupTearDown.ps1 | 19 ++++++++++++++----- runPerftool.psm1 | 18 +++++++++--------- 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/SetupTearDown.ps1 b/SetupTearDown.ps1 index 224e096..4abf69d 100644 --- a/SetupTearDown.ps1 +++ b/SetupTearDown.ps1 @@ -14,7 +14,11 @@ .PARAMETER Password Required Parameter. Get the password of this computer to modify firewall permissions. -.DESCRIPTION + +.PARAMETER PassAuth + Required Parameter. Get the password of this computer to modify firewall permissions. + + .DESCRIPTION Run this script to setup your machine for PS Remoting so that you can leverage the functionality of runPerfTool.psm1 Run this script at the end of the tool runs to restore state on the machines. Ex: SetupTearDown.ps1 -Setup or SetupTearDown.ps1 -Cleanup @@ -24,20 +28,25 @@ Param( [switch] $Cleanup, [Parameter(Mandatory=$False)] $Port=5985, [Parameter(Mandatory=$True, Position=0, HelpMessage="Machine Password?")] - [SecureString]$Password + [SecureString]$Password, + [Parameter(Mandatory=$False)] [bool] $PassAuth ) Function SetupRemoting{ param( [Parameter(Mandatory=$True)] [PSCredential] $Creds, - [Parameter(Mandatory=$False)] $Port=5985 + [Parameter(Mandatory=$False)] $Port=5985, + [Parameter(Mandatory=$False)] [bool] $PassAuth ) Write-Host "Installing PSRemoting via SSH on this computer..." Write-Host "Editing sshd_config file to allow for public key and password authentication for port $Port" # edit sshd_config to listen to port and allow public key and password authentication Write-Output $Creds.GetNetworkCredential().Password | sudo -S sed -i "s/#\?\(PubkeyAuthentication\s*\).*$/\1yes/" /etc/ssh/sshd_config - sudo sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1yes/' /etc/ssh/sshd_config + if ($PassAuth) + { + sudo sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1yes/' /etc/ssh/sshd_config + } sudo sed -i "s/#\?\(Port\s*\).*$/\1$Port/" /etc/ssh/sshd_config # allow for powershell remoting via ssh $pwshCommand = Get-Content -Path /etc/ssh/sshd_config | Where-Object {$_.Contains("Subsystem powershell /usr/bin/pwsh -sshs -NoLogo")} @@ -85,7 +94,7 @@ function main { # create credential blob to store username and password securely [PSCredential] $creds = New-Object System.Management.Automation.PSCredential("user", $Password) if($Setup.IsPresent) { - SetupRemoting -Creds $creds -Port $Port + SetupRemoting -Creds $creds -Port $Port -PassAuth $PassAuth } elseif($Cleanup.IsPresent) { CleanupRemoting -Creds $creds -Port $Port } else { diff --git a/runPerftool.psm1 b/runPerftool.psm1 index f6da496..44f95fb 100644 --- a/runPerftool.psm1 +++ b/runPerftool.psm1 @@ -209,18 +209,18 @@ Function ProcessCommands{ [Parameter(Mandatory=$True)] [string]$DestIp, [Parameter(Mandatory=$True)] [string]$SrcIp, [Parameter(Mandatory=$True)] [string]$CommandsDir, - [Parameter(ParameterSetName='KeyAuth', Mandatory=$False)] [bool]$KeyAuth = $False, + [Parameter(ParameterSetName='PassAuth', Mandatory=$False)] [bool]$PassAuth = $False, [Parameter(Mandatory=$True, Position=0, HelpMessage="Dest Machine Username?")] [string] $DestIpUserName, [Parameter(Mandatory=$True, Position=0, HelpMessage="Dest Machine Password?")] [SecureString]$DestIpPassword, - [Parameter(ParameterSetName='KeyAuth', Mandatory=$False, Position=0, HelpMessage="Dest Machine Key File?")] + [Parameter(Mandatory=$False, Position=0, HelpMessage="Dest Machine Key File?")] [String]$DestIpKeyFile = "", [Parameter(Mandatory=$True, Position=0, HelpMessage="Src Machine Username?")] [string] $SrcIpUserName, [Parameter(Mandatory=$True, Position=0, HelpMessage="Src Machine Password?")] [SecureString]$SrcIpPassword, - [Parameter(ParameterSetName='KeyAuth', Mandatory=$False, Position=0, HelpMessage="Src Machine Key File?")] + [Parameter(Mandatory=$False, Position=0, HelpMessage="Src Machine Key File?")] [String]$SrcIpKeyFile = "", [Parameter(Mandatory=$True, Position=0, HelpMessage="Test Machine Username?")] [string] $TestUserName, @@ -245,10 +245,10 @@ Function ProcessCommands{ [PSCredential] $recvIPCreds = New-Object System.Management.Automation.PSCredential($DestIpUserName, $DestIpPassword) LogWrite "Processing lagscope commands for Linux" $true - ProcessToolCommands -KeyAuth:$KeyAuth -RecvKeyFilePath $DestIpKeyFile -SendKeyFilePath $SrcIpKeyFile -Toolname "lagscope" -RecvComputerName $recvComputerName -RecvComputerCreds $recvIPCreds -SendComputerName $sendComputerName -SendComputerCreds $sendIPCreds -TestUserName $TestUserName -CommandsDir $CommandsDir -Bcleanup $Bcleanup -BZip $ZipResults -TimeoutValueBetweenCommandPairs $TimeoutValueInSeconds -PollTimeInSeconds $PollTimeInSeconds -ListeningPort $ListeningPort -FirewallPortMin $FirewallPortMin -FirewallPortMax $FirewallPortMax -RecvDir $recvDir -SendDir $sendDir + ProcessToolCommands -PassAuth:$PassAuth -RecvKeyFilePath $DestIpKeyFile -SendKeyFilePath $SrcIpKeyFile -Toolname "lagscope" -RecvComputerName $recvComputerName -RecvComputerCreds $recvIPCreds -SendComputerName $sendComputerName -SendComputerCreds $sendIPCreds -TestUserName $TestUserName -CommandsDir $CommandsDir -Bcleanup $Bcleanup -BZip $ZipResults -TimeoutValueBetweenCommandPairs $TimeoutValueInSeconds -PollTimeInSeconds $PollTimeInSeconds -ListeningPort $ListeningPort -FirewallPortMin $FirewallPortMin -FirewallPortMax $FirewallPortMax -RecvDir $recvDir -SendDir $sendDir LogWrite "Processing ntttcp commands for Linux" $true - ProcessToolCommands -KeyAuth $KeyAuth -RecvKeyFilePath $DestIpKeyFile -SendKeyFilePath $SrcIpKeyFile -Toolname "ntttcp" -RecvComputerName $recvComputerName -RecvComputerCreds $recvIPCreds -SendComputerName $sendComputerName -SendComputerCreds $sendIPCreds -TestUserName $TestUserName -CommandsDir $CommandsDir -Bcleanup $Bcleanup -BZip $ZipResults -TimeoutValueBetweenCommandPairs $TimeoutValueInSeconds -PollTimeInSeconds $PollTimeInSeconds -ListeningPort $ListeningPort -FirewallPortMin $FirewallPortMin -FirewallPortMax $FirewallPortMax -RecvDir $recvDir -SendDir $sendDir + ProcessToolCommands -PassAuth $PassAuth -RecvKeyFilePath $DestIpKeyFile -SendKeyFilePath $SrcIpKeyFile -Toolname "ntttcp" -RecvComputerName $recvComputerName -RecvComputerCreds $recvIPCreds -SendComputerName $sendComputerName -SendComputerCreds $sendIPCreds -TestUserName $TestUserName -CommandsDir $CommandsDir -Bcleanup $Bcleanup -BZip $ZipResults -TimeoutValueBetweenCommandPairs $TimeoutValueInSeconds -PollTimeInSeconds $PollTimeInSeconds -ListeningPort $ListeningPort -FirewallPortMin $FirewallPortMin -FirewallPortMax $FirewallPortMax -RecvDir $recvDir -SendDir $sendDir LogWrite "ProcessCommands Done!" $true Move-Item -Force -Path $Logfile -Destination "$CommandsDir" -ErrorAction Ignore @@ -320,7 +320,7 @@ Function ProcessToolCommands{ param( [Parameter(Mandatory=$True)] [string]$RecvComputerName, [Parameter(Mandatory=$True)] [string]$SendComputerName, - [Parameter(Mandatory=$False)] [bool]$KeyAuth = $False, + [Parameter(Mandatory=$False)] [bool]$PassAuth = $False, [Parameter(Mandatory=$True)] [string]$CommandsDir, [Parameter(Mandatory=$True)] [string]$Bcleanup, [Parameter(Mandatory=$False)] [string]$Toolname = "ntttcp", @@ -340,7 +340,7 @@ Function ProcessToolCommands{ ) [bool] $gracefulCleanup = $False # delay to let credential (public key) propagate before remoting - $credPropagationTimeInSecond = 2 + $credPropagationTimeInSecond = 3 [System.IO.TextReader] $recvCommands = $null [System.IO.TextReader] $sendCommands = $null @@ -356,7 +356,7 @@ Function ProcessToolCommands{ ssh-keyscan -H -p $ListeningPort $RecvComputerName >> "$homePath/.ssh/known_hosts" ssh-keyscan -H -p $ListeningPort $SendComputerName >> "$homePath/.ssh/known_hosts" try { - if (-Not $KeyAuth) { + if ($PassAuth) { $keyFilePath = "$homePath/.ssh/netperf_rsa" $pubKeyFilePath = "$homePath/.ssh/netperf_rsa.pub" @@ -596,7 +596,7 @@ Function ProcessToolCommands{ Invoke-Command -Session $sendPSSession -ScriptBlock $ScriptBlockCleanupFirewallRules -ArgumentList ("50000:50512/udp", $SendComputerCreds) LogWrite "Cleaning up public private key and known hosts that were created as part of script run" - if (-Not $KeyAuth) { + if ($PassAuth) { # Delete authorized host from receiver and sender computer Invoke-Command -Session $recvPSSession -ScriptBlock $ScriptBlockRemoveAuthorizedHost Invoke-Command -Session $sendPSSession -ScriptBlock $ScriptBlockRemoveAuthorizedHost