Enable firewall rule via SSH
Posted: Mon Dec 25, 2017 12:07 am
Hello all,
I am trying to enable a firewall rule via ssh, but for some reason this is not working.
What I have:
-> a user who can ssh into the mikrotik box (let's call him autobot)
-> the user uses ssh key for authentication (passwordless, because it's run from script)
-> for testing purposes the autobot user for now belongs to the "full" group
What IS working:
-> ssh login is working, I can login into the mikrotik and execute commands
-> once logged in I can enable the firewall rule by running:
-> I can run a command as a direct input of the ssh command, for example
(creates an empty script named test)
What IS NOT working:
-> when I try to execute the enable firewall rule command from above as a direct input of the ssh
I was searching the web but I could not find a similar issue mentioned anywhere. Most searches lead to links dealing with enabling ssh access and similar.
Reading through the wiki I did not find a note which would mention that such operation is not allowed via ssh (I thought it could be perhaps disallowed for security reasons), but maybe I've missed it.
So now I am stuck. In console it works, but direct execution via ssh not (but other commands do work this way).
Your help is appreciated!
EDIT:
Seems that there is a parsing problem or perhaps I need to escape something.
If I change the comment to "enable_me", then everything works as expected.
So, if I replace spaces with underscores, then it is ok.
But still would like to know how this could be done with comments containing spaces.
Thank you,
Brandon.
I am trying to enable a firewall rule via ssh, but for some reason this is not working.
What I have:
-> a user who can ssh into the mikrotik box (let's call him autobot)
-> the user uses ssh key for authentication (passwordless, because it's run from script)
-> for testing purposes the autobot user for now belongs to the "full" group
What IS working:
-> ssh login is working, I can login into the mikrotik and execute commands
-> once logged in I can enable the firewall rule by running:
Code: Select all
/ip firewall nat enable [/ip firewall nat find comment="enable me"]Code: Select all
ssh -i autobot_private_rsa autobot@10.10.10.1 /system script add name=testWhat IS NOT working:
-> when I try to execute the enable firewall rule command from above as a direct input of the ssh
Code: Select all
ssh -i autobot_private_rsa autobot@10.10.10.1 /ip firewall nat enable [/ip firewall nat find comment="enable me"]Reading through the wiki I did not find a note which would mention that such operation is not allowed via ssh (I thought it could be perhaps disallowed for security reasons), but maybe I've missed it.
So now I am stuck. In console it works, but direct execution via ssh not (but other commands do work this way).
Your help is appreciated!
EDIT:
Seems that there is a parsing problem or perhaps I need to escape something.
If I change the comment to "enable_me", then everything works as expected.
So, if I replace spaces with underscores, then it is ok.
But still would like to know how this could be done with comments containing spaces.
Thank you,
Brandon.