Cisco periodic reboot using perl

A request to reboot a Cisco ASA every week came in today. Under Cisco IOS there is a kron which would accommodate us here, however there appears to be no such thing under the ASA OS (is it still called FOS?). The next best thing is to run a perl script which utilises the Net::SSH::Expect module to negotiate the SSH login.

As we are using an ASA without any kind of AAA usernames we also need to get past uplifting our privileges using en.

I’m on a FreeBSD server so i need to install the correct perl module via the ports first:

# cd /usr/ports/net/p5-Net-SSH-Expect/
# make install

Now we can write and test the script:

#! /usr/bin/perl -w

use strict;
use Net::SSH::Expect;

my $host_ip = "1.1.1.1";
my $login_name = "xxxx";
my $login_password = "yyyy";
my $en_password = "zzzz";

my $ssh = Net::SSH::Expect->new (
            host => $host_ip,
            password=> $login_password,
            user => $login_name,
            raw_pty => 1
        );

my $login_output = $ssh->login();
if ($login_output !~ /Type help/) {
        die "Login has failed. Login output was $login_output";
}

$ssh->send("en");
$ssh->waitfor('Password:', 1) or die "prompt 'Password:' not found after 1 second";
$ssh->send($en_password);
$ssh->exec("reload noconfirm");

Add the script to the crontab and we’re away!

This entry was posted in Cisco, Perl and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *