paulononato/tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SSH Manager/README.md

Browse Source
This commit is contained in:
Paulo Nonato
2026-04-19 11:10:03 -03:00
commit ed1b5ff7a9
1 changed files with 165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SSH Manager/README.md
+165
View File
@@ -0,0 +1,165 @@
# SSH Manager
SSH Manager is a small PowerShell tool that opens an interactive menu with predefined servers and connects to the selected host through `ssh.exe`.
This version uses mocked server names and safe example domains. It is intended for portfolio, documentation, and internal-tooling demonstrations without exposing real company infrastructure.
## Purpose
The script helps operations and DevOps teams avoid typing long SSH commands repeatedly. It groups servers by environment, displays a clean numbered menu, and launches the SSH connection for the selected host.
## Features
- Environment menu ordered as `DEV`, `QAS`, `PRD`.
- Server menu sorted alphabetically by a short server name.
- Zero-padded numbering such as `01`, `02`, `03`.
- Aligned server-name column for easier reading.
- Support for standard SSH username/password flows.
- Optional SSH user prompt when `-SshUser` is not provided.
- Support for private key authentication.
- Support for OpenSSH certificate authentication.
- Certificate discovery from a file path or from a directory.
- Mocked hostnames that can be replaced with real internal hosts.
## Requirements
- Windows PowerShell or PowerShell 7.
- OpenSSH Client installed on Windows.
Check if SSH is available:
```powershell
ssh.exe -V
```
If it is missing, enable **OpenSSH Client** in Windows Optional Features.
## Basic Usage
Run the script:
```powershell
.\ssh-manager.ps1
```
Run with a custom SSH user:
```powershell
.\ssh-manager.ps1 -SshUser devops
```
If `-SshUser` is not provided, the script asks for the SSH username after a server is selected:
```powershell
.\ssh-manager.ps1
```
## Using a Private Key
Use the `-IdentityFile` option to connect with a private key:
```powershell
.\ssh-manager.ps1 -SshUser devops -IdentityFile C:\Users\paulo\.ssh\id_ed25519
```
The script passes the file to SSH using:
```powershell
ssh.exe -i <identity-file>
```
## Using an OpenSSH Certificate
If your environment uses OpenSSH user certificates, provide both the private key and the certificate file:
```powershell
.\ssh-manager.ps1 `
-SshUser devops `
-IdentityFile C:\Users\paulo\.ssh\id_ed25519 `
-CertificateFile C:\Users\paulo\.ssh\id_ed25519-cert.pub
```
The script passes the certificate to SSH using:
```powershell
ssh.exe -o CertificateFile=<certificate-file>
```
You can also pass a directory. In that case, the script searches for the first file matching one of these endings:
- `-cert.pub`
- `.pem`
- `.crt`
- `.cer`
Example:
```powershell
.\ssh-manager.ps1 `
-SshUser devops `
-IdentityFile C:\Users\paulo\.ssh\id_ed25519 `
-CertificateFile C:\Users\paulo\.ssh\certificates
```
Each server can also define its own `CertificatePath`. When `-CertificateFile` is not provided, the script tries to resolve a certificate from the selected server's `CertificatePath`.
## Customizing Servers
Edit the `$servers` array in `ssh-manager.ps1`.
Each server uses this format:
```powershell
@{
Environment = "PROD"
Name = "Production - arlapi-prd-01.example.com"
Domain = "api-prd-01.example.com"
Host = "203.0.113.31"
Hostname = "arlapi-prd-01"
CertificatePath = ".\certificates"
Port = 22
}
```
The menu uses:
- `Environment` to group servers.
- `Name` to show a human-friendly label.
- `Domain` as a readable DNS label in the menu.
- `Host` as the SSH target. It can be a DNS name or an IP address.
- `Hostname` to build the short aligned server-name column.
- `CertificatePath` as an optional per-server certificate file or certificate directory.
- `Port` as the SSH port.
## Short Server Name Column
The script creates a short server name for display by removing:
- The `arl` prefix.
- The `.corp.cat.com` suffix.
- The `.ecorp.cat.com` suffix.
- The `.lrd.cat.com` suffix.
- The `.example.com` suffix used by this mocked version.
The short-name column is padded to the width of the longest name in the selected environment, keeping the menu aligned.
## Execution Policy
If PowerShell blocks script execution, run PowerShell as Administrator and use:
```powershell
Set-ExecutionPolicy RemoteSigned -Scope LocalMachine
```
Or allow scripts only for the current user:
```powershell
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
```
## Security Notes
- Do not store private keys, passwords, tokens, or real host inventories in public repositories.
- Prefer SSH keys or OpenSSH certificates over password-based access.
- Keep real server lists in private repositories or secure configuration stores.
- Review SSH certificate validity and rotation policies before automating access.