SSH Nexus
Advanced SSH automation hub with intelligent connection management and network device support. Built with ❤️ by Sarryaz
Actions22
- Command Execution Actions
- File Operations Actions
- Network Device Actions
- System Information Actions
- Connection Health Actions
Overview
This node operation connects to a network device via SSH and retrieves the current active running configuration of that device. It supports various network device types such as Cisco IOS, Aruba OS, Juniper, HP ProCurve, Dell PowerConnect, MikroTik, and generic devices. The node handles connection setup securely using either stored SSH credentials or dynamic parameters provided at runtime.
Typical use cases include:
- Automating network audits by fetching running configurations regularly.
- Backing up device configurations before making changes.
- Integrating with network management workflows to monitor or validate device states.
- Troubleshooting network issues by comparing current configs.
For example, a network engineer can schedule this node to run nightly to collect running configs from all Cisco routers in their environment, storing the output for compliance and change tracking.
Properties
| Name | Meaning |
|---|---|
| Configuration Mode | Choose how to configure the SSH connection: - Use Credentials: Use stored SSH credentials (recommended for security). - Dynamic Parameters: Use dynamic parameters from previous nodes or environment variables. |
| Dynamic Host | Hostname or IP address of the network device (required if using Dynamic Parameters mode). Supports expressions and environment variables. |
| Dynamic Port | SSH port number (default 22) for the connection (used in Dynamic Parameters mode). Supports expressions and environment variables. |
| Dynamic Username | SSH username for authentication (required if using Dynamic Parameters mode). Supports expressions and environment variables. |
| Dynamic Password | Password for SSH authentication (optional if private key is used). Supports expressions and environment variables. |
| Dynamic Private Key | Private key content for SSH authentication (optional alternative to password). Supports expressions and environment variables. |
| Advanced Options | Collection of advanced settings: - Command Timeout (ms): Max wait time for command execution. - Output Parsing: How to parse command output (smart, JSON, table, raw, none). - Continue on Error: Whether to continue processing other items if one fails. - Cipher Override: Override cipher selection for SSH connection. - Try Fallback Ciphers: Automatically try alternative ciphers if primary fail. - Retry Delay (ms): Delay between retry attempts. - Verbose Logging: Enable detailed debug logs. - Line Ending Style: CR+LF (Windows) or LF (Unix) line endings. - Device Type: Select device type for optimized command handling (generic, Cisco IOS, Aruba OS, etc.). |
Output
The node outputs an array of JSON objects, each corresponding to an input item processed. For the "Get Running Config" operation, each output JSON contains:
raw: The raw text output of the running configuration retrieved from the device.lines: Array of non-empty lines from the configuration output.wordCount: Number of words in the output.stderr: Any error output captured during command execution (usually empty).exitCode: Exit code of the SSH command (0 indicates success).deviceType: The type of network device queried.parseOutput: The parsing mode used (e.g., smart, json, raw).
If output parsing is enabled (default is smart), the node attempts to intelligently parse the config output into structured data formats where possible.
The output is paired with the corresponding input item index for traceability.
Dependencies
- Requires an SSH server accessible on the target network device.
- Needs either stored SSH credentials configured in n8n or dynamic SSH connection parameters supplied at runtime.
- Uses the
node-sshlibrary for SSH connections. - Relies on internal utilities for parsing SSH output and managing device-specific command prompts.
- No external API keys are required beyond SSH authentication credentials.
Troubleshooting
- Invalid host format error: Occurs if the dynamic host parameter contains invalid characters. Ensure only letters, numbers, dots, and hyphens are used.
- Port number out of range: Port must be between 1 and 65535.
- SSH connection failures: May result from incorrect credentials, network issues, or unsupported ciphers. Enable verbose logging to diagnose.
- Potentially dangerous command detected: The node blocks execution of commands that could harm the system (e.g.,
rm -rf /). Review your commands carefully. - Empty command error: Command cannot be empty; ensure you provide valid commands.
- File path safety checks: Upload paths containing
..,~, or sensitive directories like/etcor/var/logare blocked for security. - Timeouts: Increase the command timeout in advanced options if commands take longer to execute.
- Enable mode password prompt issues: If your device requires privileged mode, ensure the enable password is correctly set in credentials or parameters.