SSH Nexus
Advanced SSH automation hub with intelligent connection management and network device support. Built with ❤️ by Sarryaz
Actions22
- Command Execution Actions
- File Operations Actions
- Network Device Actions
- System Information Actions
- Connection Health Actions
Overview
The node provides advanced SSH automation specifically tailored for network devices such as Cisco IOS, Aruba OS, Juniper, HP ProCurve, Dell PowerConnect, MikroTik, and generic devices. The "Restore Configuration" operation allows users to apply configuration changes to a network device remotely over SSH. This can be done by sending configuration commands directly as text or by uploading a configuration file in binary form.
Typical use cases include:
- Automating network device configuration updates during maintenance windows.
- Restoring backed-up configurations after device resets or failures.
- Applying incremental configuration changes (merge) or full replacements of device configuration.
- Integrating with workflows that dynamically generate or retrieve configuration data.
For example, a network engineer could automate pushing new VLAN settings to multiple switches by providing the configuration commands as text input or restoring a saved config file from a TFTP server.
Properties
| Name | Meaning |
|---|---|
| Configuration Mode | How to configure the SSH connection: - Use Credentials: Use stored SSH credentials (recommended for security). - Dynamic Parameters: Use dynamic parameters from previous nodes or environment variables. |
| Dynamic Host | Hostname or IP address for SSH connection (required if using Dynamic Parameters mode). Supports expressions and environment variables. |
| Dynamic Port | SSH port number (default 22), supports expressions and environment variables. |
| Dynamic Username | Username for SSH login (required if using Dynamic Parameters mode). Supports expressions and environment variables. |
| Dynamic Password | Password for SSH login, supports expressions and environment variables. |
| Dynamic Private Key | Private key content for SSH authentication, supports expressions and environment variables. |
| Configuration File | Path to the configuration file to restore (e.g., TFTP server path). Required for Restore Configuration operation. |
| Configuration Source | Source of configuration to restore: - Text Input: Directly enter configuration commands. - Binary Data: Use binary data from a previous node. |
| Configuration Commands | Configuration commands to apply when using Text Input source. Required if Configuration Source is "text". |
| Binary Property | Name of the binary property containing the configuration file when using Binary Data source. Required if Configuration Source is "binary". |
| Apply Method | How to apply the configuration: - Merge (Add to existing): Add or update current configuration. - Replace (Dangerous): Replace entire configuration. |
| Save After Apply | Whether to save the configuration on the device after applying changes (default true). |
| Advanced Options | Collection of advanced settings: - Command Timeout (ms): Max time to wait for command completion. - Output Parsing: How to parse command output (smart, JSON, table, raw, none). - Continue on Error: Keep processing even if some commands fail. - Cipher Override: Override cipher selection for SSH connection. - Try Fallback Ciphers: Automatically try alternative ciphers if primary ones fail. - Retry Delay (ms): Delay between connection retry attempts. - Verbose Logging: Enable detailed debug logging. - Line Ending Style: CR+LF (Windows) or LF (Unix) line endings. - Device Type: Select device type for optimized command handling (generic, Cisco IOS, Aruba OS/AP, Juniper, HP ProCurve, Dell PowerConnect, MikroTik). |
Output
The node outputs an array of items corresponding to each input item processed. Each output item contains a json field with the following structure:
raw: Raw command output as a string.lines: Array of non-empty lines from the output.wordCount: Number of words in the output.hasError: Boolean indicating if an error was detected in parsing (usually false).stderr: Standard error output from the SSH command execution (empty string if none).exitCode: Exit code of the executed command (0 indicates success).command: The configuration command(s) sent to the device.deviceType: The type of network device targeted.parseOutput: The parsing method used for the output.- Additional fields depending on the operation, e.g.,
commandIndex,totalCommandsfor multiple commands.
If the configuration is applied successfully and "Save After Apply" is enabled, an additional output item will contain the result of the save operation.
No binary output is produced by this operation itself, but it can consume binary input if the configuration source is set to binary.
Dependencies
- Requires an SSH connection to the target network device.
- Needs either stored SSH credentials or dynamic SSH connection parameters.
- Uses the
node-sshlibrary for SSH communication. - Relies on internal utilities for parsing SSH output and managing prompts.
- For binary configuration input, expects binary data from previous nodes in n8n.
- Network device-specific command sets are internally defined for supported device types.
Troubleshooting
- Invalid host format: The dynamic host must only contain letters, numbers, dots, and hyphens. Avoid spaces or special characters.
- Port out of range: SSH port must be between 1 and 65535.
- Missing required parameters: When using dynamic mode, host and username are mandatory.
- Empty configuration commands: If using text input source, configuration commands cannot be empty.
- Missing binary property: If using binary source, the specified binary property must exist and contain valid data.
- SSH connection errors: May occur due to wrong credentials, network issues, or incompatible cipher algorithms. Enabling fallback ciphers and verbose logging can help diagnose.
- Command timeout: Increase the command timeout in advanced options if commands take longer to execute.
- Potentially dangerous commands: The node blocks certain dangerous shell commands to prevent accidental destructive operations.
- Save failure: If saving configuration fails, verify device permissions and command correctness.