sudo apt-get install openssh-server
sudo useradd -d /dev/null -s /dev/null ssh_user sudo passwd ssh_user
plink.exe -batch -P 2201 -N -C -v -R 33899:localhost:3389 ssh_user@222.222.222.222 -pw password
plink.exe -P 2201 -N -C -v -L 3379:localhost:33899 ssh_user@222.222.222.222 -pw password mstsc.exe /v localhost:3379
apply Service "create-rdp-tunnel" { enable_active_checks = false max_check_attempts = 2 assign where host.name == NodeName ignore where host.vars.os == "Linux" check_command = "powershell" vars.ps_command = "c:\\ProgramData\\icinga2\\Scripts\\icinga2\\create_rdp_tunnel.ps1" }
<# icinga2scripts Version 1.0 Description: Icinga 2 - ssh Pavel Satin (c) 2016 pslater.ru@gmail.com #> [Console]::OutputEncoding = [System.Text.Encoding]::UTF8 $returnStateOK = 0 $returnStateWarning = 1 $returnStateCritical = 2 $returnStateUnknown = 3 $portnum = "338" + (Get-Random -minimum 10 -maximum 99).ToString() $tunnelcmd = "c:\ProgramData\icinga2\Scripts\icinga2\plink.exe" $tunnelarg = "-batch -P 2201 -N -C -v -R " + $portnum + ":localhost:3389 ssh_user@222.222.222.222 -pw password" $regSSHkey = "HKCU:\Software\SimonTatham\PuTTY\SshHostKeys" $regSSHname = "rsa2@2201:222.222.222.222" $regSSHval = "0x10001,0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" if (!(Test-Path $regSSHkey -PathType Any)) { New-Item -Path $regSSHkey -Force | Out-Null New-ItemProperty -Path $regSSHkey -Name $regSSHName -Value $regSSHval -PropertyType String -Force | Out-Null } else { New-ItemProperty -Path $regSSHkey -Name $regSSHName -Value $regSSHval -PropertyType String -Force | Out-Null } $process = (start-process $tunnelcmd -argumentlist $tunnelarg -PassThru) Start-Sleep -s 5 if ($process.HasExited) { Write-Host "Failed to start plink. The process is closed with the code: " $process.ExitCode [System.Environment]::Exit($returnStateCritical) } else { # pushover $uri = "https://api.pushover.net/1/messages.json" $parameters = @{ token = "API_TOKEN" user = "API_USER" message = " : $portnum : $env:computername" } $pushoverreq = $parameters | Invoke-RestMethod -Uri $uri -Method Post Write-Host "OK - The tunnel is created. Port number: $portnum" Write-Host "To connect:" Write-Host "plink.exe -P 2201 -N -C -v -L 3379:localhost:$portnum ssh_user@222.222.222.222 -pw password" [System.Environment]::Exit($returnStateOK) }
/bin/echo "[`date +%s`] SCHEDULE_FORCED_SVC_CHECK;;create-rdp-tunnel;`date +%s`" >> /var/run/icinga2/cmd/icinga2.cmd
<# icinga2scripts Version 1.0 Description: Icinga 2 - RemoteDesktop Pavel Satin (c) 2016 pslater.ru@gmail.com #> $returnStateOK = 0 $returnStateWarning = 1 $returnStateCritical = 2 $returnStateUnknown = 3 #Windows Balloon [void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") $objNotifyIcon = New-Object System.Windows.Forms.NotifyIcon if ($args[0] -eq $null) { $objNotifyIcon.Icon = "C:\Scripts\images\icinga.ico" $objNotifyIcon.BalloonTipIcon = "Error" $objNotifyIcon.BalloonTipText = " ! ." $objNotifyIcon.BalloonTipTitle = " " $objNotifyIcon.Visible = $True $objNotifyIcon.ShowBalloonTip(30000) Start-Sleep -s 10 $objNotifyIcon.Visible = $false $script:objNotifyIcon.Dispose() exit } $rdpHost = $args[0] $plinkPath = "C:\Scripts\bin\" add-type -TypeDefinition @" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "@ [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy $user = "icinga" $pass= "password" $secpasswd = ConvertTo-SecureString $pass -AsPlainText -Force $credential = New-Object System.Management.Automation.PSCredential($user, $secpasswd) $apiurl = "https://222.222.222.222:5665/v1/objects/services/" + $rdpHost + "!create-rdp-tunnel?attrs=last_check_result" $apireq = Invoke-WebRequest -Credential $credential -Uri $apiurl -Method Get -UseBasicParsing -ContentType "text/plain; charset=Windows-1251" $outputresult = $apireq | ConvertFrom-Json | Select -expand Results | Select -expand attrs | Select -expand last_check_result $strOutput = $outputresult.output $indxPlink = $strOutput.IndexOf("plink") $portnum = "339" + (Get-Random -minimum 10 -maximum 99).ToString() $strOutput2 = $strOutput.Substring($indxPlink, $strOutput.Length - $indxPlink) $cmdArgs = "/C " + $strOutput2.Replace("3379", $portnum) $mstscArgs = "/v localhost:$portnum" # Start-Process cmd.exe $cmdArgs Start-Process mstsc.exe $mstscArgs $objNotifyIcon.Icon = "C:\Scripts\images\icinga.ico" $objNotifyIcon.BalloonTipIcon = "Info" $objNotifyIcon.BalloonTipText = " $rdpHost" $objNotifyIcon.BalloonTipTitle = " " $objNotifyIcon.Visible = $True $objNotifyIcon.ShowBalloonTip(30000) Start-Sleep -s 30 $objNotifyIcon.Visible = $false $script:objNotifyIcon.Dispose()
Source: https://habr.com/ru/post/315536/