I have a setup where I have two redundant routers with VRRP, and one has a fiber internet connection and the other has LTE. Is there a way to make a script send an SMS from the LTE device, but have that message be initiated by the other router? I’d like to be able to get text messages when some event happens on the main router but it’s not the one that can actually send messages.
I guess sending e-mails or telegram messages would be a lot easier… And it does not rely on the other device being available.
That said… You could use ssh for you solution with sms.
How could this be done in ROS?
This is old question, but just wandering if you ever found out a solution?
I was thinking about exactly the same scenario. In my case I have one LTE MT in my network along with multiple other ones. I would like to take advantage of LTE and be able to send speciffic SMS notifications from any other MT and use this one as sort of a gateway.
I haven’t played with the json web api yet, But presumably that can somehow trigger a script to run on the lte device, fetch from the fiber device can easily post a json string to the lte device to push a status, presuming there’s a useful endpoint for launching scripts available…
Hello, I am in the same situation.
I want to take advantage of the LTE device to be able to send SMS from other computers within my LAN.
In this case I want to send sms from the RB4011 using the “usb1” serial port that is on the AP.
Has anyone managed to do it?
How would it be?
By SSH or other means?
BR & tnx.
Well finally, I have done some research and the solution is offered by SSH.
We can execute commands manually by Terminal and with scripts from one MT to another MT by SSH, but to automate the authentication and not have to write it by hand, we do it with RSA type keys.
MT Client (In the diagram it is the RB4011)
We generate the public and private RSA keys which are stored in /files.
/ip ssh export-host-key export-host-key key-file-prefix=admin.
“admin” is the name we give for the “full” user in this example.
We can see that two files have been generated: admin_rsa and admin_rsa.pub.
The “admin_rsa.pub” file must be imported into MT Server (where we want to connect to).
The “admin_rsa” file must be imported in MT Client (System > Users > SSH Private Keys > Import SSH Private Key). Important to select the user who has administrator rights:
/user ssh-keys private import user=admin private-key-file=admin_rsa.
MT Server (hAP ac2 with USB modem)
The file that we have generated in MT Client “admin_rsa.pub” must be imported in MT Server.
First we copy it to /files and then (System > Users > SSH Keys > Import SSH Key) it is important to select the user with administrator rights.
Testing
Once the public key is installed and trusted in MT Server, a PKI SSH session can be created from MT Client:
/system ssh 192.168.88.2
In this case the IP is from MT Server, and we see that it connects correctly without asking us for username and password.
/system ssh 192.168.88.2 "/ip address print"
We get the Server side addressing.
/system ssh 192.168.88.2 "/tool sms send usb1 +34XXXXXXXXXXXXX message="test message""
successfully sends us an SMS
Concluding, we can have the USB modem in a computer and the rest of the devices of the Network can make use of it using connections via SSH authenticated with RSA.
I hope that if someone is in the same situation I can help you.
BR.
Will ssh-exec work?
For example:
The first is to take in the script, for example, the model of the remote device and assign this value to the variable:
:global i ([/system ssh-exec address=192.168.100.10 user=podarok66 command=":put [/system routerboard get model]" as-value ] -> "output")
The second is to create a variable on the remote device, assigning it a value taken from a local variable on your device:
:local y "123"; /system ssh-exec address=192.168.100.10 user=podarok66 command=":global cif $y"
Yes, both examples work correctly.
BR.
I tried everything. I even imported both keys to each of the routers.
Anyway, when trying to connect, it asks you to enter a password from the keyboard
when trying to connect to the terminal, it asks for a password:
/system ssh 192.168.1.2
password:
when trying to take data from the server to a variable, it writes an authorization error:
/:global i ([/system ssh-exec address=192.168.1.2 user=admin command=":put [/system routerboard get model]" as-value ] -> "output")
failure: authentication failure
ROS version 6.46.3 on both routers. What is the problem ?
If it asks you for a password, the RSA keys are not configured correctly.
Follow my previous post where I explain how to do it. See if this drawing helps you (follow the order of entering commands):
Note: Both devices have version 7.6
Sorry if I have not translated well into English
MT Servidor → MT Server
MT Cliente → MT Client
BR.
Thank you very much, I kind of did everything like that. I’ll try again.
I did it again, it works. Moreover, I imported both keys to the client and to the server so that it was possible to enter from either side. It is not clear what the error was. But this time I created both certificates on a different router. It is not clear yet, maybe there is an error in ROS. I’ll test on different routers, let’s see what’s the matter.
OK, great.
Now, on the server side, once you activate the SSH access through RSA Keys, if you want to access also with password manually you must activate the option: “always-allow-password-login: yes” otherwise you may get an error.
/ip ssh set always-allow-password-login=yes
/ip/ssh> print
forwarding-enabled: no
always-allow-password-login: yes
strong-crypto: no
allow-none-crypto: no
host-key-size: 2048
BR.
Now, on the server side, once you activate the SSH access through RSA Keys, if you want to access also with password manually you must activate the option: “always-allow-password-login: yes” otherwise you may get an error.
/ip ssh set always-allow-password-login=no
I thought about it and tried it both on the client side and on the server side - the error persists.
Along the way, I found an error in RouterOS: the system does not correctly transmit lines containing spaces.
For example:
:local y “mather&father”;
[/system ssh-exec address=192.168.1.2 user=admin command=“:global x $y”]
Ok, good.
:local y “mather father”;
[/system ssh-exec address=192.168.1.2 user=admin command=“:global x $y”]
Bug, the variable is not created. Perhaps this can be circumvented by using :parse
You need some escaped quoting here…
Bug??? Or syntax error…
/system ssh-exec address=192.168.1.2 user=admin command=“:global x "$y"”]
You need some escaped quoting here…
Why? The team itself must correctly work out the transmission of spaces. This glitch grew, not my mistake. I’ve been thinking for a long time why if I do:
:local y [/system identity get name]
[/system ssh-exec address=192.168.1.2 user=admin command=“:global x $y”]
everything works correctly, and if I do:
:local y [/system routerboard get model]
[/system ssh-exec address=192.168.1.2 user=admin command=“:global x $y”]
the command is not working. It turned out because the model of my board contains a space.