Thank you. i set it up. But now i got interesting behaviour: if you add a public key accidentally to a private key list, then > when i have active ssh session and I run command /system ssh-exec, even with different user - my session drops immediately > i tried to exec "ssh-exec" via terminal in winbox and it just hangs and do nothing, no output, no log records but what i also noticed: the script fails with default firewall configuration (out of the box) with command /ip/firewall/filter/print it only sends four messages and then fails Received: /ip/firewall/filter/print Flags: X - disabled, I - invalid; D - dynamic 0 D ;;; special dummy rule to show fasttrack counters chain=forward action=passthrough the script output at this moment says status: failed failure: closing connection: 149.154.167.220:443 (5) so line contains something incorrect. Thank you anyway for the telegram script.
HI, I made every step following all the instructions in the video, but whatever be the message setn, the answer is same all time: Received: "Any CLI Command Sent". So, what can I do?
I get the following error: action timed out - try again, if error continues contact MikroTik support and send a supout file (13). Although the router confirms script initiation and returns the received command in Telegram. ROS 7.5
@@RB01-lite My router has full access and I use sme bot for my Netwatch notifications. As I mentioned before the router replies back what command it got from my telegram message, so that's not an internet access issue.
I have the same isus. I executed the script line by line on terminal and i get "failure: authentication failure" at line /system/ssh-exec 0.0.0.0 "interface print". I disabled also the firewall rule action drop ssh without luck. I have enable ssh at services. I disabled user admin and i use another full access user. I also tried 127.0.0.1 and 192.168.10.251(my router ip) but nothing. :( :(. Now I have a suspicion that I need to generate RSA keys. But it should be both public and private on the router, definitely for a new user and with limited read-only access since I only want it for control.
Finally it worked. I created a new user (read_only__user) that initially had full access. I created the RSA keys logged in as the read_only__user and passed the public and private key onto the router again as read_only__user for the read_only__user. I passed both telegram and telestarter as the read_only__user to have rights, i changed the line [:system ssh-exec 0.0.0.0 $command as-value]->"output" to [:system ssh-exec 0.0.0.0 user=read_only_user $command as-value]->"output". I then connected with my regular user and move read_only__user in group read. I also set a firewall rule accept ssh from 127.0.0.1 above of the rules for knocking port to use ssh from 0.0.0.0/0, reboot and OK. You can do the same process for your normal user.
Great job! But here is the question what if me using custom ssh port, but not 22. Is there is way to work around it? I mean do will work? Also invalid value for argument address: failure: dns name exists, but no appropriate record failure: dns name exists, but no appropriate record
Great, but it doesn´t work here. First I get an "authentification error" what I ´ve fixed with the RSA-Key, but now after e.g. a "interface print" command I get an "action timed out - try again, if error continues contact MikroTik support....." 😕
Nice Video!!!! is there a way to manage multiple routers? I have a configuration having my bot and myself on chat groups? and each chat group can have 1 or multiple Mikrotik routers? Maybe specifying the name of the router (that has to be unique) to tell Telegram to which router to talk? or do I need different bots (1 per router?) I use it today to get messages and alerts mostly from Netwatch
You could have multiple routers talking through the same bot. More efficient would be to have only one router running a script and then manage the others through ssh-exec, but you need to write your own script then.
Hi! I've do all steps in order, I have the notification of "Telegram script initiated.", I send a command like : interface print I receive the message "Received: interface print" as expected.... but it "dies" here, the information (i.e. the print of my router's interfaces) never arrives. What may be wrong? FORGET IT! You have subbmited an update of this and using new method (:execute against sss-execute) its working as expected!!!!! 1M 👏👏👏 Thanks to you and your work!!!!!
Please help me I have a same problem … I received Telegram script initiated but whe I send command ie: ip address print I don’t have a result and I received a menu confirmations of the bot
@MikrotikLatvia I see the error in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");' and i got the same when i tried to run such command in the terminal Could you give any advices? RouterOS 7.7
interesting! what about using this on multiple devises? like bot can print a list of devices that is runing script \ you pick one that you need to manage \ than send commands
@@uasrv That means the ':system ssh-exec 0.0.0.0 $command as-value' failed to ssh your own router, this is normal if you have set a password, to fix it please add an RSA key. There are videos on both on how to set up RSA keys and how to do automation with ssh-exec.
@@RB01-lite Same here, also in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");' and i got the same when i tried to run such command in the terminal
i try it now and the scrip going on so I received the telegram script initiated but all the command I typing in my bot Telegram don’t something in my router
I see the error in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");' and i got the same when i tried to run such command in the terminal Could you give any advices? RouterOS 7.7
Authentication Failure - default admin account is removed from system. Setting an rsa keypair is nearly impossible to get working. Modified the script to add my port=xxx and user=myspecialuseraccount then generating a usable RSA keypair has been proving nearly impossible to accomplish.
nice video i really appreciate it but I’m receiving an reply “expected command name (line 13 column 119”) is the as-value how do i fix it please help me
@@mikrotik i try it now and the scrip going on so I received the telegram script initiated but all the command I typing in my bot Telegram don’t something in my router
If it has a webhooks API of sorts, it's very likely to be possible. I have an (albeit more limited) version for Discord that uses the MikroTik APIs (instead of scripting it on the router-side).
Guys, you are awesome, I asked a few weeks ago on forum how to use it, but already setup curl by my own, now I can just receive messages about a few importants ping for me. But what I didn`t find - how to get more system information and add these info in curl (maybe cpu tem, cpu loading, memory used % etc. And one more thing - didn`t get how to execute curl when router was rebooted (I need it because of fucking russians we have problem with electricity periodically), would be great to get this info that router started or rebooted.
Гондон ты поношенный, а скажи пожалуйста: с какой целью ты, плюс/минус/отсос махровый пидорас, вплетаешь политику и националистические нотки в инженерный канал?
If you failed in "failure: closing connection: 0.0.0.0:22 (6)" create user admin with blank password and edit source :local fun ([:system ssh-exec 0.0.0.0 user=admin $command as-value]->"output");
If you get an authentication failure, please set up an RSA key ruclips.net/video/8tt7fSvdFRM/видео.html
Thank you. i set it up.
But now i got interesting behaviour:
if you add a public key accidentally to a private key list, then
> when i have active ssh session and I run command /system ssh-exec, even with different user - my session drops immediately
> i tried to exec "ssh-exec" via terminal in winbox and it just hangs and do nothing, no output, no log records
but what i also noticed: the script fails with default firewall configuration (out of the box)
with command /ip/firewall/filter/print
it only sends four messages and then fails
Received: /ip/firewall/filter/print
Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
the script output at this moment says
status: failed
failure: closing connection: 149.154.167.220:443 (5)
so line contains something incorrect.
Thank you anyway for the telegram script.
thanks it works
@@daviderisi9610 First check if you copied the bot access token and user id correctly and if they are correct, check routing and firewall rules.
Thank you
THANK YOU BEEN WORKING ON THIS
This is one of many things why I love Mikrotik so much.
this is huge! very comprehensive script. didn't know the scripting engine in ROS is THAT mighty
thanks for that anyways.
Great idea and execution - thanks for adding variable support to the ssh-exec function so we can run this in near-realtime 🙂
It's the :execute function that currently does not have the variable output option, but it might get fixed. ssh-exec is just the workaround
Awesome
HI, I made every step following all the instructions in the video, but whatever be the message setn, the answer is same all time: Received: "Any CLI Command Sent". So, what can I do?
im having the same issue did you find an answer ? i get the recieved: but nothing else
I get the following error: action timed out - try again, if error continues contact MikroTik support and send a supout file (13). Although the router confirms script initiation and returns the received command in Telegram. ROS 7.5
First check if you copied the bot access token and user id correctly and if they are correct, check routing and firewall rules.
@@RB01-lite My router has full access and I use sme bot for my Netwatch notifications. As I mentioned before the router replies back what command it got from my telegram message, so that's not an internet access issue.
@@DumitruBodencov Oh, my apologies. Interesting, that needs investigating - it has to be some configuration issue.
I have the same isus. I executed the script line by line on terminal and i get "failure: authentication failure" at line /system/ssh-exec 0.0.0.0 "interface print". I disabled also the firewall rule action drop ssh without luck. I have enable ssh at services. I disabled user admin and i use another full access user. I also tried 127.0.0.1 and 192.168.10.251(my router ip) but nothing. :( :(. Now I have a suspicion that I need to generate RSA keys. But it should be both public and private on the router, definitely for a new user and with limited read-only access since I only want it for control.
Finally it worked. I created a new user (read_only__user) that initially had full access. I created the RSA keys logged in as the read_only__user and passed the public and private key onto the router again as read_only__user for the read_only__user. I passed both telegram and telestarter as the read_only__user to have rights, i changed the line [:system ssh-exec 0.0.0.0 $command as-value]->"output" to [:system ssh-exec 0.0.0.0 user=read_only_user $command as-value]->"output". I then connected with my regular user and move read_only__user in group read. I also set a firewall rule accept ssh from 127.0.0.1 above of the rules for knocking port to use ssh from 0.0.0.0/0, reboot and OK. You can do the same process for your normal user.
Great job!
But here is the question what if me using custom ssh port, but not 22. Is there is way to work around it? I mean do will work?
Also
invalid value for argument address:
failure: dns name exists, but no appropriate record
failure: dns name exists, but no appropriate record
All Working very well! Thanks a lot !
Great, but it doesn´t work here. First I get an "authentification error" what I ´ve fixed with the RSA-Key, but now after e.g. a "interface print" command I get an "action timed out - try again, if error continues contact MikroTik support....." 😕
First check if you copied the bot access token and user id correctly and if they are correct, check routing and firewall rules.
Thank you for new perfect video. Information are more useful, chat with route awesome!
Why you do not used rest api and paste command like uri path?
Nice Video!!!! is there a way to manage multiple routers? I have a configuration having my bot and myself on chat groups? and each chat group can have 1 or multiple Mikrotik routers? Maybe specifying the name of the router (that has to be unique) to tell Telegram to which router to talk? or do I need different bots (1 per router?) I use it today to get messages and alerts mostly from Netwatch
You could have multiple routers talking through the same bot. More efficient would be to have only one router running a script and then manage the others through ssh-exec, but you need to write your own script then.
Please add the possibility for sending to telegram directly, for example, backups.
Hi! I've do all steps in order, I have the notification of "Telegram script initiated.", I send a command like : interface print I receive the message "Received: interface print" as expected.... but it "dies" here, the information (i.e. the print of my router's interfaces) never arrives. What may be wrong?
FORGET IT! You have subbmited an update of this and using new method (:execute against sss-execute) its working as expected!!!!!
1M 👏👏👏 Thanks to you and your work!!!!!
Please help me I have a same problem … I received Telegram script initiated but whe I send command ie: ip address print I don’t have a result and I received a menu confirmations of the bot
having the same issue also any update on this?
Have you tried the updated version of script? It use another method to execute, and it was succesful to me@@marlastephens4965
@MikrotikLatvia
I see the error in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");'
and i got the same when i tried to run such command in the terminal
Could you give any advices?
RouterOS 7.7
YES BEEN LOOKING FOR THIS
Cool feature, I would like to use it too. Are there any known problems with RS 7.11.2? Unfortunately the script crashes after the first request.
interesting! what about using this on multiple devises? like bot can print a list of devices that is runing script \ you pick one that you need to manage \ than send commands
you need a separate backend for that
@@FoxSaneko or script can add FOR cycle with the ID of device, generate a script with for_id and run it at all devices?
I get an error in the terminal:
failure: authentication failure
how to fix?
Where do you get the message?
@@RB01-lite after
Received: interface print
status: finished
downloaded: 0KiBC-z pause]
@@uasrv That means the ':system ssh-exec 0.0.0.0 $command as-value' failed to ssh your own router, this is normal if you have set a password, to fix it please add an RSA key. There are videos on both on how to set up RSA keys and how to do automation with ssh-exec.
@@RB01-lite Same here,
also in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");'
and i got the same when i tried to run such command in the terminal
I guess this is because ssh-exec failed to authenticate...
i try it now and the scrip going on so I received the telegram script initiated but all the command I typing in my bot Telegram don’t something in my router
in script local user ID means which one I have insert in that place
Telegram is very cool Messenger🥳
I see the error in the log "login failure for user admin from 127.0.0.1 via ssh" when script tries to use ':local fun ([:system ssh-exec 0.0.0.0 $command as-value]->"output");'
and i got the same when i tried to run such command in the terminal
Could you give any advices?
RouterOS 7.7
another reason why i could not live without MikroTik :v
does it really need to send every line as a separate message?
Actually, no. You could replace every newline character with %0A and it should work.
😪 i have only "failure: closing connection: 0.0.0.0:22 (6)"
or "failure: authentication failure" when i open ssh to all
Authentication Failure - default admin account is removed from system. Setting an rsa keypair is nearly impossible to get working. Modified the script to add my port=xxx and user=myspecialuseraccount then generating a usable RSA keypair has been proving nearly impossible to accomplish.
am not getting any reply from the mikrotik when i send ip address print
nice video i really appreciate it but I’m receiving an reply
“expected command name (line 13 column 119”) is the as-value
how do i fix it please help me
Make sure you are using the latest routerOS v7 release
@@mikrotik ok thanks i will try it
@@mikrotik i try it now and the scrip going on so I received the telegram script initiated but all the command I typing in my bot Telegram don’t something in my router
I’m receiving an reply
“expected command name (line 1 column 1”
how do i fix it
Hi, how to dhcp lease authorization using telegram? thanks.
My mechanic said something about my chakras being out of alignment...or maybe it was wheels
hi please how to fixe a error failure: authentication failure
Replace the ssh-exec command with the newer 'execute' command. help.mikrotik.com/docs/spaces/ROS/pages/47579229/Scripting#Scripting-Commands
Mikrotik is very impressive
Nice
thank you so much
You're welcome!
Please make video on mikrotik automation with ansible
Is it end-to-end encrypted?
No, data is literally in the URL. Do not exchange sensitive information in this manner.
well done!
Not working Mikrotik OS6?
It's written for RouterOS v7, but you could adapt it yourself!
it's nice ideas
Now it would be very nice to have something like this with Signal
If it has a webhooks API of sorts, it's very likely to be possible.
I have an (albeit more limited) version for Discord that uses the MikroTik APIs (instead of scripting it on the router-side).
its cool
Guys, you are awesome, I asked a few weeks ago on forum how to use it, but already setup curl by my own, now I can just receive messages about a few importants ping for me. But what I didn`t find - how to get more system information and add these info in curl (maybe cpu tem, cpu loading, memory used % etc.
And one more thing - didn`t get how to execute curl when router was rebooted (I need it because of fucking russians we have problem with electricity periodically), would be great to get this info that router started or rebooted.
Гондон ты поношенный, а скажи пожалуйста: с какой целью ты, плюс/минус/отсос махровый пидорас, вплетаешь политику и националистические нотки в инженерный канал?
If you failed in "failure: closing connection: 0.0.0.0:22 (6)"
create user admin with blank password and edit source :local fun ([:system ssh-exec 0.0.0.0 user=admin $command as-value]->"output");
Que locura !!
You forgot to blur chat Id on 9:36, now we know that your account was created approximately in August :)
Thanks for this.
here is the error I keep getting:
status: failed
failure: closing connection: ip;address:443
I have the same issue and i don't know how to fix it
🥰
Looking forward to the Proxmox Video , same topology from this great video : ruclips.net/video/tyjU1vuBhmQ/видео.html
up
nice gimmick
I have problem : proxmox single nic mikrotik , same topology from this great video : ruclips.net/video/tyjU1vuBhmQ/видео.html
thanks
Hi! RSA key gen not working:
[admin@oRouter] /user ssh-keys> private import private-key-file=admin_rsa user=admin
public-key-file:
Script Error: action cancelled
[admin@oRouter] /user ssh-keys>
why?
solved...
unfortunately it give error while I run the telegram src chat code
failure: closing connection: 149.154.167.200:443 (4)
status: failed
failure: closing connection: 139.147.169.50:443 (4)
status: failed
failure: closing connection: 149.154.167.220:443 (4)