cancel
Showing results for 
Search instead for 
Did you mean: 

Executing Remote Command on Windows Server via ESM 10.0

Hi guys, I'm trying to figure this out but I haven't found a way yet. How do we run a remote command on a windows box?

My current scenario: ESM 10.0.3 & Windows Server 2016

What I want to do: I have a python script running on the server that will accept input from ESM via remote command (I want to do things like feeding hashes to this script and having the script do stuff with those)

Now, when running remote command you have to tell ESM what "port" you are targeting, I assume this means usually SSH stuff.

1) I installed an SSH server in the windows box called MobaSSH and when running Putty to connect to it it works fine.

2) However, when attempting to do the same from ESM it fails (I tested the connection with a custom "execute remote command" command that simply created a new folder on the windows box).

3) When I ssh into ESM and attempt to ssh from there to the windows box I get an error saying that "No ECDSA host key is known for host [windows box]" which makes sense because ESM doesn't have the public RSA key fingerprint of the Windows Box.

4) The only RSA fingerprints present under /root/.ssh/known_hosts (ESM) are the ones belonging to devices like the ERC and ACE and stuff. I though, can I modify this file and append the key for the windows box? However, I don't know a) if this would break things, b) if there is actually a better method!, c) couldn't find the windows box RSA key anyways

Has anyone attempted this before (hopefully yes) and can someone provide any recommendations?

Regards,

Diego Perez

2 Replies
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Executing Remote Command on Windows Server via ESM 10.0

Hi Diego

 

did you find a solution to this?  I am working on this exact same thing and may have something for you.

I just ran 

ssh -o "stricthostkeychecking no" root@<IP address of the windows box>

and this solved the access problem for me.  I am running commands now without an issue with scripts on my windows 10 system.

McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: Executing Remote Command on Windows Server via ESM 10.0

Hi Diego

 

let me know if you need further help on this.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community