https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44049#M3627 I have a more complex one, but here is a simple little script.<BR /> <BR /> #!/usr/bin/expect -f<BR /> set f [open "aps"]<BR /> set data [read $f]<BR /> close $f<BR /> <BR /> foreach line [split $data \n] {<BR /> spawn ssh -o "StrictHostKeyChecking no" admin@$line<BR /> expect "password: "<BR /> send "new2day\r"<BR /> expect "\*# "<BR /> send -- "reboot\r"<BR /> send -- "exit\r"<BR /> sleep 30<BR /> expect eof<BR /> }<BR /> <BR /> aps is a file with a list of IP addresses such as<BR /> 10.3.1.1<BR /> 10.3.1.2<BR /> 10.3.1.3<BR /> <BR /> new2day is the default AP password. We have changed ours, but whatever works.<BR /> <BR /> Wed, 11 Nov 2015 04:47:00 GMT Jeremy_Gibbs 2015-11-11T04:47:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44046#M3624 <B><I>How to create a reboot schedule for Extreme Networks Identify AP’s</I></B><BR /> <BR /> <B><I> </I></B><BR /> <BR /> 1. Log into the controller via SSH<BR /> <BR /> <BR /> <BR /> 2. Input the username and password for the controller (same as the web GUI login). Then after login type <B><I>shell</I></B>. Enter the password that you used to log into the controller.<BR /> <BR /> <BR /> <BR /> 3. On the controller, run '<B><I>ssh-keygen</I></B>’ and go through the prompts to create a public (id_rsa.pub) and private (id_rsa) keypair for use with authentication. These get dumped into a .ssh folder in the user's directory (in this case, root, so /root). There's an option to apply a passphrase to the private key, but opted not to do it, as it would have to be put in before connecting (basically, it provides the option to provide a password locally to unlock a key instead of sending a password over the network for authentication)<BR /> <BR /> After running <B><I>ssh-keygen </I></B>you will get a pblic key similar to this. Example:<BR /> <BR /> “<B><I>ssh-rsaAAAAB3NzaC1yc2EAAAABIwAAAQEA+1JVD+Vm7zvTc8A7tfyzoYeUEmurWdizPlMbi6KDxm.gifsW4n/XaDNNnIMXUTdg4qEpXxS/xEyyp02XMN3S7bnC5WvlL8qAZE4derZzoob4o6cwlohah/m2xVxDw5qhHyUKzB4NF8DTLxbCJ9fqHGvxxj/+4hs9+JUDBxYygrG6AKNtEW4KWIGCoyNO2SOtZM1VeXopidwwK6xsN11CNYujeIqOOkmwtYy7Z7evVZ+1hiQIeTedF+Nu330aQedQnH1E8iaip3RRg7Lup1u+I3LfluKC+sb6QzO6dCJ8ITJyYzstkAdERbNK7EwrVB55S5DsjrflRLFt2ZxN66uIJQ== root@EWC.extremenetworks.com</I></B>”<BR /> <BR /> 4. Then you need to create the ssh script<BR /> <BR /> 5. Type <B><I>cd /root </I></B>to change directory to the root folder and then create script. Type <B><I>vi rebootap.sh</I></B><BR /> <BR /> 6. This will place you in the vi console. Now type your script. You need an entry for every AP (ex.)<BR /> <BR /> #!/bin/bash<BR /> <BR /> <BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.2" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.2</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.3" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.3</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.4" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.4</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.5" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.5</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.6" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.6</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.7" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.7</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.8" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.8</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.9" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.9</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@10.10.22.10" target="_blank" rel="nofollow noreferrer noopener">admin@10.10.22.10</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.20" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.20</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.73" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.73</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.25" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.25</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.80" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.80</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.72" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.72</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.23" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.23</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.79" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.79</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.28" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.28</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.82" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.82</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.76" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.76</A> "/sbin/reboot"<BR /> <BR /> ssh <A href="https://mailto:admin@192.168.104.75" target="_blank" rel="nofollow noreferrer noopener">admin@192.168.104.75</A> "/sbin/reboot"<BR /> <BR /> 7. Then hit the <B><I>esc</I></B> button and then type <B><I>ctrl+q</I></B> then <B><I>w</I></B> then <B><I>q</I></B> then <B>!</B> (This will write, save, and quit the file in vi<BR /> <BR /> 8. Now ssh into every AP and paste this command <BR /> <BR /> On each AP, we created a folder .ssh in /root, and created a file inside called 'authorized_keys', in which we put the contents of the controller's id_rsa.pub file. When connecting via SSH, the combo of the controller's private key and public key in the authorized_keys file will complete the authentication without the need for a password.<BR /> <BR /> <BR /> <BR /> One thing to note is that for each device you connect to, if it's the first time, it'll prompt you with a message about the host fingerprint, e.g.:<BR /> <BR /> <BR /> <BR /> The authenticity of host 'my.computer.local (xx.xx.xx.xx)' can't be established.<BR /> <BR /> RSA key fingerprint is 6a??e0??56:f8:0c:04:11:5b:ef:4d:49??09:23.<BR /> <BR /> Are you sure you want to continue connecting (yes/no)?<BR /> <BR /> <BR /> <BR /> When you continue connecting, that key/hostname/ip combo gets put in the controller's 'known_hosts' file, also in the .ssh directory. Subsequent connections verify that the host fingerprint matches (to prevent man-in-the-middle attacks); if the host you're connecting to has had OpenSSH reinstalled (due to format, etc.), the fingerprint will probably change, no longer match, and fail to connect. You would need to edit the 'known_hosts' file and remove the old entry<B><I> </I></B>(This will allow the controller to SSH into the AP without a password)<BR /> <BR /> <BR /> <BR /> To do this, you would take the key that was created in <B><I>ssh-keygen</I></B> and place it into this small script that you can copy and paste after you ssh into the AP.Example:<BR /> <BR /> <BR /> <BR /> <B><I>mkdir .ssh</I></B><BR /> <BR /> <B><I>echo "ssh-rsaAAAAB3NzaC1yc2EAAAABIwAAAQEA+1JVD</I></B><B><I>+Vm7zvTc8A7tfyzoYeUEmurWdizPlMbi6KDxm.gifsW4n/XaDNNnIMXUTdg4qEpXxS/xEyyp02XMN3S7bnC5WvlL8qAZE4derZzoob4o6cwlohah/m2xVxDw5qhHyUKz</I></B><B><I>B4NF8DTLxbCJ9fqHGvxxj/+4hs9+JUDBxYygrG6AKNtEW4KWIGCoyNO2SOtZM1VeXopidwwK6xsN11CNYujeIqOOkmwtYy7Z7evVZ+1hiQIeTedF+Nu330aQedQnH1E8iaip3RRg7Lup1u+I3LfluKC+sb6QzO6dCJ8ITJyYzstkAdERbNK7EwrVB55S5DsjrflRLFt2ZxN66uIJQ== root@EWC.extremenetworks.com" &gt; .ssh/authorized_keys</I></B> <BR /> <BR /> <B><I>exit</I></B><BR /> <BR /> <BR /> <BR /> 9. Now lets create the cronjob on the controller<BR /> <BR /> Type crontab –e “0 1 * * * /root/rebootap.sh”<BR /> <BR /> <BR /> <BR /> This will create the reboot schedule and will reboot the AP’s at 1am every day. The schedule can be edited on an as per needed basis.<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> <BR /> <BR /> Wed, 11 Nov 2015 04:28:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44046#M3624 Joseph_Burnswor 2015-11-11T04:28:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44047#M3625 If you don't want to create ssh-keys, use expect! I have written a script to do this for me as well because I am lazy. Mine staggers the reboots after randomizing the IP addresses, that way I don't take to many APs down in one area at any given time. Wed, 11 Nov 2015 04:32:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44047#M3625 Jeremy_Gibbs 2015-11-11T04:32:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44048#M3626 That is good to know, I'll have to try that <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span><BR /> Wed, 11 Nov 2015 04:36:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44048#M3626 Joseph_Burnswor 2015-11-11T04:36:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44049#M3627 I have a more complex one, but here is a simple little script.<BR /> <BR /> #!/usr/bin/expect -f<BR /> set f [open "aps"]<BR /> set data [read $f]<BR /> close $f<BR /> <BR /> foreach line [split $data \n] {<BR /> spawn ssh -o "StrictHostKeyChecking no" admin@$line<BR /> expect "password: "<BR /> send "new2day\r"<BR /> expect "\*# "<BR /> send -- "reboot\r"<BR /> send -- "exit\r"<BR /> sleep 30<BR /> expect eof<BR /> }<BR /> <BR /> aps is a file with a list of IP addresses such as<BR /> 10.3.1.1<BR /> 10.3.1.2<BR /> 10.3.1.3<BR /> <BR /> new2day is the default AP password. We have changed ours, but whatever works.<BR /> <BR /> Wed, 11 Nov 2015 04:47:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44049#M3627 Jeremy_Gibbs 2015-11-11T04:47:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44050#M3628 That's a lot simpler than mine. I like it<BR /> Wed, 11 Nov 2015 04:55:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44050#M3628 Joseph_Burnswor 2015-11-11T04:55:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44051#M3629 Also as of 9.21.xx code.... <A href="https://gtacknowledge.extremenetworks.com/articles/Q_A/On-the-IdentiFi-Appliance-can-I-schedule-all-my-access-points-to-reset" target="_blank" rel="nofollow noreferrer noopener">https://gtacknowledge.extremenetworks.com/articles/Q_A/On-the-IdentiFi-Appliance-can-I-schedule-all-...</A> Thu, 12 Nov 2015 00:19:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44051#M3629 Doug 2015-11-12T00:19:00Z https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44052#M3630 Please note, we typically don't suggest access to the ap shell unless it's for debugging reasons. When gaining access to the shell we specifically note at the login prompt: <B>"AP3805e 09.21.04.0007 interactive shell for service personnel only"</B>Scripts accessing the shell or any modifications to an ap via shell would not be supported if any issues arise. <BR /> <BR /> Thu, 12 Nov 2015 19:56:00 GMT https://community.extremenetworks.com/t5/extremewireless-identifi/extreme-ap-reboot-schedule/m-p/44052#M3630 Doug 2015-11-12T19:56:00Z