Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options

Net::SSH::Perl - stops script execution on authentication failure

by GA_L (Initiate)
on Apr 23, 2010 at 13:02 UTC ( #836517=perlquestion: print w/replies, xml ) Need Help??
GA_L has asked for the wisdom of the Perl Monks concerning the following question:

Hi Perl Monk, this is my very first post here, so hi everybody!

I am currently writing a script that is connecting to all our Linux servers and gets information such as Network configuration, OS type, architecture, running services and so on...

We are getting the server IP from a database where ALL our equipment is listed - which includes appliances/switches/router, therefore without the correct credentials. Note that before trying to authenticate against any equipment, I am checking if the remote server has port 22 opened.

The problem I am seeing is that when the code (CF below) is failing to authenticate against an equipment, the scripts exits.

I have surrounded the connection to the server with an "eval" statement which I thought would have prevented the script from exiting and instead, display the error but it is just failing with the following error message:

Received disconnect message: Too many authentication failures for abc at /usr/local/lib/perl5/site_perl/5.10.0/Net/SSH/Perl/ line + 143

I have tried and used and surrounded the connection statement with a "try/catch/finally" statement but the result was the same ...

Here is the code I am running to connect to the remote SSH server:

sub connectToServer{ my $username = "abc"; my $serverName = $_[0]; chomp($serverName); my $ssh; eval { $ssh = Net::SSH::Perl->new($serverName) or die "Unable to connect"; }; if ($@){ warn "Connection failed: $@\n"; return "Problem to connect"; }else{ $ssh->login($username); return $ssh; } }

Does anyone has any experience with this Perl module (Net::SSH::Perl) and could give me some help with this issue?

Thanks a lot in advance :)

Cheers Gael

Replies are listed 'Best First'.
Re: Net::SSH::Perl - stops script execution on authentication failure
by choroba (Bishop) on Apr 23, 2010 at 13:14 UTC
    I am not really familiar with the module, but you might try to eval the login line as well.
Re: Net::SSH::Perl - stops script execution on authentication failure
by sierpinski (Chaplain) on Apr 23, 2010 at 16:23 UTC
    I haven't used Net::SSH::Perl, but I have used Net::SSH::Expect to do basically the same thing. Connecting to a bunch of servers to check for failures and do basic configuration management reporting.
    Here is a chunk of the code, hope it helps.
    my $ssh = Net::SSH::Expect->new ( host => "$serverlist[$host]", user => "$user", raw_pty => 1, restart_timeout_upon_receive => 1, timeout => 6, ssh_option => " -x", ); # Validate that we have a successful ssh connection $login_output = $ssh->run_ssh() or die "Couldn't start ssh pro +cess, error $!\n"; sleep(1); my $ret; my $rc1 = eval{$ret = $ssh->read_all(12);}; unless($rc1) { open(NOCON,">>$NOCONNECT"); print NOCON "$serverlist[$host] - Could not connect -- + skipping.\n"; close(NOCON); $pm->finish(0); # Couldn't connect to this one, skip +to next server in main loop } my $rc = eval{( $ret =~ />\s*|$\s*\z/) or die "where's the rem +ote prompt?";}; if($rc) { if($ret =~ m/[Pp]assword:/) { # print("Server asking for password, key not ins +talled.\n"); open(NOCON,">>$NOCONNECT"); print NOCON "$serverlist[$host] - Asking for p +assword -- skipping.\n"; close(NOCON); $pm->finish(0); # Couldn't connect to this +one, skip to next server in main loop } } $ssh->exec("stty raw -echo"); # Start issuing the commands to check
    Also note that I have pm->finish, which is part of Parallel::ForkManager, which allows me to connect to "n" servers at once, and not have to do them in sequence. If you have a lot of servers to check, I'd recommend at least looking into that.

    Hope that helps.
      Hi guys,

      Thanks a lot for your replies! This is much appreciate!

      I tried the "eval" on the login() and it works fine, it spits an error saying "authentication failure" but it continues to execute which was what I wanted.

      Thanks for the equivalent with expect this is really interesting to see another approach. And yes, I have quite a lot of servers to proceed so I will have a look at the module you suggested.

      Have all a nice WE now :) cheers Gael
Re: Net::SSH::Perl - stops script execution on authentication failure
by Khen1950fx (Canon) on Apr 23, 2010 at 22:58 UTC
    Net::SSH::Perl won't work the way that you're doing it. Just keep it simple:
    #!/usr/bin/perl use strict; use warnings; use Net::SSH::Perl; connectToServer(); sub connectToServer { my $host = 'localhost'; my $username = 'user'; my $password = 'password'; my $cmd = 'chkconfig --list'; my $ssh = Net::SSH::Perl->new( $host, protocol => '2,1', debug => 1, ); $ssh->login( $username, $password ); my ( $stdout, $stderr, $exit ) = $ssh->cmd($cmd); print $stdout, "\n"; }
Re: Net::SSH::Perl - stops script execution on authentication failure
by salva (Abbot) on Apr 24, 2010 at 07:06 UTC
    Do you know about Net::OpenSSH::Parallel?

    You can feed it with the full list of servers and the operations to perform and let it take care of everything:

    use Net::OpenSSH::Parallel; my $pssh = Net::OpenSSH::Parallel->new; for my $server (@servers) { $pssh->add_host($server, timeout => 10, passwd => $passwd); } $pssh->push('*', cmd => {stdout_file => "/tmp/uname-%HOST%"}, 'uname') +; $pssh->push('*', cmd => {stdout_file => "/tmp/dmesg-%HOST%"}, 'dmesg') +; ... $pssh->run;
      Thanks for your help!
      I will eventually have a look at the Net::OpenSSH::Parallel as it looks promising!
      Have all a nice day!

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://836517]
Approved by moritz
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (4)
As of 2018-02-22 23:28 GMT
Find Nodes?
    Voting Booth?
    When it is dark outside I am happiest to see ...

    Results (300 votes). Check out past polls.