Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Net::SSH::Perl failback connection

by tweetiepooh (Friar)
on Nov 09, 2010 at 17:12 UTC ( #870358=perlquestion: print w/ replies, xml ) Need Help??
tweetiepooh has asked for the wisdom of the Perl Monks concerning the following question:

I'm trying to write a fairly simple script that will ssh to a remote host, run a command and capture the output. Now the basics are fairly easy but what I need a little help with is the connection phase.

The plan for connection is

    1) Use ssh keys in memory (ssh-agent)
    2) Use my account with known password
    3) Use known local account with known password.
    4) Use root with my keys
    5) Use root with known password from a list
    6) Give up and report error.
The idea is that it will use the first connection it can make.

Now I can trap the $ssh->login with eval{} and that's fine.

Question : how do I chain eval's or whatever mechanism to accomplish this without the program falling over.

use Net::SSH::Perl; while (my $server = <read from file>) { chomp $server; print $server; my $ssh = SSHConnect($server); ... } sub SSHConnect { my $server = shift; my $ssh = Net::SSH::Perl->new($server,protocol=>'2,1'); eval { $ssh->login(); }; if ($@) { warn "Some error message about $server"; }; return $ssh; }

Comment on Net::SSH::Perl failback connection
Download Code
Re: Net::SSH::Perl failback connection
by aquarium (Curate) on Nov 09, 2010 at 21:51 UTC
    haven't used the ssh perl module myself, but i would avoid having to in the first place if possible, by having the script/command on the other side provide output via http, e.g. a CGI wrapper. then you avoid such nasty business as having root password in a script, which i wouldn't allow on any system i work on.
    the hardest line to type correctly is: stty erase ^H

      There are too many of them and some are running apps that the vendor would stop supporting if we installed anything additional (telecoms) even Perl modules.

      Also time constraints and since at this time all I need to do is run a "ps -ef" on each box and process the output having a smart agent is overkill. It maybe something to think about at a future point.

Re: Net::SSH::Perl failback connection
by tweetiepooh (Friar) on Nov 10, 2010 at 10:44 UTC
    I have worked a solution. It's not very good in that it stores passwords in the clear in the program and it may have other issues but it does seem to work.
    #!/usr/bin/perl -w use strict; use Net::SSH::Perl; my @logins = ( [undef,undef], ["myname","mypass"], ["local","localpw"], ["root",undef], ["root","pass1"], ["root","pass2"], ... ["root","passn] ); my $ssh; <open file with server list> while (my $server = <read from file>) { chomp $server; print $server; if (SSHConnect($server)) { <do some work> } } sub SSHConnect { my $server = shift; my $return = 0; $ssh = Net::SSH::Perl->new($server,protocol=>'2,1'); foreach (@logins) { my ($u,$p) = @{$_}; eval { $ssh->login(); }; if (!$@) { $return = 1; last; }; return $return; }
    A better solution may be to put login credentials into the server list (and encrypt this) but at this time I don't know what will work for each server and things can change.

      Use public keys instead of passwords. Use sudo instead of logging in directly as root. In a next step, forbid root logins and password authentication in sshd_config.

      Alexander

      --
      Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://870358]
Approved by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (9)
As of 2014-10-25 15:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (145 votes), past polls