by sojourner9 (Initiate)
Derp! Thanks! That extra line of "open2socket" was what was what was causing the problems. Don't know how I missed that creeping in there.

As for SSH/830 - It looks like the RFC says it must go into NETCONF subsystem when connected on port 830, but should be allowed access to NETCONF when connected to on other ports. Looks like Cisco's implementation is to have the user connect on port 22 and then call the susbsystem

So, once I got rid of that extra line, it seems to be connecting just fine. I see the banner and logon prompt, and then the remote device's hello message.

I had issues figuring out how to send queries and receive replies using open2socket, but got it to work using open_ex. Here's what I currently have:

#!/usr/bin/perl ## CALL MODULES use strict; use warnings; use Net::OpenSSH; ## SET VARIABLES my $host = 'host'; my $user = 'user'; my $pass = 'pass'; my ($ssh, $out, $in, $pid); my ($message); ## OPEN THE SSH SESSION $ssh = Net::OpenSSH->new($host, user=>$user, password=>$pass); $ssh->error and die "unable to connect to remote host: " . $ssh->error +; ($out, $in, undef, $pid) = $ssh->open_ex( { stdin_pipe=>1, stdout_pipe +=>1, ssh_opts=>'-s'},'xmlagent' ) or die "open_ex failed: " . $ssh->e +rror; ## SEND THE CLIENT HELLO $message = qq~ <?xml version="1.0"?> <nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"> <nc:capabilities> <nc:capability>urn:ietf:params:xml:ns:netconf:base:1.0 +</nc:capability> </nc:capabilities> </nc:hello> ]]>]]>~; print $out $message; ## SEND THE QUERY FOR THE ARP TABLE $message = qq~ <?xml version="1.0" encoding="UTF-8"?> <nf:rpc message-id="1" xmlns="" xmlns +:nf="urn:ietf:params:xml:ns:netconf:base:1.0"> <nf:get> <nf:filter type="subtree"> <show> <ip> <arp/> </ip> </show> </nf:filter> </nf:get> </nf:rpc> ]]>]]>~; print $out $message; ## PRINT THE RESULTS while (<$in>) { print; last if $_ =~ m/\/nf:rpc-reply/; }; waitpid($pid, 0); exit;

And, here's a snippet of the results

<ROW_adj> <intf-out>Vlan852</intf-out> <ip-addr-out></ip-addr-out> <time-stamp>00:00:50</time-stamp> <mac>0050.56ab.2d52</mac> </ROW_adj> </TABLE_adj> </ROW_vrf> </TABLE_vrf> </__readonly__> </__XML__OPT_Cmd_arp_show_adj_cmd___readonly__> </__XML__OPT_Cmd_arp_show_adj_cmd_ip-address> </arp> </ip> </show> </nf:data> </nf:rpc-reply>

My main problem right now is that I expected the "last" statement of the while loop to find the last line ("/nf:rpc-reply") of the switch's reply and move on to whatever we wanted to do next (In this case, close everything down). But, instead it seems to hang there, so I must still be missing something).

And, would open2socket be better than open_ex? And if so, can you show a sample of how to print to and read from it? I tried a couple different ways, but wasn't getting it

Re^5: SSH to remote subsystem (Net::OpenSSH?)
by salva (Abbot) on Mar 20, 2013 at 15:24 UTC
    You have to close the input and output pipes before calling waitpid:
    ... close $in; close $out; waitpid($pid, 0);

      That got it! Thanks!

      It's working perfectly now using the large block of code posted above with the addition of those two closes.

      The rest of this will just be the grunt work of turning the replies into useable formats for other tools.


        I'm using your code snippet to talk to a NETCONF Agent. The problem I'm having is that the response is only showing the hello response, nothing else. For my second query I have sent a get-config and can see that processed on the Agent and a log entry confirming that it sent the response.

        Would it be possible for you to append your mainline is case something has got missed?

        Below is the merged content from the thread above that I'm using.

        ... ## PRINT THE RESULTS while (<$in>) { print; last if $_ =~ m/\/nf:rpc-reply/; }; close $in; close $out; waitpid($pid, 0); exit;

