Problem executing command via ssh

mgalindez has asked for the wisdom of the Perl Monks concerning the following question:

folks,

I need to execute a program in a remote machine, that takes its input from STDIN.

I created a user in such remote machine, and set my program as the shell for that account (so I don't need to provide shell access).

On my local node, I have this program:

#!/usr/bin/perl

    use IPC::Open3;
    use POSIX;


    $inputfile= $ARGV[0];
    open(FILE, '<', "$ARGV[0]") or die $!;
    $command= "ssh user\@remotehost.com";
    $pid = open3('<&FILE', '>&STDOUT', '>&STDERR', $command);

    $ret=waitpid( $pid, 0 );
[download]

What I expect is that I pass the name of the file as arguments of this program ($ARGV[0]), and the contents of this file is fed as STDIN of the child I've spawn with open3. This should be received as STDIN of my remote program, and the results of the remote program would be printed on STDOUT.

This works well. However, my program only reads the first line, and then terminates.

If I do a manual test, and do ssh user@remotehost.com, and type multiple lines of input, then things work as expected.

Any clues?

Thanks!
-m

Comment on Problem executing command via ssh Download Code

Replies are listed 'Best First'.
Re: Problem executing command via ssh by haukex (Archbishop) on Aug 23, 2019 at 21:05 UTC
If you're on a *NIX system, I would definitely recommend using Net::OpenSSH instead. See its `open2` and `open3` methods.	[reply] [d/l] [select]
Re: Problem executing command via ssh by jcb (Parson) on Aug 23, 2019 at 23:12 UTC
As haukex mentioned, you probably should be using a module for the SSH connection. Two recent questions suggest that `Net::SSH::Perl` might be useful and give both some pitfalls and solutions. Further, the SSH configuration you describe does *not* do what you seem to think that it does — the user account that you have created can get a shell with "`ssh user@remotehost.com /bin/sh`". You need to use the "forced command" option with the public key registered on the remote machine to ensure that that key can only be used to run your program, and you really need to read perlsec if that remote program is written in Perl and make sure that it cannot be abused to gain a shell if you do not want shell access to be available. Lastly, one big difference between running `ssh` on a terminal and on pipes is whether SSH sets up a pty on the remote machine by default. Try "`ssh -tt user@remotehost.com`" instead if you insist on using `IPC::Open3` for this.	[reply] [d/l] [select]
Re^2: Problem executing command via ssh by haukex (Archbishop) on Aug 24, 2019 at 06:53 UTC
Two recent questions suggest that `Net::SSH::Perl` might be useful On Windows maybe, but on *NIX systems, IMHO Net::OpenSSH is really the best, it supports a ton of functionality and builds on the native `ssh`. No messing around with `IPC::Open3` necessary `:-)`	[reply] [d/l] [select]
Re^2: Problem executing command via ssh by mgalindez (Initiate) on Aug 25, 2019 at 13:54 UTC
Doing: ssh user@remotehost.com /bin/sh does not get me /bin/sh, but the default shell for the corresponding user. Am I missing something? Thanks!	[reply]
Re^3: Problem executing command via ssh by jcb (Parson) on Aug 25, 2019 at 23:55 UTC
It is possible that `/bin/sh` may be a special case in newer versions of the SSH server or you have some other configuration acting as a "safety net" in your case. I still would not recommend depending on this; you should be using the "forced command" option on the public key to ensure that it can only be used to run your program and you still need to read perlsec and make sure that your program cannot be exploited into a shell-equivalent if this is an actual security issue.	[reply]


more useful options
	PerlMonks