Tugger the SLUGger!SLUG Mailing List Archives

[SLUG] Perl/SSH Problem


Hi All,

        Here's a tough one, at least it has been for me! As you can
see, I've almost given up.

Here's the situation: I manage a lot of servers at my work. They are
all *NIX and so I've decided to write a bunch of Perl scripts to
handle a lot of the repetitive tasks I have to do on said servers.

I started using Net::SSH::Perl and that worked great. Turns out some
servers only allow Telnet (no, I'm not root on the servers, only
manage accounts with limited sudo access otherwise I'd kick Telnet out
in favour of SSH) so I turned the structured programs into an OOP one
which worked well. Had SSH and Telnet now working. Here comes the hard
part. I decided it was time to manage some interactive programs on
said servers (say, passwd as an example) and so I started looking into
the Expect module for Perl.

Since Expect needs to either spawn a program or access a FH,
Net::SSH::Perl no longer suited my needs. I started to look into
spawning SSH from Net::Telnet, then using Expect on the Net::Telnet
object.
After looking at the man page for Net::Telnet, I found the SSH
example. I copied and pasted exactly how it is and it was impossible
to get it to work. It would connect to the remote server, but the
program could never get the password prompt. It would see the
permission denied messages, but NOT the password prompt. After some
more reading tonight I discovered that, for security reasons, SSH
writes to the controlling TTY, but with the Net::Telnet SSH example it
should work as it is creating a PTY to do just that.

Anyway, I did some more researching and found this excellent resource:

    http://www.modperl.com/perl_networking/sample/ch6.html

Once again, I copied and pasted the code exactly as it is there, ran
it and same problem. It can't see the password prompt that the SSH
program is sending to the TTY!

I'm pretty damn sure it is the fact that SSH is sending the password
prompt to the TTY and  Perl's PTY is not receiving it. Why? I don't
know !!

BTW, I'm not using SSH keys because of some limitations I have with a
bunch of servers. The safest bet is for the script to send the
password when it is prompted to do so, as this works on all the
servers whereas public keys don't (again, I'm not root on them, so I
can't fix it myself). Besides, it's far more entertaining finding the
solution to the problem I'm having :-)

If anyone has any thoughts, ideas, etc... I'd really appreciate it.

Regards,
Gonzalo