Linux scripts connection to SSH sessions

Hi all,

What would people suggest for writing scripts on linux that call SSH session on remote servers?

In windows I use VBscript with SecureCRT, or C++, but i need to migrate to linux

I have done a bit of

Perl, PHP and bash, and have been looking and seen things like NET::SSH for perl and PHP:SSH

All I need it to be able to log in with userame/password, send commands and read the response. Mostly the devices will be cisco devices.

Any things i should watch out for or comments before I dive head first in to the wrong solution would be nice.

Cheers

Aaron

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

nhpr

Standard shell scripts (BASH scripts), Perl, and even Python are all a-ok for that purpose. Something like:

OUTPUT=$(ssh user@host command_here) in BASH or
my $output = `ssh user@host command_here`; for Perl

puts the output from the other machine into the output variable. If you don't have SSH keys set up and you need to log in, you may need to use expect scripts to input the passwords for you automatically.

paul78

If you decide on python, you may want to check out the paramiko module - paramiko: ssh2 protocol for python I've never used the module but I've read good things about it.

onesaint

For PHP look here:
SSH & Cisco IOS

With Bash, I use a command like this for most quick remote tasks, but those are on full Linux builds and not IOS.

$ ssh username@127.0.0.1 exec hostname
or
$ ssh username@127.0.0.1 exec hostname;date

I don't have any Cisco gear in the office anymore so no way to test this out. The "exec" will exit the ssh process after executing it's command(s).

varelg

Perhaps the Expect tool can easily do that job. Not only simple login, but you can script your response based on what the remote machine answers back upon login.
You would have to learn a bit of TCL, but it is a small tradeoff...

pram

No need to learn TCL, just use autoexpect:

autoexpect(1) - Linux man page

DevilWAH

varelg wrote: »

Perhaps the Expect tool can easily do that job. Not only simple login, but you can script your response based on what the remote machine answers back upon login.
You would have to learn a bit of TCL, but it is a small tradeoff...

Would not be a bad Idea to lean some TCL anyway, especially as I know Cisco implemented it on some of there routers. Had not even considered this aproach but will be deffetnyl having a look at it.

And think autoexpect might be a good way to get example scripts to work with

cheers guys

varelg

If you do go on to learn TCL, you'll find it very easy to pick up on the essentials quickly, personally I like its syntax and certain built-ins that come particularly usefull. As per Expect approach, maybe right now it is an overkill, but down the road that knowledge can come very usefull, like when you are required to automate login of hundreds of users...

varelg

pram wrote: »

No need to learn TCL, just use autoexpect:

autoexpect(1) - Linux man page

Great link! This can really be a relief in certain scenarios...

onesaint

Forsaken_ga does work with expect if I'm not mistaken. You might pm him if you have a specific question.

DevilWAH

Looking at expect examples it seems quite like the interface to secureCRT scripting in logic.

where you have

crt.send.string "abc"

crt.waitfor.string ">"

or if you want multiply return + a time out

result = crt.waitfor.strings "table","chair",3

if result = 1
...
else if result = 2
.....
else
.....
endif

I defiantly think I should learn TCL, looks like it could be very usefull for management tasks.

DevilWAH

Hi,

well seeing as i have been playing with this I thought I would post a code snip-it, as I see now why people like TCL and expect so much. and this might help others that want to play.

this code will take 2 arguments, the first the host name and the second the password, (in my case all devices have same user name so I have this hard coded.

once saved (as expect.ep and made executable it can be used with the following command

./expect.ep 123.123.123.123 mickymouse

#!/usr/bin/expect -f



set host [lindex $argv 0]
set pass [lindex $argv 1]
set timeout 10


spawn ssh manager@$host


expect {


"(yes/no)? " { 
        send "yes\n"
         expect "assword:" {
		 send "$pass\n"
		 }
		 }
"assword: " { 
        send "$pass\n" 
            }
}


# swap this for what ever you expect for prompt ( here it is 3com)
expect "*>*"
# put the command here
send  "backup fabric current-configuration to xxx.xxx.xxx.xxx name.cfg\n"
expect "*>*"
send "q\n"


close $spawn_id

the next step is evolve the script to take three arguments

host name
password
reference to file containing multiply commands

But cheers guys for the pointer to expect was exactly what i needed and I can see me using this a lot!