Menu
▾
▴
Re: [Expectperl-discuss] Problem catching the SSH2 prompt using Expect
|
From: <RGi...@a1...> - 2002-05-06 12:27:24
|
> I am using Expect 1.15 on the Perl for Cygwin release 5.6.1-2. I > want to use Expect with SSH2 to automate some commands that I have to do > regularly on remote servers. First of all, please note the following FAQs from Expect: I want to automate password entry for su/ssh/scp/rsh/... You shouldn't use Expect for this. Putting passwords, especially root passwords, into scripts in clear text can mean severe security problems. I strongly recommend using other means. For 'su', consider switching to 'sudo', which gives you root access on a per-command and per-user basis without the need to enter passwords. 'ssh'/'scp' can be set up with RSA authentication without passwords. 'rsh' can use the .rhost mechanism, but I'd strongly suggest to switch to 'ssh'; to mention 'rsh' and 'security' in the same sentence makes an oxymoron. It will work for 'telnet', though, and there are valid uses for it, but you still might want to consider using 'ssh', as keeping cleartext passwords around is very insecure. I want to use Expect to automate [anything with a buzzword]... Are you sure there is no other, easier way? As a rule of thumb, Expect is useful for automating things that expect to talk to a human, where no formal standard applies. For other tasks that do follow a well-defined protocol, there are often better-suited modules that already can handle those protocols. Don't try to do HTTP requests by spawning telnet to port 80, use LWP instead. To automate FTP, take a look at the Net::FTP manpage or "ncftp" (http://www.ncftp.org). You don't use a screwdriver to hammer in your nails either, or do you? > But so far I have not been able to do this properly. I am using F- > Secure SSH for Windows, maybe this causes some trouble? Definitely, you shouldn't mix native Windows applications with Cygwin. Use the 'ssh' from Cygwin instead. > With F-Secure SSH2, I am not > able to give any parameter to the process, and with a sftp2 from > SSH, the password is entered succesfully by the script after catching the > password prompt, but then I can't do anything else, as Expect doesn't seem > to catch the prompt given by sftp2. > > Some other tests seem to show that I have the same problem when > using ftp. Again, always use Cygwin applications. Expect cannot deal with native Windows applications, the underlying model is too different. That's why there is not native Windows version of IO-Tty, which Expect builds upon. I'd recommend you look into RSA authentication without passphrase to automate your remote commands without the need to enter a password. Then you probably don't need Expect, a simple $output = qx(ssh $remote_host $command); or similar system() call should suffice. Expect is very useful if you have to emulate a human at the keyboard, for other tasks it's just overkill. Hope this helps, Roland -- RGi...@cp... |
