Re: [Ssh-sftp-perl-users] Extraneous Output possibly causing problem in mod_perl environment

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Turns out that Net::SSH::Perl was looking for my .ssh directory in /.  Couldn’t figure out how to change that expectation.  So after looking at Perl/Util/Hosts.pm, I guessed that it was not getting the correct home directory.  Setting $ENV{HOME} right before creation of the Net::SSH::Perl object fixed that.  I’d still like to disable the “data is” junk from my logs though, any clues?

On 3/6/08 6:08 PM, "tbruner" <tb...@sa...> wrote:

Hello:

I have written a perl program that ssh’s to another system, executes a command and uses the output that is returned.  It is failing in my Apache mod_perl environment.  (See log below)

(Net-SSH-Perl 1.30, Perl 5.8.5, talking to a F-Secure SSH 3.2.3 (build 14) on sparc-sun-solaris2.9)

On STDERR, I’m getting hundreds of “data is ‘??w?f0Z'” type messages.

When run from the command line, $stdout will contain the expected output, however, I need to run this in a mod_perl apache environment.  My module that contains this snippet fails, possibly due to these “data is” messages.  Here’s the apache error log:

[Thu Mar  6 16:48:26 2008] [debug] ssh before eval
data is 's?7?j?'
data is '?[#?S"g8'
data is '???v??|'
data is '"?b???'
data is 'mV?    ?e?'
data is 'xH?Jk'
data is '?????'
data is '&?Aki?\'
data is '??(????'
data is '??A??'
data is ',?MI\
ata is '?z???N`S'
data is 'E?>䎳??'
data is '???N???'
data is 'r²v;FÌ[þ'
[Thu Mar  6 16:49:04 2008] [debug] Login failed: switchwi @ host123

Here’s the program snippet:

my $ssh     = Net::SSH::Perl->new(
    $host,
    protocol  => 2,
    cipher      => "3des-cbc",
    debug       => 1,
    options     => [
        "PasswordAuthentication yes",
        "IdentityFile /opt/httpd/.ssh2/id_dsa",
        "UserKnownHostsFile /opt/httpd/.ssh2/knownhosts2",
    ]);
$self->print(“ssh before eval”);
eval {
    $ssh->login($user, $pass) or die "Could not login to $host !";
    $self->log(“Login Failed: $user @ $host”);
};
if ($@) {
    print "Could not login to $host!!\n";
}

my ($stdout,$stderr,$exit) = $ssh->cmd($cmd);
print "stdout = $stdout\n";
if ($exit ne 0) {
    print "CMD failed. $user @ $host : $stderr ; $stdout\n";
}

Here’s the Command Line debug ouput:

webhost: Reading configuration data /home/tbruner/.ssh/config
webhost: Reading configuration data /etc/ssh_config
webhost: Connecting to host123, port 22.
webhost: Remote version string: SSH-2.0-3.2.9 F-SECURE SSH 3.2.3 SNL2-1^M

webhost: Remote protocol version 2.0, remote software version 3.2.9 F-SECURE SSH 3.2.3 SNL2-1^M
webhost: Net::SSH::Perl Version 1.30, protocol version 2.0.
webhost: No compat match: 3.2.9 F-SECURE SSH 3.2.3 SNL2-1^M.
webhost: Connection established.
webhost: Sent key-exchange init (KEXINIT), wait response.
webhost: Algorithms, c->s: 3des-cbc hmac-sha1 none
webhost: Algorithms, s->c: 3des-cbc hmac-sha1 none
webhost: Entering Diffie-Hellman Group 1 key exchange.
webhost: Sent DH public key, waiting for reply.
webhost: Received host key, type 'ssh-dss'.
webhost: Host 'host123' is known and matches the host key.
webhost: Computing shared secret key.
webhost: Verifying server signature.
webhost: Waiting for NEWKEYS message.
webhost: Enabling incoming encryption/MAC/compression.
webhost: Send NEWKEYS, enable outgoing encryption/MAC/compression.
webhost: Sending request for user-authentication service.
data is 'I^îòÏ'(s'
... this repeats a lot...
webhost: Service accepted: ssh-userauth.
webhost: Trying empty user-authentication request.
data is '^[^NÖ À}Oã'
... more data is lines ....
webhost: Authentication methods that can continue: gssapi,gssapi-with-mic,ker...@ss...,ker...@ss...,password.
webhost: Next method to try is password.
webhost: Trying password authentication.
data is '®bx"^P^V*~'
... more data is lines ...
webhost: Login completed, opening dummy shell channel.
webhost: channel 0: new [client-session]
webhost: Requesting channel_open for channel 0.
data is '^?Í^BT$0z'
... more ...
webhost: channel 0: open confirm rwindow 100000 rmax 16384
webhost: Got channel open confirmation, requesting shell.
webhost: Requesting service shell on channel 0.
data is '©ß¼ú<82>ÿ²<93>'
...
webhost: channel 1: new [client-session]
webhost: Requesting channel_open for channel 1.
...
webhost: Sending command: /opt/foo/bar/bin/giit.pl -n zzz123 -x
webhost: Requesting service exec on channel 1.
... even more data lines ...
webhost: input_channel_request: rtype exit-status reply 0
data is 's~
^,Õ<93>{'
data is '^C¹%Øô%÷<95>'
data is 'L^T<8e>£BløS'
data is '<9f>^XÓ^P<9c>^H<9e><9b>'
webhost: channel 1: rcvd close
webhost: channel 1: output open -> drain
webhost: channel 1: input open -> closed
webhost: channel 1: close_read
webhost: channel 1: obuf empty
webhost: channel 1: output drain -> closed
webhost: channel 1: close_write
webhost: channel 1: send close
data is 'Úp^Ed-+Â
'
data is 'Y$n^DpMô^]'
data is '<81>^R@Ë^]ç)é'
data is '^Y_ý&brkbar;ß<8c><8f>®'
webhost: channel 1: full closed
stdout = CPP,203938,Unmanaged
Gi3/1,171572,Disabled
...

I have verified that I can ssh from the command line of the webserver to the destination host with the username and password in question.

Any help will be greatly appreciated.

Todd