[Ssh-sftp-perl-users] Running a Net::SSH::Perl script via a Web server
Brought to you by:
dbrobins
Menu
▾
▴
[Ssh-sftp-perl-users] Running a Net::SSH::Perl script via a Web server
|
From: Thompson, M. <Mar...@uk...> - 2005-08-25 13:41:19
|
Hi,
I've having a problem running a Net::SSH::Perl script via a Web server. I'm
using iPlanet Web Server 4.1 (don't laugh), but the problem also exists in
Apache 1.3.27. Both servers are on a Solaris 8 box. Here's the script I'm
using:
#!/usr/local/bin/perl
use Net::SSH::Perl;
print "Content-type: text/plain\n\n\n";
$i = `id`;
print "id is $i\n";
$ename = "server1";
$elogin = "root";
print "Connecting\n";
$ssh = Net::SSH::Perl->new($ename, debug => 1,protocol => 2, identity_files
=> ["/usr/netscape/.ssh/id_dsa"], options => ["BatchMode yes", "IdentityFile
/usr/netscape/.ssh/id_dsa"]);
print "Logging in\n";
$ssh->login($elogin)";
$tdir = "/tmp";
($res,$err, $exit) = $ssh->cmd("cd $tdir");
if ($exit gt 0) {
print "cd /tmp failed with:\n\n$err\n";
} else {
print "cd worked\n";
}
($res,$err,$exit) = $ssh->cmd("ls");
if ($exit gt 0) {
print "ls failed with:\n\n$err\n";
} else {
print "ls worked\n";
}
($res,$err, $exit) = $ssh->cmd("pwd");
if ($exit gt 0) {
print "pwd failed with:\n\n$err\n";
} else {
print "pwd worked\n";
}
If I run this script as the user netscape from the command line I get:
Content-type: text/plain
id is uid=100(netscape) gid=101(netscape)
pwd is /usr/netscape/server4.1/docs/bussnet/cgi-bin
Connecting
host-not-web01: Reading configuration data /usr/netscape/.ssh/config
host-not-web01: Reading configuration data /etc/ssh_config
host-not-web01: Connecting to server1, port 22.
host-not-web01: Remote protocol version 2.0, remote software version
OpenSSH_3.4p1
host-not-web01: Net::SSH::Perl Version 1.28, protocol version 2.0.
host-not-web01: No compat match: OpenSSH_3.4p1.
host-not-web01: Connection established.
Logging in
host-not-web01: Sent key-exchange init (KEXINIT), wait response.
host-not-web01: Algorithms, c->s: 3des-cbc hmac-sha1 none
host-not-web01: Algorithms, s->c: 3des-cbc hmac-sha1 none
host-not-web01: Entering Diffie-Hellman Group 1 key exchange.
host-not-web01: Sent DH public key, waiting for reply.
host-not-web01: Received host key, type 'ssh-dss'.
host-not-web01: Host 'server1' is known and matches the host key.
host-not-web01: Computing shared secret key.
host-not-web01: Verifying server signature.
host-not-web01: Waiting for NEWKEYS message.
host-not-web01: Enabling incoming encryption/MAC/compression.
host-not-web01: Send NEWKEYS, enable outgoing encryption/MAC/compression.
host-not-web01: Sending request for user-authentication service.
host-not-web01: Service accepted: ssh-userauth.
host-not-web01: Trying empty user-authentication request.
host-not-web01: Authentication methods that can continue:
publickey,password,keyboard-interactive.
host-not-web01: Next method to try is publickey.
host-not-web01: Trying pubkey authentication with key file
'/usr/netscape/.ssh/id_dsa'
host-not-web01: Login completed, opening dummy shell channel.
host-not-web01: channel 0: new [client-session]
host-not-web01: Requesting channel_open for channel 0.
host-not-web01: channel 0: open confirm rwindow 0 rmax 32768
host-not-web01: Got channel open confirmation, requesting shell.
host-not-web01: Requesting service shell on channel 0.
host-not-web01: channel 1: new [client-session]
host-not-web01: Requesting channel_open for channel 1.
host-not-web01: Entering interactive session.
host-not-web01: Sending command: cd /tmp
host-not-web01: Requesting service exec on channel 1.
host-not-web01: channel 1: open confirm rwindow 0 rmax 32768
host-not-web01: input_channel_request: rtype exit-status reply 0
host-not-web01: channel 1: rcvd eof
host-not-web01: channel 1: output open -> drain
host-not-web01: channel 1: rcvd close
host-not-web01: channel 1: input open -> closed
host-not-web01: channel 1: close_read
host-not-web01: channel 1: obuf empty
host-not-web01: channel 1: output drain -> closed
host-not-web01: channel 1: close_write
host-not-web01: channel 1: send close
host-not-web01: channel 1: full closed
cd worked
host-not-web01: channel 2: new [client-session]
host-not-web01: Requesting channel_open for channel 2.
host-not-web01: Entering interactive session.
host-not-web01: Sending command: ls
host-not-web01: Requesting service exec on channel 2.
host-not-web01: channel 2: open confirm rwindow 0 rmax 32768
host-not-web01: channel 2: rcvd eof
host-not-web01: channel 2: output open -> drain
host-not-web01: input_channel_request: rtype exit-status reply 0
host-not-web01: channel 2: rcvd close
host-not-web01: channel 2: input open -> closed
host-not-web01: channel 2: close_read
host-not-web01: channel 2: obuf empty
host-not-web01: channel 2: output drain -> closed
host-not-web01: channel 2: close_write
host-not-web01: channel 2: send close
host-not-web01: channel 2: full closed
ls worked
host-not-web01: channel 3: new [client-session]
host-not-web01: Requesting channel_open for channel 3.
host-not-web01: Entering interactive session.
host-not-web01: Sending command: pwd
host-not-web01: Requesting service exec on channel 3.
host-not-web01: channel 3: open confirm rwindow 0 rmax 32768
host-not-web01: channel 3: rcvd eof
host-not-web01: channel 3: output open -> drain
host-not-web01: input_channel_request: rtype exit-status reply 0
host-not-web01: channel 3: rcvd close
host-not-web01: channel 3: input open -> closed
host-not-web01: channel 3: close_read
host-not-web01: channel 3: obuf empty
host-not-web01: channel 3: output drain -> closed
host-not-web01: channel 3: close_write
host-not-web01: channel 3: send close
host-not-web01: channel 3: full closed
pwd worked
If I run the same script from the web server (by putting it in the cgi-bin
directory), which is running as the netscape user, I get:
host-not-web01: Reading configuration data /.ssh/config
host-not-web01: Reading configuration data /etc/ssh_config
host-not-web01: Connecting to server1, port 22.
host-not-web01: Remote protocol version 2.0, remote software version
OpenSSH_3.4p1
host-not-web01: Net::SSH::Perl Version 1.28, protocol version 2.0.
host-not-web01: No compat match: OpenSSH_3.4p1.
host-not-web01: Connection established.
host-not-web01: Sent key-exchange init (KEXINIT), wait response.
host-not-web01: Algorithms, c->s: 3des-cbc hmac-sha1 none
host-not-web01: Algorithms, s->c: 3des-cbc hmac-sha1 none
host-not-web01: Entering Diffie-Hellman Group 1 key exchange.
host-not-web01: Sent DH public key, waiting for reply.
host-not-web01: Received host key, type 'ssh-dss'.
host-not-web01: Permanently added 'server1' to the list of known hosts.
Can't write to /.ssh/known_hosts2: Permission denied at
/usr/local/lib/perl5/site_perl/5.8.0/Net/SSH/Perl.pm line 380
id is uid=100(netscape) gid=101(netscape)
pwd is /usr/netscape/server4.1/docs/bussnet/cgi-bin
Connecting
Logging in
The problem seems to be that the Net::SSH::Perl thinks it's running as root
and so tries to access the /.ssh/known_hosts2 file.
Does anyone know why this happens?
Regards,
Mark
Find out about The Experian Conference 2005 at www.experian.co.uk/conference2005
==========================================================================
Information in this e-mail and any attachments are confidential, and may not be copied or used by anyone other than the addressee, nor disclosed to any third party without our permission. There is no intention to create any legally binding contract or other binding commitment through the use of this electronic communication unless it is issued in accordance with the Experian Limited standard terms and conditions of purchase or other express written agreement between Experian Limited and the recipient Experian Limited (registration number 653331) Registered office: Talbot House, Talbot Street, Nottingham NG80 1TH
Although Experian has taken reasonable steps to ensure that this communication and any attachments are free from computer virus, you are advised to take your own steps to ensure that they are actually virus free.
|
