[Ssh-sftp-perl-users] Trapping password authentication failures before the perl script dies....
Brought to you by:
dbrobins
Menu
▾
▴
[Ssh-sftp-perl-users] Trapping password authentication failures before the perl script dies....
|
From: Watson, B. <Bra...@br...> - 2006-03-03 18:58:33
|
Hi all,
I have written a simple script to ssh to a remote box using
Net::SSH::Perl. It=20
works well enough when I supply the correct user name and password.=20
However, if I supply a bad user name or password, the script dies with
the=20
following error:
Received disconnect message: Too many authentication failures for
bad_user
at /usr/local/lib/perl5/site_perl/5.8.0/Net/SSH/Perl/AuthMgr.pm line
142
This behavior is undesired. I do not want the script to die. I want to
be=20
able to test to see if authorization was successful and handle this
error=20
myself, instead of dying.
I have a long list of devices that I need to run commands on. If the
script
dies in the middle, I lose all info collected thus far as well as info
that
can be retrieved from other devices after the auth failure.
I tried using the register_handler method with no success. Code examples
using this method are hard to find. So I'm not sure if I am doing this
correctly.
Here is a stripped down version of my script:
------------------------------------------------------------------------
--------
#!/usr/bin/perl
use strict;
use Net::SSH::Perl;
use Net::SSH::Perl::Constants qw( :agent );
my ($ip,$user,$passwd) =3D @ARGV;
if (!$passwd) {
print "USAGE: ssh_test_login.pl [device ip] [user] [password]\n";
exit;
}
my $ssh =3D Net::SSH::Perl->new($ip, protocol =3D> 2,
debug =3D> 1,
PreferredAuthentications =3D>
'password',
PasswordAuthentication =3D> 'yes',
PubkeyAuthentication =3D> 'no',
RSAAuthentication =3D> 'no'
);
$ssh->register_handler(
SSH_AGENT_FAILURE,=20
sub {
my($channel, $buffer) =3D @_;
print "I received this: ",
$buffer->bytes;
}
);
print "=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =
login attempt =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n";
$ssh->login($user, $passwd);
print "=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D run =
command =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n";
my ($stdout, $stderr, $exit) =3D $ssh->cmd('ls /tmp');
print "EXIT CODE: $exit\n";
print "STDERR : $stderr\n";
print "STDOUT : $stdout\n";
exit;
------------------------------------------------------------------------
--------
Here is the output from the script:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D
[root@h2o bin]# ./ssh_test_login.pl 10.128.1.165 bad_user bad_passwd
h2o: Reading configuration data /root/.ssh/config
h2o: Reading configuration data /etc/ssh_config
h2o: Allocated local port 1023.
h2o: Connecting to 10.128.1.165, port 22.
h2o: Remote protocol version 1.99, remote software version
OpenSSH_3.4-j2
h2o: Net::SSH::Perl Version 1.29, protocol version 2.0.
h2o: No compat match: OpenSSH_3.4-j2.
h2o: Connection established.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D login =
attempt =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
h2o: Sent key-exchange init (KEXINIT), wait response.
h2o: Algorithms, c->s: 3des-cbc hmac-sha1 none
h2o: Algorithms, s->c: 3des-cbc hmac-sha1 none
h2o: Entering Diffie-Hellman Group 1 key exchange.
h2o: Sent DH public key, waiting for reply.
h2o: Received host key, type 'ssh-dss'.
h2o: Host '10.128.1.165' is known and matches the host key.
h2o: Computing shared secret key.
h2o: Verifying server signature.
h2o: Waiting for NEWKEYS message.
h2o: Enabling incoming encryption/MAC/compression.
h2o: Send NEWKEYS, enable outgoing encryption/MAC/compression.
h2o: Sending request for user-authentication service.
h2o: Service accepted: ssh-userauth.
h2o: Trying empty user-authentication request.
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Publickey: testing agent key '/root/.ssh/autorun/id_dsa'
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Next method to try is password.
h2o: Trying password authentication.
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Publickey: testing agent key '/root/.ssh/autorun/id_dsa'
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Next method to try is password.
h2o: Trying password authentication.
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Publickey: testing agent key '/root/.ssh/autorun/id_dsa'
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Next method to try is password.
h2o: Trying password authentication.
h2o: Authentication methods that can continue:
publickey,password,keyboard-interactive.
h2o: Next method to try is publickey.
h2o: Publickey: testing agent key '/root/.ssh/autorun/id_dsa'
Received disconnect message: Too many authentication failures for
bad_user
at /usr/local/lib/perl5/site_perl/5.8.0/Net/SSH/Perl/AuthMgr.pm line
142
[root@h2o bin]#
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D
On a different issue, you can see from this output that my options to
the=20
Net::SSH:Perl->new method (ie PreferredAuthentications) are being
ignored.=20
Any help is appreciated.
Thanks,
Brad
|
