LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-22-2010, 02:14 PM   #1
linuxunix
Member
 
Registered: Mar 2010
Location: California
Distribution: Slackware
Posts: 235

Rep: Reputation: 18
Need Help with Shell script???


Hello Guys,

I have been searching for a shell script which does login to remote server without DSA Key authentication. All I was following http://bash.cyberciti.biz/security/e...-login-script/ and just ran the script it threw errors.
To troubleshoot I explored more with the forums and found that perl-expect has to be installed.
I downloaded few packages ( as yum went unconfigured):
Code:
perl-Expect-1.21-2.fc11.noarch.rpm
perl-Expect-Simple-0.04-2.fc11.noarch.rpm
perl-IO-Tty-1.08-1.fc11.i586.rpm

[root@server ~]# rpm -ivh perl-IO-Tty-1.08-1.fc11.i586.rpm
warning: perl-IO-Tty-1.08-1.fc11.i586.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
   1:perl-IO-Tty            ########################################### [100%]
[root@server ~]# wget http://rpm.pbone.net/index.php3/stat/4/idpl/13153253/dir/fedora_11/com/perl-IO-Tty-1.08-1.fc11.i586.rpm.html
--2010-05-16 08:06:13--  http://rpm.pbone.net/index.php3/stat/4/idpl/13153253/dir/fedora_11/com/perl-IO-Tty-1.08-1.fc11.i586.rpm.html
Resolving rpm.pbone.net... 85.14.85.4
Connecting to rpm.pbone.net|85.14.85.4|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: `perl-IO-Tty-1.08-1.fc11.i586.rpm.html'

    [    <=>                                ] 18,492      15.0K/s   in 1.2s

2010-05-16 08:06:15 (15.0 KB/s) - `perl-IO-Tty-1.08-1.fc11.i586.rpm.html' saved [18492]

[root@server ~]# ^C
[root@server ~]# rpm -ivh perl-Expect-1.21-2.fc11.noarch.rpm                    warning: perl-Expect-1.21-2.fc11.noarch.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
   1:perl-Expect            ########################################### [100%]
[root@server ~]# rpm -ivh perl-Expect-Simple-0.04-2.fc11.noarch.rpm
warning: perl-Expect-Simple-0.04-2.fc11.noarch.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
   1:perl-Expect-Simple     ########################################### [100%]
[root@server ~]# ex
After installing I tried running the script:

[root@server ~]# sh script.sh
script.sh: line 25: spawn: command not found
script.sh: line 26: match_max: command not found
script.sh: line 28: expect: command not found
script.sh: line 30: send: command not found
script.sh: line 32: send: command not found
script.sh: line 33: expect: command not found
[root@server ~]#


Any idea if anything missing still to install / configure.

Last edited by linuxunix; 05-22-2010 at 02:15 PM.
 
Old 05-22-2010, 02:17 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
running an expect script through sh instead of expect is not exactly a good start. It's not a shell script, why have you called it script.sh? not that it matters really. just make it executable and run it directly and in line with the shebang at the start, it'll run it with expect. It also clearly doesn't need perl-Expect at all. Just the real Expect.
 
Old 05-22-2010, 02:19 PM   #3
linuxunix
Member
 
Registered: Mar 2010
Location: California
Distribution: Slackware
Posts: 235

Original Poster
Rep: Reputation: 18
[root@server ~]# whereis expect
expect:
[root@server ~]# whereis spawn
spawn:


No expect command even after installing Perl-Expect package.
Because of this, its not capable in running.
pls suggest.
 
Old 05-22-2010, 03:16 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
as above, you don't want perl-expect, which is an internal perl library replicating expect. You want expect, which is expect. spawn is not a command, it's code in an expect script, which is what you're looking at. Install expect.
 
Old 05-22-2010, 11:18 PM   #5
linuxunix
Member
 
Registered: Mar 2010
Location: California
Distribution: Slackware
Posts: 235

Original Poster
Rep: Reputation: 18
I need some help understanding the script:

Code:
#!/usr/bin/expect -f
# Expect script to supply root/admin password for remote ssh server
# and execute command.
# This script needs three argument to(s) connect to remote server:
# password = Password of remote UNIX server, for root user.
# ipaddr = IP Addreess of remote UNIX server, no hostname
# scriptname = Path to remote script which will execute on remote server
# For example:
#  ./sshlogin.exp password 192.168.1.11 who
# ------------------------------------------------------------------------
# Copyright (c) 2004 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------
# set Variables
set password [lrange $argv 0 0]
set ipaddr [lrange $argv 1 1]
set scriptname [lrange $argv 2 2]
set arg1 [lrange $argv 3 3]
set timeout -1
# now connect to remote UNIX box (ipaddr) with given script to execute
spawn ssh root@$ipaddr $scriptname $arg1
match_max 100000
# Look for passwod prompt
expect "*?assword:*"
# Send password aka $password
send -- "$password\r"
# send blank line (\r) to make sure we get back to gui
send -- "\r"
expect eof
Saved it as sshlogin.exp.

I installed expect RPM and it went successful.

When I run :
Code:
[root@server ~]# ./sshlogin.exp c0mp&t@# 192.168.254.129 who
spawn ssh root@192.168.254.129 who
The authenticity of host '192.168.254.129 (192.168.254.129)' can't be established.
RSA key fingerprint is 00:42:bc:52:19:41:b4:fa:d6:1f:6a:db:0f:de:9c:fe.
Are you sure you want to continue connecting (yes/no)? yes

^C[root@server ~]# ls
Why is it asking for password?

I am trying to ssh to my local machine for a trial.
Isnt possible?

Last edited by linuxunix; 05-23-2010 at 12:05 AM.
 
Old 05-23-2010, 04:01 AM   #6
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,260

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
With ssh you either login using an auth key or a passwd. Using 'expect' you can put the passwd in the expect script, thus making it unnecessary to manually enter the passwd from then on.
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
A 3rd option is ssh-agent; basically you start the ssh-agent session, give it the passwd when reqd and any ssh cmds run from within that session can obtain the passwd on demand.
 
Old 05-23-2010, 04:55 AM   #7
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,059

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
Quote:
Originally Posted by chrism01 View Post
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
True enough; you can make it into a slightly less bad idea by compiling the script, and preventing anyone other than root from reading the script, but you've still only made it a slightly less bad idea.
 
Old 05-23-2010, 04:17 PM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Why is it asking for the password? It's *NOT* asking for the password is it... where's the password prompt? There isn't one, that's a rmeote host key check, which is totally different. If it's getting stuck there, just manually ssh to localhost first, then run it again and it'll already know the key so won't ask again.

ssh scripts are somtimes unavoidable, but sshing as root should never be, don't ssh as root. that shouldn't even be possible on a properly managed system.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Executing a Shell script with 654 permissions inside another shell script. changusee2k Linux - Newbie 2 06-07-2011 08:58 PM
pass variable from one shell script into another shell script xskycamefalling Programming 9 10-03-2009 02:45 AM
help with execute mulitple shell script within shell script ufmale Programming 6 09-13-2008 01:21 AM
shell script problem, want to use shell script auto update IP~! singying304 Programming 4 11-29-2005 06:32 PM


All times are GMT -5. The time now is 08:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration