LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 07-19-2008, 04:27 PM   #1
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Rep: Reputation: 30
Exclamation expect return failes


Im running an expect code, trying to do auto ssh-keygen
Heres the script:
Code:
#!/usr/bin/expect -f

set timeout -1
exec ssh-keygen -b 2048 -t rsa
	expect "*?ter file in which to save the key (/root/.ssh/id_rsa): "
	send -- "\r"
	expect "*?ssphrase (empty for no passphrase): "
	send -- "\r"
	expect "*? same passphrase again: "
	send -- "\r"
	expect eof
exit
Problem is that script stops at "file in which to save the key (/root/.ssh/id_rsa): " so either send is not sending or is sending too fast, help me out with this one...

I forgot to mention that I use exec cuz when I use spawn I get an error saying that spawn command is not found!
Thank you

Last edited by Ricio; 07-19-2008 at 04:39 PM. Reason: Forgot to mention spawn!
 
Old 07-19-2008, 05:57 PM   #2
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
Why bother using expect? You can easily do this in a non-interactive way with some extra options:
Code:
ssh-keygen -b 2048 -t rsa -f $HOME/.ssh/id_rsa -N ""
 
Old 07-19-2008, 08:13 PM   #3
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
I also will have to use scp to send the id_rsa.pub to a server with ssh! I suppose I do have to use expect for that right, since ssh does ask for password?
 
Old 07-20-2008, 06:33 AM   #4
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
If you have no ssh keys on the remote machine when you are doing this process, then I suppose you will need to authenticate by password at some point. Having said that, it's generally a really a bad idea to put passwords in cleartext in your expect script. Sometimes though, I accept there are few practical alternatives if you want to automate things. Be careful though! At the very least, make sure the script permissions are such that only root can read the script file.

You should know that scp might prompt you with all sorts of things, not just for the password. For example, the first time you connect you will be asked if you want to add the host fingerprint to your known hosts file.

This might cause expect to get stuck waiting for some output which will never come because scp/ssh is waiting for some response to a question. I am not 100% sure if scp does this sort of prompting. I know for sure ssh does it.

You need to find a list from somewhere which contains all the possible prompts, and then write an expect rule for each one, with an appropriate response. You should also set a timeout on your expect commands in case an unexpected prompt occurs.

Probably the only reliable list would be made by looking in the source for the same version of ssh which you use. You should also explicitly set the locale when calling the program to ensure you don't get translated strings should the environment change.

Lets say there were the following possible prompts (not these are NOT the correct strings/messages):
  • Host unknown with fingerprint ... add? (yes/no)
  • fingerprint incorrect - possible man-in-the-middle attack. continue (yes/no)
  • Password:

Then your script might look like this:
Code:
#!/bin/sh
# start expect from somewhere in the PATH \
exec expect "$0" "$@"

set host whatever
set user someusername
set pass somepassword

spawn "scp /root/.ssh/id_rsa.pub $user@$host /place/to/copy/to"

expect {
"Host unknown with fingerprint" {
  send "yes\n"
  send_user "INFO: added $host to known hosts\n"
  exp_continue
}
"fingerprint incorrect - possible man-in-the-middle attack" {
  send "no\n"
  send_user "ERROR: bad host fingerprint for $host\n"
  exp_continue
}
"Password:" {
  send "$pass\n"
}

...
I can never remember if the end of line character is supposed to be \n or \r. I think ssh likes \n and telnet likes \r, but I might have mis-remembered that, or it may be that there are more cases/conditions to consider.
 
Old 07-20-2008, 07:18 AM   #5
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
Oh by the way, if you want to copy the host keys to a remote system so you can use public key authentication, you can use ssh-copy-id instead of scp. this will put the public key into the authorized_keys file on the remote host, and set the proper permissions on the .ssh directory.
e.g.
Code:
ssh-copy-id -i $HOME/.ssh/id_rsa.pub someuser@somehost
 
Old 07-20-2008, 10:16 AM   #6
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
Thanks matthewg42, you have been an amazing aid, and ill get back posting my results, but the initial problem remains, spawn: command not found!
 
Old 07-20-2008, 10:44 AM   #7
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
What do you get from these commands:
Code:
ls -l /usr/bin/expect
which expect
expect -v
 
Old 07-20-2008, 12:41 PM   #8
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
Respectively, I get:

Code:
-rwxr-xr-x  1 root root 7844 Jul 12  2006 /usr/bin/expect

/usr/bin/expect

expect version 5.43.0
 
Old 07-20-2008, 01:31 PM   #9
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
You should use the "spawn" command, not exec.
 
Old 07-20-2008, 03:19 PM   #10
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
I have tried to run the spawn initializing the script as follows:


Code:
#!/bin/sh
# start expect fr
Still same problem, spawn: command not found.
I have to admit it is quite annoying to see that lots of people (i ve been googling around a lot) have got it working but me..
 
Old 07-21-2008, 09:45 AM   #11
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
Does the fact that im using rocks cluster 4.3 and that I installed expect from the rpm matter, in the fact that spawn does not work... I really would like to get some help here, cuz I really need expect in order to interact within cluster nodes, by sending the public key of the cluster nodes to the server... and then doing ssh without having to use the password... thank you...
 
Old 07-21-2008, 10:15 AM   #12
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
Sorry if I was not clear, I think you have misunderstood what I meant about using spawn and exec.

Using exec at the top of the script is an alternative to using the shebang line (#!/usr/bin/expect) to get the expect interpreter working and reading the rest of the file. Using exec has the advantage that you do not need to hard-code the full path to the expect interpreter in your script - it will be found in the PATH. This is often useful with expect because it is often installed in non-standard locations.

Once you are past the whole shebang/exec expect part, it is then expect syntax to use the spawn command to start a child process. In your original post, you used exec where I think you should have used spawn.

For example, this is how your script might start:
Code:
#!/bin/bash
# start expect from somewhere in the PATH \
exec expect "$0" "$@"

# Right, the rest of the script is being parsed by the expect interpreter.
# We want to start ssh and interact with it, so we have to spawn it:

spawn "ssh user@host"
expect "something" {
  ...

Last edited by matthewg42; 07-21-2008 at 12:09 PM. Reason: removal of extraneous [/code]
 
Old 07-21-2008, 11:50 AM   #13
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
mmm... ill be looking to it tonight... hopefully Ill get it fixed, thanks a lot matthewg42, but please could you explain what the exec expect "$0" "$@" means...


Thank you, youve been amazingly helpfull.
 
Old 07-21-2008, 12:07 PM   #14
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 62
Quote:
Originally Posted by Ricio View Post
please could you explain what the exec expect "$0" "$@" means...
exec is a shell command which replaces the current shell process with some other specified program (in this case expect). The new program inherits the open file handles, so as long as the specified program is an interpreter of some kind (as expect is), the rest of the file can be a program which the interpreter will read and process.

The "$0" "$@" are a way to pass the file path and command line arguments to expect.

Quote:
Thank you, youve been amazingly helpfull.
You're welcome
 
Old 07-22-2008, 09:45 AM   #15
Ricio
Member
 
Registered: Sep 2003
Location: Colombia
Distribution: Debian
Posts: 220

Original Poster
Rep: Reputation: 30
Great! got expect working, thanks to matthewg42, I finally understood what I was doing wrong, and the solution is really really dumb as I feel embarrased but I guess this things happen!

# expect <scriptname>

I tought it was installed as native interpreter so that I could run the scripts like always ./<scriptname> or sh <scriptname>
Thanks all for your help, and I still need help with a script but Ill make a new post.

Thank you matthewg42 what you said on your penultimate post was the fixing post -> and thank you all

Last edited by Ricio; 07-22-2008 at 09:49 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connection failes yusufs Linux - Newbie 2 01-29-2008 01:01 AM
Installations failes over libstdc++.so.5 nadze01 LinuxQuestions.org Member Intro 3 12-04-2007 01:56 AM
Wine failes to install android6011 Linux - Software 3 08-07-2006 06:12 PM
networksetup failes ulaoulao Linux - Networking 1 12-08-2004 12:55 AM
Fluxbox compilation failes objorkum Linux - General 5 03-18-2004 09:38 AM


All times are GMT -5. The time now is 08:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration