LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Need Help with Shell script??? (https://www.linuxquestions.org/questions/linux-newbie-8/need-help-with-shell-script-809502/)

linuxunix 05-22-2010 01:14 PM
Need Help with Shell script???
 
Hello Guys,

I have been searching for a shell script which does login to remote server without DSA Key authentication. All I was following http://bash.cyberciti.biz/security/e...-login-script/ and just ran the script it threw errors.
To troubleshoot I explored more with the forums and found that perl-expect has to be installed.
I downloaded few packages ( as yum went unconfigured):
Code:
perl-Expect-1.21-2.fc11.noarch.rpm
perl-Expect-Simple-0.04-2.fc11.noarch.rpm
perl-IO-Tty-1.08-1.fc11.i586.rpm

[root@server ~]# rpm -ivh perl-IO-Tty-1.08-1.fc11.i586.rpm
warning: perl-IO-Tty-1.08-1.fc11.i586.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
  1:perl-IO-Tty            ########################################### [100%]
[root@server ~]# wget http://rpm.pbone.net/index.php3/stat/4/idpl/13153253/dir/fedora_11/com/perl-IO-Tty-1.08-1.fc11.i586.rpm.html
--2010-05-16 08:06:13--  http://rpm.pbone.net/index.php3/stat/4/idpl/13153253/dir/fedora_11/com/perl-IO-Tty-1.08-1.fc11.i586.rpm.html
Resolving rpm.pbone.net... 85.14.85.4
Connecting to rpm.pbone.net|85.14.85.4|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: `perl-IO-Tty-1.08-1.fc11.i586.rpm.html'

    [    <=>                                ] 18,492      15.0K/s  in 1.2s

2010-05-16 08:06:15 (15.0 KB/s) - `perl-IO-Tty-1.08-1.fc11.i586.rpm.html' saved [18492]

[root@server ~]# ^C
[root@server ~]# rpm -ivh perl-Expect-1.21-2.fc11.noarch.rpm                    warning: perl-Expect-1.21-2.fc11.noarch.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
  1:perl-Expect            ########################################### [100%]
[root@server ~]# rpm -ivh perl-Expect-Simple-0.04-2.fc11.noarch.rpm
warning: perl-Expect-Simple-0.04-2.fc11.noarch.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID d22e77f2
Preparing...                ########################################### [100%]
  1:perl-Expect-Simple    ########################################### [100%]
[root@server ~]# ex
After installing I tried running the script:

[root@server ~]# sh script.sh
script.sh: line 25: spawn: command not found
script.sh: line 26: match_max: command not found
script.sh: line 28: expect: command not found
script.sh: line 30: send: command not found
script.sh: line 32: send: command not found
script.sh: line 33: expect: command not found
[root@server ~]#


Any idea if anything missing still to install / configure.

acid_kewpie 05-22-2010 01:17 PM
running an expect script through sh instead of expect is not exactly a good start. It's not a shell script, why have you called it script.sh? not that it matters really. just make it executable and run it directly and in line with the shebang at the start, it'll run it with expect. It also clearly doesn't need perl-Expect at all. Just the real Expect.

linuxunix 05-22-2010 01:19 PM
[root@server ~]# whereis expect
expect:
[root@server ~]# whereis spawn
spawn:


No expect command even after installing Perl-Expect package.
Because of this, its not capable in running.
pls suggest.

acid_kewpie 05-22-2010 02:16 PM
as above, you don't want perl-expect, which is an internal perl library replicating expect. You want expect, which is expect. spawn is not a command, it's code in an expect script, which is what you're looking at. Install expect.

linuxunix 05-22-2010 10:18 PM
I need some help understanding the script:

Code:
#!/usr/bin/expect -f
# Expect script to supply root/admin password for remote ssh server
# and execute command.
# This script needs three argument to(s) connect to remote server:
# password = Password of remote UNIX server, for root user.
# ipaddr = IP Addreess of remote UNIX server, no hostname
# scriptname = Path to remote script which will execute on remote server
# For example:
#  ./sshlogin.exp password 192.168.1.11 who
# ------------------------------------------------------------------------
# Copyright (c) 2004 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------
# set Variables
set password [lrange $argv 0 0]
set ipaddr [lrange $argv 1 1]
set scriptname [lrange $argv 2 2]
set arg1 [lrange $argv 3 3]
set timeout -1
# now connect to remote UNIX box (ipaddr) with given script to execute
spawn ssh root@$ipaddr $scriptname $arg1
match_max 100000
# Look for passwod prompt
expect "*?assword:*"
# Send password aka $password
send -- "$password\r"
# send blank line (\r) to make sure we get back to gui
send -- "\r"
expect eof
Saved it as sshlogin.exp.

I installed expect RPM and it went successful.

When I run :
Code:
[root@server ~]# ./sshlogin.exp c0mp&t@# 192.168.254.129 who
spawn ssh root@192.168.254.129 who
The authenticity of host '192.168.254.129 (192.168.254.129)' can't be established.
RSA key fingerprint is 00:42:bc:52:19:41:b4:fa:d6:1f:6a:db:0f:de:9c:fe.
Are you sure you want to continue connecting (yes/no)? yes

^C[root@server ~]# ls
Why is it asking for password?

I am trying to ssh to my local machine for a trial.
Isnt possible?

chrism01 05-23-2010 03:01 AM
With ssh you either login using an auth key or a passwd. Using 'expect' you can put the passwd in the expect script, thus making it unnecessary to manually enter the passwd from then on.
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
A 3rd option is ssh-agent; basically you start the ssh-agent session, give it the passwd when reqd and any ssh cmds run from within that session can obtain the passwd on demand.

salasi 05-23-2010 03:55 AM
Quote:
Originally Posted by chrism01 (Post 3978175)
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
True enough; you can make it into a slightly less bad idea by compiling the script, and preventing anyone other than root from reading the script, but you've still only made it a slightly less bad idea.

acid_kewpie 05-23-2010 03:17 PM
Why is it asking for the password? It's *NOT* asking for the password is it... where's the password prompt? There isn't one, that's a rmeote host key check, which is totally different. If it's getting stuck there, just manually ssh to localhost first, then run it again and it'll already know the key so won't ask again.

ssh scripts are somtimes unavoidable, but sshing as root should never be, don't ssh as root. that shouldn't even be possible on a properly managed system.


All times are GMT -5. The time now is 05:58 PM.