LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-11-2020, 01:12 PM   #1
patrik_
LQ Newbie
 
Registered: Jan 2020
Posts: 12

Rep: Reputation: Disabled
ssh not reading the variable as expected


Hello guys,

I'm trying to use a variable as host to run ssh like ssh -l username $host.

When I run the command it works fine however when I use it inside of a bash I keep getting this:

ssh: Could not resolve hostname 10.32.48.82<br: Name or service not known

the IP is connect but it seems like it is trying to resolve it like if is a name instead on an IP.

Any help would be much appreciated.

Thanks!
 
Old 02-11-2020, 01:23 PM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,255
Blog Entries: 3

Rep: Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227
Try adding the following a few lines earlier in your script:

Code:
set -vx
and then watch what it reports what the variable actual contains.
 
Old 02-11-2020, 01:32 PM   #3
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,610

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
If you included the full stop you typed in the script that would cause an error?
 
Old 02-11-2020, 01:35 PM   #4
patrik_
LQ Newbie
 
Registered: Jan 2020
Posts: 12

Original Poster
Rep: Reputation: Disabled
it actually contains a <br at the end which I dont know where is comming from...

Let me review it one more time...

Thanks!
 
Old 02-11-2020, 01:38 PM   #5
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,610

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
Quote:
Originally Posted by patrik_ View Post
it actually contains a <br at the end which I dont know where is comming from...

Let me review it one more time...

Thanks!
that "<br"is likely something like the full stop or just having a newline (having pressed enter) after the last line.
 
Old 02-11-2020, 03:49 PM   #6
scasey
LQ Veteran
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 5,519

Rep: Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144Reputation: 2144
I think we need to see the script itself, or at least the line(s) where the variable host is being populated.
 
Old 02-11-2020, 03:58 PM   #7
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,369

Rep: Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602Reputation: 1602
Hi,

I wonder if the '<br' is some artifact from the text editor you are using. How are you writing this script?

Evo2.
 
Old 02-11-2020, 04:18 PM   #8
patrik_
LQ Newbie
 
Registered: Jan 2020
Posts: 12

Original Poster
Rep: Reputation: Disabled
I'm using this PHP script to get the variables from a HTML from and then send then to the bash script:

<?php
$device = $_GET['device'] . '<br />'; <<<< I beleive here is where I'm getting the <br...I modified and and I screwed up LOL I'm trying to fix it now
$inter = $_GET['inter'];
echo $device;
echo $inter
?>

<?php
// exec ( "/var/www/cgi-bin/port_prov.bash "$device" $inter" );
$output = "<pre>".shell_exec("/var/www/cgi-bin/port_prov.bash "$device\ $inter")."</pre>";
echo $output;
?>
 
Old 02-12-2020, 12:14 AM   #9
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,255
Blog Entries: 3

Rep: Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227Reputation: 3227
Quote:
Originally Posted by patrik_ View Post
I'm trying to fix it now
It's good that you posted those two snippets. Let's fix the problem that affects all of us: Unless there is some additional code between them sanitizing the variables you have a very dangerous situation should the site go public. Using $_GET[...] in the way you have shown it allows visitors the potential to run arbitrary code on your system. That is because when using $_GET, you are fetching tainted variables straight from the outside world and they can contain anything.

So instead of "10.32.48.82" someone could pass it "10.32.48.82; /bin/rm -rf /" or somethings much, much worse.

Figure out what needs to be in both $device and $inter and then make a regular expression pattern to check on each variable. This is important for all the variables that use $_GET[...], don't skip this step for any of them. Don't work on anything else, including your SSH question, before completing this step.

You can find a concise example of how to filter for IPv4 and IPv6 IP addresses:
https://www.tutorialrepublic.com/php...hp-filters.php

Dig into that short routine and you'll see how you can write a similar routine to validate the network interface names, too. Then go through the rest of your code and do the same for every variable you have fetched using $_GET or $_POST.

When ecountering data deemed invalid by your regular expressions or validation fuctions, have the program stop running and make a log entry. Don't have it report any information to the web UI because you will forget to turn it off when it goes into production.
 
Old 02-12-2020, 10:44 AM   #10
patrik_
LQ Newbie
 
Registered: Jan 2020
Posts: 12

Original Poster
Rep: Reputation: Disabled
hello Turbocapitalist, I will definitely will take a look of the link you shared today. That is really good stuff, thanks a lot!

After that I will try to make the scrip work again.

Thanks guys!
 
  


Reply

Tags
ssh login


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Error: Expected variable in READ statement at (1) Fpaul8 Linux - Software 6 08-01-2019 10:13 AM
Can not access Global variable in C "expected expression before ??:?? token" golden_boy615 Programming 1 11-16-2011 02:30 PM
[SOLVED] awk does not print the value of the variable as I expected, please help jozelo Linux - Newbie 4 04-04-2011 01:17 PM
My dvd drive is not mounting and reading. No udf based dvd is not reading. anjanatsuse Linux - Newbie 1 10-15-2010 12:54 PM
AWK a variable Ouptut to a new variable and using the new variable with the old one alertroshannow Linux - Newbie 4 02-16-2009 12:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration