[SOLVED] expect -- semi-colon in password being translated.
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
as you suggested, I added 'exp_internal 1' just after the hashbang line. Here's the skinny:
Code:
> ./asdf 'xxx;xxxx' bartonski foo.bar.com
spawn ssh bartonski@foo.bar.com
parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {17537}
expect: does "" (spawn_id exp6) match regular expression "word:"? no
Password:
expect: does "Password: " (spawn_id exp6) match regular expression "word:"? yes
expect: set expect_out(0,string) "word:"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) "Password:"
send: sending "{xxx;xxxx}\n" to { exp6 }
tty_raw_noecho: was raw = 0 echo = 1
spawn id exp6 sent <\r\n>
spawn id exp6 sent <Password: >
Unfortunately, I don't think that this really told me anything that I didn't already know.
I suspect that expect (and not the underlying TCL) is adding the braces so that multiple expressions, separated by semi-colons are executed as a group command in a posix shell. In some situations, this might be the right thing to do... I just want to know if there's a way to disable this behavior.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
If I understand you well, you are saying that Expect is adding {} around your password because it contains a ';'. As seen in the Expect trace you suspect that the braces are actually sent together with the password, so authentication fails.
From the trace, I see Expect shows it is sending {xxx;xxx}. However I am not sure that it really sends the braces. It is also Expect's way to print a string. But the quotes around the braced string confuse me as well.
As in your previous posts, can you replace the xxx;xxxx password with something else, and see if it shows up braced as well in the trace? I wonder if I see "foobar" or "{foobar}"
I can try to take a look at it tonight if I have more time hw_stat_to_display:and make some tests as well if you haven't found out yet. Or changed your password (Just kidding, this is an interesting problem anyway)
If I understand you well, you are saying that Expect is adding {} around your password because it contains a ';'. As seen in the Expect trace you suspect that the braces are actually sent together with the password, so authentication fails.
Exactly.
Quote:
From the trace, I see Expect shows it is sending {xxx;xxx}. However I am not sure that it really sends the braces. It is also Expect's way to print a string. But the quotes around the braced string confuse me as well.
As in your previous posts, can you replace the xxx;xxxx password with something else, and see if it shows up braced as well in the trace? I wonder if I see "foobar" or "{foobar}"
Based on the work that I did with "echo" in my first post, I was pretty sure that the braces were literal, but I ran it using 'exp_internal 1' and the password 'bangersandmash' just to make sure:
Code:
> ./asdf 'bangersandmash' bartonski foo.bar.com
spawn ssh bartonski@foo.bar.com
parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {21317}
expect: does "" (spawn_id exp6) match regular expression "word:"? no
Password:
expect: does "Password: " (spawn_id exp6) match regular expression "word:"? yes
expect: set expect_out(0,string) "word:"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) "Password:"
send: sending "bangersandmash\n" to { exp6 }
tty_raw_noecho: was raw = 0 echo = 1
spawn id exp6 sent <\r\n>
As you can see from the line "send: sending "bangersandmash\n" to { exp6 }", it appears that expect is not putting braces around "bangersandmash", so I think that the braces were literal before.
I hard coded the password into the expect script, rather than prompting for it at the command line. Apparently the braces are added when the command line is parsed, not when the command is sent to the remote machine.
Not secure, I know, but if I chmod the script to 0500, I figure that I ought to be OK (that's actually more secure than having all those instances of my password sitting out in my .bash_history).
I"m still having problems getting the interactive part working correctly (even after I log in, expect is still eating and trying to interpret my keystrokes). I'm not sure how much that matters to me though, right now, I'm just testing things out so that I can script connections later.
By the way, I came to this solution after running 'autoexpect', an expect script which generates an expect script of of a live login. Autoexpect can be found here.
Using autoexpect:
the hashbang line is incorrect, change it to use the absolute path to expect.
Start autoexpect
Log in to the remote server
Use Control-D to stop the autoexpect session.
Thanks for the pointers so far.
Last edited by bartonski; 09-12-2009 at 11:39 AM.
Reason: s/inspect/expect/
Trouble with interactive login on remote box went away after I removed 'exp_internal 1'.
I'm going to keep this thread open for a couple of days, just because I'm curious to see if anyone else has any ideas about how to get around the issue of including a semi-colon in arguments to expect (like jlinkels said, it's an interesting problem), but it's an academic problem to me at this point.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
Quote:
Originally Posted by bartonski
Trouble with interactive login on remote box went away after I removed 'exp_internal 1'.
Usually it's the other way around...
I first overlooked that there was a difference when you entered your password from the console or from a file. My first tought that that xxx;xxx was considered as two strings, and treated like a list, so Expect decided to put braces around them.
I found no proof for that. If I enter "my password" a call to llength does return 2, but there are still no braces when Expect sends this to the console. I didn't use another host, but echoed this on my own console.
Mind you, "my;password" returned a llenght of 1 so no reason at all to put it between braces. I read the input from stdin, not using interact like you did.
So I can't shed any light on this, sorry.
Your solution to make the file permissions 500 is good. More often, a password containing file is made 600, the executable 755 or so, while it includes your 600 file. This is generally considered safe practice.
Note if you want to read from stdin with Expect using the gets function, you must set gets to be blocking otherwise it returns EOF immediately.
Code:
fconfigure stdin -blocking 1
I don't assume this has anything to do with your problem, it is just for general interest.
I first overlooked that there was a difference when you entered your password from the console or from a file.
Actually, I wasn't entering the password from a file. "./xxx" was simply a command that I could use as a placeholder for "ssh", which would echo what expect was passing to it. Think of it as a poor man's "exp_internal 1".
I really can't tell what expect is doing with those strings. Short of reading source code (and I'm not really keen on learning TCL just for that) or asking Don Libes personally, I'm not sure that I'm going to find out.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.