LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Logging in to another a remote server using SSH (https://www.linuxquestions.org/questions/linux-software-2/logging-in-to-another-a-remote-server-using-ssh-4175590163/)

depam 09-26-2016 06:06 AM

Logging in to another a remote server using SSH
 
Use Case:

(1) SSH in to one server and login with username and password using expect
(2) Once logged in, login to another server using another username and password via expect

I tried the below script but does not work

#!/bin/bash
SERVER1=1.1.1.1
SERVER2=2.2.2.2

/usr/bin/expect <<EOD
set timeout 1000000
spawn ssh $CLIENT_ID@$SERVER1
expect *$*
send "ssh $CLIENT_ID@$SERVER2\r"
expect "assword:"
send "Pass123\r"
interact
EOD

Can this be done?

wpeckham 09-26-2016 06:47 AM

Yes, it can be done.

That is not the way I would do it.
Have you considered setting up keys for password-free authentication, and simply doing something like
Code:

ssh guy1@1.1.1.1 "ssh guy2@2.2.2.2"
to accomplish the same thing with less effort?

descendant_command 09-26-2016 07:16 AM

Quote:

Originally Posted by wpeckham (Post 5610097)
Yes, it can be done.

That is not the way I would do it.
Have you considered setting up keys for password-free authentication, and simply doing something like
Code:

ssh guy1@1.1.1.1 "ssh guy2@2.2.2.2"
to accomplish the same thing with less effort?

+1

Laziness is a virtue in a sysadmin :D

Turbocapitalist 09-26-2016 07:52 AM

Quote:

Originally Posted by descendant_command (Post 5610103)
+1

Laziness is a virtue in a sysadmin :D

True.

Taking it a step further, you can put your options in ~/.ssh/config and then just type ssh server2 as a shortcut to get to server2 via server1:

Code:

Host server1
        Hostname 1.1.1.1
        User guy1
        IdentityFile ~/.ssh/server1_ed25519
        IdentitiesOnly yes
        Port 22

Host server2
        Hostname 2.2.2.2
        User guy2
        IdentityFile ~/.ssh/server2_ed25519
        IdentitiesOnly yes
        Port 22
        ProxyCommand ssh -W %h:%p server1

Though if you have a more recent version of OpenSSH, version 7.3 to be specific, there is an even easier way. Which version do you have?

depam 09-26-2016 09:27 AM

Thanks for your replies. I have initially tried the one suggested by @vwpeckham but it does not work for me.

$ ssh username@server1 'ssh username@server2'
Pseudo-terminal will not be allocated because stdin is not a terminal.
Authenticated with partial success.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (password).
$

I do not have access to root for either server1 and server2 so I cannot modify any config. Server1 and Server2 doesn't also have expect there so this is triggered mainly on the client.

Turbocapitalist 09-26-2016 09:33 AM

Quote:

Originally Posted by depam (Post 5610145)
...
$ ssh username@server1 'ssh username@server2'
Pseudo-terminal will not be allocated because stdin is not a terminal.
...

For the above, you need the -t option with the SSH client to force pseudo-terminal allocation.

Quote:

Originally Posted by depam (Post 5610145)
...
I do not have access to root for either server1 and server2 so I cannot modify any config. Server1 and Server2 doesn't also have expect there so this is triggered mainly on the client.

For what I suggested in the earlier post regarding the configuration, I am referring to the client configuration file on your own computer. It is on the computer you are connecting from, usually in ~/.ssh/config Using it will save you work. No root access is needed or desired, as it will only work when done as your account.

At this point, I would highly recommend skimming through the manual page for ssh_config and ssh on your own computer so that you are familiar with the options your version has.
Code:

man ssh_config
man ssh


depam 09-26-2016 09:57 AM

@Turbocapitalist, This works like a charm. You're the man!!

Turbocapitalist 09-26-2016 10:59 AM

No worries.

If you don't want to type more than ssh server1 server2 each time, then you can put the equivalent of -t into your SSH client configuration ( ~/.ssh/config ) up near the top:

Code:

Host server1
        User clientid
        Hostname 1.1.1.1
        RequestTTY force

Or you can try the step-saving way up above with ProxyCommand


All times are GMT -5. The time now is 03:09 AM.