put ssh tunnel in background with expect
ne...@aleblanc.cotse.net
I use a webproxy via an ssh tunnel when browsing with my laptop and
have the following expect script to save me typing my password everytime:
set timeout -1
spawn /usr/bin/gksudo echo
spawn /usr/bin/sudo /usr/bin/ssh -L ????:127.0.0.1:8888 user...@mysshtunell.com
match_max 100000
expect "Password:"
send -- "secret_password"
interact
I want to have this fork to the background so I can continue using the
shell prompt. I tried this:
set timeout -1
spawn /usr/bin/gksudo echo
spawn /usr/bin/sudo /usr/bin/ssh -L ????:127.0.0.1:8888 user...@mysshtunell.com
match_max 100000
expect "Password:"
send -- "secret_password"
if {[fork]!=0} exit
disconnect
but that closes the ssh tunnel.
I'm guessing that this is easy for someone in the know.
Can anyone help me?
--
aleblanc
Uwe Klein
is there a special reason for your use of sudo?
the following is my tunneling login script to a
twice removed host:
set lhost localgaga ;# 172.0.0.1 in etc/hosts to get around the
;# key/name missmatch for localhost
log_user 1
puts "ssh -p $port -L $fport:$fhost:$sshport ${user}@${host}"
spawn ssh -p $port -L $fport:$fhost:$sshport ${user}@${host}
set spid1 $spawn_id
expect -i $spid1 \
word: {
exp_send -i $spid1 $pass\r
exp_continue
} "uwe> " {
puts -nonewline stderr "logged in $::host, "
after 500 set ::seconds [ clock seconds ]
} timeout {
puts stderr "timeout1 on $spid1"
exit
}
expect_background -i $spid1 -re \
"Logged in for (\[0-9\]*) Sec. Press RETURN to quit" {
# puts stderr "match:$expect_out(0,string)"
scan $expect_out(1,string) " %d " ::seconds
} "\[^\n\]*\r" {
# puts stderr "nomatch:$expect_out(0,string)"
}
vwait ::seconds
puts stderr "using tunnel"
puts "ssh -p $fport -C -X -L 8088:pcgaga:80 -L 8099:pcgaga:8099 ${fuser}@${lhost}"
spawn ssh -p $fport -C -X \
-L 8088:pcgaga:80 \
-L 8099:pcgaga:8099 \
${fuser}@${lhost}
set spid2 $spawn_id
log_user 0
expect -i $spid2 \
word: {
exp_send -i $spid2 $fpass\r
} "connecting (yes/no)?" {
exp_send -i $spid2 yes\r
exp_continue
} timeout {
puts stderr "timeout2 on $spid2"
exp_send -i $spid1 \r
} eof {
puts stderr "eof2 on $spid2"
puts xxxx$expect_out(buffer)xxxx
}
interact
set ::seconds [ expr {[ clock seconds ] - $::seconds }]
puts stderr "seconds connected $::seconds"
exp_send -i $spid1 \r
#uwe
ne...@aleblanc.cotse.net
Hi Uwe,
does your script fork to the background? I tried using spawn_id
and expect_background, but still couldn't get it to work.
Ideally I would like to execute the script as a menu option with
no terminal, is this possible?
--
aleblanc
Uwe Klein
> Hi Uwe,
> does your script fork to the background? I tried using spawn_id
> and expect_background, but still couldn't get it to work.
> Ideally I would like to execute the script as a menu option with
> no terminal, is this possible?
The script created a first connection ( with some portforwarding )
to an intermediary host.
the exp-background call sucks up output from that session ( that
"connected for $seconds" stuff )
the next spawn creates an ssh connection to the final host via
localhost and the previously set up local portforwarding.
my script then hands the
connection to the user via [interact]
when you fall out of interact the accumulated connection time
is logged ( need something to write on my bill to the customer ;-)
instead of [interact] you can do any other "ding" you have in mind.
notice that you are not in a shell session where backgrounding
of the first ssh session would serve its purpose.
instead you have two spawned processes hanging off your expect session
which should serve the same purpose.
If I have guessed wrong could you post your setup or give a more concise
description?
uwe
ne...@aleblanc.cotse.net
> The script created a first connection ( with some portforwarding )
> to an intermediary host.
> the exp-background call sucks up output from that session ( that
> "connected for $seconds" stuff )
>
> the next spawn creates an ssh connection to the final host via
> localhost and the previously set up local portforwarding.
>
> my script then hands the
> connection to the user via [interact]
>
> when you fall out of interact the accumulated connection time
> is logged ( need something to write on my bill to the customer ;-)
>
> instead of [interact] you can do any other "ding" you have in mind.
>
> notice that you are not in a shell session where backgrounding
> of the first ssh session would serve its purpose.
>
> instead you have two spawned processes hanging off your expect session
> which should serve the same purpose.
>
> If I have guessed wrong could you post your setup or give a more concise
> description?
>
> uwe
Woah.. that is all a bit beyond me.. I am new to this kind of stuff.
I am just using a (paid for) proxy service for personal webbrowsing.
The service provider says to use the following command to forward all my
web traffic through their server:
ssh -L 5000:127.0.0.1:8888 youraccount@machine
(more details here: https://www.cotse.net/ssh.html)
However, this means I have to type my password every time, hence the need
for expect.
My expect script works if I don't use the forking business, but then I
have a terminal hanging around on my desktop which I can't use. I would
rather fork the expect script to the background so that if I
accidentally press Ctrl-C it's not gonna break my connection.
In fact.. ideally I want to have a menu item to start the webproxy, but
if I run my script without a terminal window it doesn't work.
--
aleblanc
Uwe Klein
> My expect script works if I don't use the forking business, but then I
> have a terminal hanging around on my desktop which I can't use. I would
> rather fork the expect script to the background so that if I
> accidentally press Ctrl-C it's not gonna break my connection.
> In fact.. ideally I want to have a menu item to start the webproxy, but
> if I run my script without a terminal window it doesn't work.
How have you done that?
and:
What system? some *buntu Linux Distribution?
( I am oldfashioned, still use fvwm2 and a herd of xterms ;-)
uwe
ne...@aleblanc.cotse.net
I'm using the openbox window manager with Ubunut 8.10.
I can add an item to the openbox menu to run my expect script, but it
doesn't open a terminal and gives me no feedback of what it's doing
The tunnel isn't opened and ssh doesn't show up when I do "ps -e".
Even if I can't get the menu item to work, it should be possible to free
up my terminal, right?
--
aleblanc
WL
>Woah.. that is all a bit beyond me.. I am new to this kind of stuff.
>I am just using a (paid for) proxy service for personal webbrowsing.
>The service provider says to use the following command to forward all my
>web traffic through their server:
>
> ssh -L 5000:127.0.0.1:8888 youraccount@machine
>
>(more details here: https://www.cotse.net/ssh.html)
Not a very tclish response...
Is RSA keys or agent forwarding an option? This would let
you create the ssh connection without needing to type your
password multiple times.
If you can get RSA keys working, then your ssh connection
can become the one liner
ssh -N -n -L .... &
to put the connection in the background.
--
WL
real mail: wliao at sdf loSnPesAtarM org
(remove the uppercase letters...)
Uwe Klein
> I'm using the openbox window manager with Ubunut 8.10.
> I can add an item to the openbox menu to run my expect script, but it
> doesn't open a terminal and gives me no feedback of what it's doing
> The tunnel isn't opened and ssh doesn't show up when I do "ps -e".
> Even if I can't get the menu item to work, it should be possible to free
> up my terminal, right?
>
>
look into .xsession-errors in your home directory for diagnostics.
uwe
Uwe Klein
have a look into the openbox menu.xml, Here I have added my test as "Tunnel":
<menu id="misc-menu" label="Miscellaneous">
................
<item label="Tunnel">
<action name="Execute"><execute>~/tcltest/xyz.tcl</execute></action>
</item>
...............
See that the tcl script you want to start is executable and has the
propper invocation in the first line
#!/usr/bin/wish
add to your connection script the lines
package require Expect
button .b -text Exit -command exit
pack .b
at the top
If you have trouble seeing any diagnostic run your test
from an xterm onto a secondary xscreen with
WINDOWMANAGER=/usr/X11R6/bin/openbox startx openbox -- :1
try your menu.
if you exit this session you will see the error output from openbox
or look into .xerror for your current session
uwe
ne...@aleblanc.cotse.net
> OK,
> have a look into the openbox menu.xml, Here I have added my test as "Tunnel":
>
> <menu id="misc-menu" label="Miscellaneous">
> ................
> <item label="Tunnel">
> <action name="Execute"><execute>~/tcltest/xyz.tcl</execute></action>
> </item>
> ...............
>
> See that the tcl script you want to start is executable and has the
> propper invocation in the first line
>
> #!/usr/bin/wish
>
> add to your connection script the lines
>
> package require Expect
> button .b -text Exit -command exit
> pack .b
>
>
> at the top
>
> If you have trouble seeing any diagnostic run your test
> from an xterm onto a secondary xscreen with
>
> WINDOWMANAGER=/usr/X11R6/bin/openbox startx openbox -- :1
>
> try your menu.
>
> if you exit this session you will see the error output from openbox
>
> or look into .xerror for your current session
>
> uwe
Thanks for the help, but I think I'll just stick with the command line
version for now. I get a load of errors when I try that, and I don't
think the extra effort to fix it all is worth it right now.
I will look into it sometime though so thanks.
--
aleblanc