SSH login automation, get stuck at the last step.
Schubert
1. Login in a server through ssh.
2. Then run a batch file.
I use Expect to do the automation.
The script is like this:
--------------------------------------------------------------------------
spawn ssh -p 10022 root@<Server IP address>
expect "root@<Server IP address>'s password: "
send "public\r"
expect {
"\[root@<Server Name>:<Server IP address>\]" {
send "run batch filename.txt\r"}
}
--------------------------------------------------------------------------
Here is the screen output I got if I do this manually:
------------------------------------------------------------------------
> ssh -p 10022 root@<Server IP address>
root@<Server IP address>'s password: public <key-in>
<Server Name>
You're logged on from <Another Server IP address>
[root@<Server Name>:<Server IP address>]: run batch filename.txt <key-
in>
batch file success message shown
-------------------------------------------------------------------------
But when I use Expect script above to automate the manual steps, it
will get stuck running the batch file. It simply shows the
[root@<Server Name>: <Server IP address>] prompt and then stops. Does
anybody know why this happens? Greatly appreciated.
Uwe Klein
> But when I use Expect script above to automate the manual steps, it
> will get stuck running the batch file. It simply shows the
> [root@<Server Name>: <Server IP address>] prompt and then stops. Does
> anybody know why this happens? Greatly appreciated.
>
Nothing expected, nothing shown.
[expect] the batch completion message
expect $batch_message
and then the prompt.
expect $prompt
then exit
exp_send "exit\r"
expect eof
with expecting some output it may be a good idea to expect
timeouts and errormesssages like:
exp_send $runbatchline\r
set ::JOB "not done"
expect \
$batchokmsg {
puts "batch run OK"
set ::JOB OK
# need prompt, continue will restart this expect
exp_continue
} $batcherrormsg {
puts "error in batch"
set ::JOB ERR
# you are still waiting for the prompt right?
exp_continue
} $prompt {
puts "back at the prompt JOB stat: $::JOB "
} timeout {
puts "sleeping at the job $::JOB ?"
}
something like the above, adapt to your case.
uwe
Schubert
wrote:
Thanks uwe. But that's not my case. Maybe I should make it more
clear.
When I execute my script on the top, I expect a prompt like
[root@<ServerName>@<Server IP address>] so that I can send "run batch
filename.txt" to the server. But the execution of the script stops
after the prompt [root@<ServerName>@<Server IP address>] shows, and
after several minutes, it timed out. It even didn't run the "run batch
filename.txt" command.
Does anybody know about using Expect to do ssh login and then run any
commands?
Thanks
Cameron Laird
Schubert <cxbes...@yahoo.com> wrote:
.
.
.
>When I execute my script on the top, I expect a prompt like
>[root@<ServerName>@<Server IP address>] so that I can send "run batch
>filename.txt" to the server. But the execution of the script stops
>after the prompt [root@<ServerName>@<Server IP address>] shows, and
>after several minutes, it timed out. It even didn't run the "run batch
>filename.txt" command.
>
>Does anybody know about using Expect to do ssh login and then run any
>commands?
>
>Thanks
>
Along with what Uwe has already explained, I think
you want to read <URL: http://wiki.tcl.tk/interact >.
Schubert
> In article <1171408289.126631.143...@v45g2000cwv.googlegroups.com>,Schubert <cxbest2...@yahoo.com> wrote:
>
> .
> .
> .
>
> >When I execute my script on the top, I expect a prompt like
> >[root@<ServerName>@<Server IP address>] so that I can send "run batch
> >filename.txt" to the server. But the execution of the script stops
> >after the prompt [root@<ServerName>@<Server IP address>] shows, and
> >after several minutes, it timed out. It even didn't run the "run batch
> >filename.txt" command.
>
> >Does anybody know about using Expect to do ssh login and then run any
> >commands?
>
> >Thanks
>
> Along with what Uwe has already explained, I think
> you want to read <URL:http://wiki.tcl.tk/interact>.
Thanks Cameron for your reply.
I know interact, but I don't want to use it as I want the script
totally automated.
The "run batch filename.txt" should automatically be sent to the
server after the "[root@<ServerName>@<Server IP address>]" prompt
appears. However, it get stucked after this prompt shows. I don't know
why and what's the problem with my Expect script. Please refer to the
manual steps that I have executed, is it because of the logged in
message?
Uwe Klein
there is a "psace" after the prompt which you do not expect.
You send your cmdline before the shell is ready to receive input.
Try expecting the additional space ( you did this in the proper
way with "*assword ") and then continue ...
This is a rather common problem. as with slow ( and delayed ) human input
everything works fine. But expect is faster!
uwe
>
Schubert
wrote:
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
Thanks again, uwe. I have tried add spaces after the prompt, now it is
like "[root@<ServerName>@<Server IP address>] ",
but it is still the same result.
I have changed the script like this:
-------------------------------------------------------
spawn ssh -p 10022 root@<Server IP address>
expect "root@<Server IP address>'s password: "
send "public\r"
expect {
"\[root@<Server Name>:<Server IP address>\] " {
send "run batch filename.txt\r"}
}
set output $expect_out(buffer)
puts "$output"
-------------------------------------------------
The $output will print out a warning like:
"Warning: Permanently added <Server IP Address> (RSA) to the list of
known hosts. root@<Server IP address>'s password: ".
I think it should print out the log on success message like: (please
refer to the manual step result on my first post)
<Server Name>
You're logged on from <Another Server IP address>
[root@<Server Name>:<Server IP address>]:"
But it does not. Anybody can figure out how this happens?
Btw, after the prompt "[root@<Server Name>:<Server IP address>]: "
appears on the screen for several minutes, it will exit to the unix
home directory (where I execute the Expect script) automatically.
Uwe Klein
> spawn ssh -p 10022 root@<Server IP address>
>
>
> expect "root@<Server IP address>'s password: "
> send "public\r"
>
>
> expect {
> "\[root@<Server Name>:<Server IP address>\] " {
> send "run batch filename.txt\r"}
> }
>
> set output $expect_out(buffer)
> puts "$output"
> -------------------------------------------------
> The $output will print out a warning like:
> "Warning: Permanently added <Server IP Address> (RSA) to the list of
> known hosts. root@<Server IP address>'s password: ".
> I think it should print out the log on success message like: (please
> refer to the manual step result on my first post)
>
>
> <Server Name>
> You're logged on from <Another Server IP address>
>
>
> [root@<Server Name>:<Server IP address>]:"
> But it does not. Anybody can figure out how this happens?
You still need to expect the output of your batchfile run!
otherwise no more input will be processed!
Have you tried to adapt the script I wrote in a previous post?
> Btw, after the prompt "[root@<Server Name>:<Server IP address>]: "
> appears on the screen for several minutes, it will exit to the unix
> home directory (where I execute the Expect script) automatically.
autologout?
>
uwe
Schubert
wrote:
>
> - Show quoted text -
uwe, I have adapted my script according to your thought. Please see
below. I got a very wierd problem. It still stops at the prompt
[root@emscli:<another Server IP address], but the prompt is covered
with two same "run batch filename.txt" command, one is from the
beginning of the line that the prompt resides, the other command is
right after the prompt (the place where you key-in the command). I can
see the content of the prompt from the space between the two commands.
Isn't it wierd? And, no response even if I press the carriage return.
------------------------------------------------------------------------------------------
set timeout -1
spawn ssh -p 10022 root@<Server IP address>
match_max 100000
expect -exact "root@<Server IP address>'s password: "
send -- "public\r"
expect -exact "\r
\r
\r
EMS CLI\r
You're logged on from <another Server IP address>
\r\r
\r
\r
\[root@emscli:<another Server IP address\] "
send -- "run batch filename.txt\r"
expect -exact "run batch filename.txt\r
Command = run batch filename.txt
\rStatus = Success
\rTime = Feb 14,2007 09:14:15 AM
\r\r
\[root@emscli:<another Server Ip address\] "
send -- "exit\r"
expect eof
------------------------------------------------------------------------------------
Uwe Klein
> uwe, I have adapted my script according to your thought. Please see
> below. I got a very wierd problem. It still stops at the prompt
> [root@emscli:<another Server IP address], but the prompt is covered
> with two same "run batch filename.txt" command, one is from the
> beginning of the line that the prompt resides, the other command is
> right after the prompt (the place where you key-in the command). I can
> see the content of the prompt from the space between the two commands.
> Isn't it wierd? And, no response even if I press the carriage return.
> ------------------------------------------------------------------------------------------
You scraped that from the screen?
Looks like the script merged with output
that is logged to the user.
as far as i can see your batch is run.
the thing to do is expecting the prompt after
that has happened.
>
> set timeout -1
> spawn ssh -p 10022 root@<Server IP address>
> match_max 100000
> expect -exact "root@<Server IP address>'s password: "
> send -- "public\r"
> expect -exact "\r
> \r
> \r
> EMS CLI\r
> You're logged on from <another Server IP address>
> \r\r
> \r
> \r
> \[root@emscli:<another Server IP address\] "
> send -- "run batch filename.txt\r"
# you don't need this.
> expect -exact "run batch filename.txt\r
> Command = run batch filename.txt
> \rStatus = Success
> \rTime = Feb 14,2007 09:14:15 AM
> \r\r
> \[root@emscli:<another Server Ip address\] "
> send -- "exit\r"
> expect eof
> ------------------------------------------------------------------------------------
# start from here:
set timeout -1
spawn ssh -p 10022 root@<Server IP address>
match_max 100000
# fix the prompt to your req.
set prompt {[root@emscli:<another Server IP address] }
# kiss, "keep it simple stupid"
expect -- "assword: "
exp_send -- "public\r"
expect -- $prompt
exp_send -- "run batch filename.txt\r"
# you don't need this.
# expect -exact "run batch filename.txt\r
but you need
expect -- $prompt
exp_send -- "exit\r"
expect eof
# done
>
uwe
Schubert
wrote:
> Schubert wrote:
> > uwe, I have adapted my script according to your thought. Please see
> > below. I got a very wierd problem. It still stops at the prompt
> > [root@emscli:<another Server IP address], but the prompt is covered
> > with two same "run batch filename.txt" command, one is from the
> > beginning of the line that the prompt resides, the other command is
> > right after the prompt (the place where you key-in the command). I can
> > see the content of the prompt from the space between the two commands.
> > Isn't it wierd? And, no response even if I press the carriage return.
>
> # start from here:
> set timeout -1
> spawn ssh -p 10022 root@<Server IP address>
>
> match_max 100000
>
> # fix the prompt to your req.
> set prompt {[root@emscli:<another Server IP address] }
>
> # kiss, "keep it simple stupid"
> expect -- "assword: "
> exp_send -- "public\r"
>
> expect -- $prompt
>
> exp_send -- "run batch filename.txt\r"
> # you don't need this.
> # expect -exact "run batch filename.txt\r
> but you need
>
> expect -- $prompt
>
> exp_send -- "exit\r"
> expect eof
>
> # done
>
>
> - Show quoted text -
uwe, I still got the same problem as mentioned above. My script is
adapted below:
set timeout -1
spawn ssh -p 10022 root@<Server IP address>
match_max 100000
set prompt {[root@emscli:<another Server IP address]}
expect -- "assword: "
exp_send -- "public\r"
expect -- $prompt
exp_send -- "run batch filename.txt\r" # In the running result,
this command covers the prompt. Just like "un batch filename.txt
Server IP address] run batch filename.txt", notice that the first
"r" of "run" disappears.
expect -- $prompt
exp_send -- "exit\r"
expect eof
----------------------------------------------------------------------------
Uwe Klein
> this command covers the prompt. Just like "un batch filename.txt
> Server IP address] run batch filename.txt", notice that the first
> "r" of "run" disappears.
What you see is the overwriting on your screen.( I would guess)
does the batch run in the background ?
i.e.
run .....
expedites your job in the background
you get a prompt
and then this is overwritten by the
output from your completed job?
>
> expect -- $prompt
> exp_send -- "exit\r"
> expect eof
> ----------------------------------------------------------------------------
>
Now for something completely different:
insert into your expect script at the start:
log_file "funnyoutput.log"
run your script
send the file "funnyoutput.log" as attachemnt to my email address.
uwe
Why Tea
I had a chat with Uwe a week or two ago about the SSH login issue in
another thread. I remember from my own experience a few years ago, to
automatic login to as SSH with a password was unreliable. In your
case, I suspect the SSH server had not authenticated you and hence it
didn't execute what came next. What I used to do was to do the
simplest thing first in the Expect script:
1) login to SSH server
2) run xclock & (remember to use the -X switch in running ssh)
3) if xclock shows up every time in your X Window, you should be OK
I had a lot of problems getting the above to work reliably with your
(and Uwe's) way of authentication. Then I followed the howto
suggestions in http://www.aerospacesoftware.com/ssh-login-howto.html
to do the following:
1) create the public/private key pair and use
passphrase for the private key and copy the
public key the the remote host (just the
standard stuff)
2) instead of spawning ssh, the script spawns ssh-add
3) expect "id_rsa: "
4) you can send in the hard code passphrase
5) you should be logged if you get an "eof", i.e. expect eof
6) now, spawn ssh and do what you have to do
Steps 2-6 are pretty much what's described in the Web page.
Assuming you have written your script as described and called
it autossh.exp, you would run it with ssh-agent, i.e.
ssh-agent autossh.exp
Another source of reference: http://www.unix.org.ua/orelly/
networking_2ndEd/ssh/ch11_01.htm
Hope it helps.
Schubert
key to the server?
I got the warning message saying:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHIG NASTY
blah blah blah...
I followed Why Tea's steps:
1. $ ssh-keygen -t rsa
2. $ cd $HOME/.ssh
3. scp id_rsa.pub <root@ssh_server IP>:id_rsa_myname.pub
... get stuck here...
If this problem can be solved , I will follow Why Tea's steps to do
the next...
> suggestions inhttp://www.aerospacesoftware.com/ssh-login-howto.html
> to do the following:
> 1) create the public/private key pair and use
> passphrase for the private key and copy the
> public key the the remote host (just the
> standard stuff)
> 2) instead of spawning ssh, the script spawns ssh-add
> 3) expect "id_rsa: "
> 4) you can send in the hard code passphrase
> 5) you should be logged if you get an "eof", i.e. expect eof
> 6) now, spawn ssh and do what you have to do
>
> Steps 2-6 are pretty much what's described in the Web page.
> Assuming you have written your script as described and called
> it autossh.exp, you would run it with ssh-agent, i.e.
> ssh-agent autossh.exp
>
> Another source of reference:http://www.unix.org.ua/orelly/
> networking_2ndEd/ssh/ch11_01.htm
>
> Hope it helps.- Hide quoted text -
Why Tea
Not sure how you got stuck. Nevertheless, you can try with this
script:
http://www.edoceo.com/creo/pussh.php
/Why Tea
Why Tea
I hope you managed to create the keys with the script. It worked for
me.
I have modified Uwe's script to handle passphrase. It should now
handle login's with user's password as well as user's passphrase for
encryption keys. For your test:
1) Use only one system in loginlist
2) Add your passphrase as an additional item into the list
3) The "interact" at the end is for you to do some manual tests
The modified script worked for me using either password or passphrase.
The systems tested were Linux and Solaris. As I mentioned, I used to
have a lot of problems getting it to work this way, but that was a few
years ago. If this fails to work for you, you can then try the ssh-
agent method. Good luck.
Regards,
/Y.T.
----------------------- Uwe's modified script -----------------------
#!/usr/bin/expect
# empty string for a well formed prompt, else fill in the expected
prompt
set loginlist {
{username} {hostname or IP} {password} {system
prompt} {passphrase}
}
foreach {user host passwd prompt passphrase} $loginlist {
puts stderr "Login in to $host as $user"
# or whatever is the proper prompt for your systems
if { "$prompt" == "" } {
# mind the space at the end!!
# if you leave that off you will get eratic behaviour
set prompt "${user}@${host}:~> "
}
spawn ssh ${user}@${host}
set success 0
expect \
user: {
# with the username given you should never be here
exp_send $user\r
puts stderr "EXP username requested and sent "
exp_continue
} assword: {
# in autologon you don't see this either
# and the password request neither
exp_send $passwd\r
exp_continue
puts stderr "EXP password requested and sent "
} -re "passphrase .*: " {
# passphrase
exp_send $passphrase\r
exp_continue
puts stderr "EXP password requested and sent "
} "connecting (yes/no)?" {
# never been there before, answer yes:
exp_send "yes\r"
puts stderr "EXP hostkey new!"
exp_continue
} $prompt {
# ok all the trash like motd, hello and last logon
# are ignored
puts stderr "EXP Loged in!, motd ignored"
set success 1
} timeout {
# nobody there, something else wrong, whatever
puts stderr "EXP Timeout, theres been an error"
}
if {$success} {
puts stderr "EXP Logged in to $host as $user
congrats!"
lappend ::INFO(hosts)
set ::INFO($host,spawn_id) $spawn_id
set ::INFO($host,user) $user
} else {
puts stderr "EXP NO Login possible bahhhh"
}
}
interact
----------------------- Uwe's modified script -----------------------
---
Schubert
The ssh server that I am copying the public key to is not a typical
unix box. The user "root" to login this box can not access the
directories within, but I can use another user "admin" to login to
access the directories. I have copied the key and cat the key to the
authorized_keys. Now I can login as user "admin" with only typing the
passphrase, but I need to login as "root" to execute the "run batch"
command instead of user "admin".
> > > > - Show quoted text -- Hide quoted text -