From: CsB on
I am attempting to write a couple of test scripts to use SSH for
connecting to a host, executing commands, and displaying the results..

I've exhausted my google-fu (even Google code search) and hoped
someone might be able to enlighten me as to why this script is
failing.

I'm receiving "Channel open failure: 1: reason 1: open failed" in my
debug statements. From what I can tell, all this means is the SSH
Open was administratively prohibited (for any number of reasons).

What I'm confused about, though, is I connect to my test host using
SSH 2. And in the Net::SSH::Perl docs, it says "SSH-2 fuly supports
running more than one command over the same connection". However, in
my debug info (below) it looks like my script is attempting to open a
second connection (channel 1) for sending the command instead of using
the currently open connection (channel 0).

Is there something special I need to do to utilize the existing open
connection for subsequent commands? Or, am I way out in left-field on
ths problem?

Any suggestions or advice would be greatly appreciated.

- - BEGIN - SCRIPT - - - - - - - -

use Net::SSH::Perl;
use strict;
use warnings;
my $host = "example.host.com";
my $user = "username";
my $password = "password";
my $cmd = "ls";
my $ssh = Net::SSH::Perl->new(
$host,
debug => 1,
protocol => '2,1',
port => 22
);
$ssh->login( $user, $password );
$ssh->register_handler(
"stdout",
sub {
my ( $channel, $buffer ) = @_;
print "I received this: ", $buffer->bytes;
}
);
$ssh->cmd($cmd);

- - END - SCRIPT - - - - - - - -

- - BEGIN - OUTPUT - - - - - - - -

development[/home/user]# test-ssh.pl
development: Reading configuration data //.ssh/config
development: Reading configuration data /etc/ssh_config
development: Allocated local port 1021.
development: Connecting to example.host.com, port 22.
development: Remote version string: SSH-2.0-OpenSSH_2.9p2

development: Remote protocol version 2.0, remote software version
OpenSSH_2.9p2
development: Net::SSH::Perl Version 1.30, protocol version 2.0.
development: No compat match: OpenSSH_2.9p2.
development: Connection established.
development: Sent key-exchange init (KEXINIT), wait response.
development: Algorithms, c->s: 3des-cbc hmac-sha1 none
development: Algorithms, s->c: 3des-cbc hmac-sha1 none
development: Entering Diffie-Hellman Group 1 key exchange.
development: Sent DH public key, waiting for reply.
development: Received host key, type 'ssh-dss'.
development: Host 'example.host.com' is known and matches the host
key.
development: Computing shared secret key.
development: Verifying server signature.
development: Waiting for NEWKEYS message.
development: Enabling incoming encryption/MAC/compression.
development: Send NEWKEYS, enable outgoing encryption/MAC/compression.
development: Sending request for user-authentication service.
development: Service accepted: ssh-userauth.
development: Trying empty user-authentication request.
development: Authentication methods that can continue: keyboard-
interactive,password.
development: Next method to try is password.
development: Trying password authentication.
development: Login completed, opening dummy shell channel.
development: channel 0: new [client-session]
development: Requesting channel_open for channel 0.
development: channel 0: open confirm rwindow 0 rmax 16384
development: Got channel open confirmation, requesting shell.
development: Requesting service shell on channel 0.
development: channel 1: new [client-session]
development: Requesting channel_open for channel 1.
development: Entering interactive session.
development: Channel open failure: 1: reason 1: open failed
development[/home/user]#

- - END - OUTPUT - - - - - - - - - -

From: Mumia W. (NOSPAM) on
On 02/06/2007 10:33 AM, CsB wrote:
> I am attempting to write a couple of test scripts to use SSH for
> connecting to a host, executing commands, and displaying the results..
>
> I've exhausted my google-fu (even Google code search) and hoped
> someone might be able to enlighten me as to why this script is
> failing.
>
> I'm receiving "Channel open failure: 1: reason 1: open failed" in my
> debug statements. From what I can tell, all this means is the SSH
> Open was administratively prohibited (for any number of reasons).
> [...]

Maybe, maybe not. I advise against using Net::SSH::Perl. Others have
noted it to be buggy, and I consider it to be overly complicated and
perhaps a reduction of system security.

Please use Net::SSH or Expect along with the 'ssh' command instead.


HTH


--
Windows Vista and your freedom in conflict:
http://www.badvista.org/
From: CsB on
On Feb 6, 2:39 pm, "Mumia W. (NOSPAM)" <paduille.4060.mumia.w
+nos...(a)earthlink.net> wrote:
> Please use Net::SSH or Expect along with the 'ssh' command instead.

Thank you for your response.

The script I will eventually produce will replace one that currently
uses Net::Telnet. It accesses several thousand network components
(routers, switches, wireless access points, etc).

Please correct this if I am wrong, but if I use Net::SSH, I will need
to create and maintain a host key for each network component. This is
the primary reason I looked into Net::SSH:Perl first.

When you say to use "Expect along with the 'ssh' command instead",
would you be kind enough to provide a link to an example? I'm not
quite sure I understand your suggestion.

Also, I'm suprised I haven't received any additional responses. Do
you think I might have posted this in the wrong perl group?

Thank you again.

From: zentara on
On 7 Feb 2007 11:22:08 -0800, "CsB" <CSB001(a)gmail.com> wrote:

>On Feb 6, 2:39 pm, "Mumia W. (NOSPAM)" <paduille.4060.mumia.w
>+nos...(a)earthlink.net> wrote:
>> Please use Net::SSH or Expect along with the 'ssh' command instead.
>
>Thank you for your response.
>
>The script I will eventually produce will replace one that currently
>uses Net::Telnet. It accesses several thousand network components
>(routers, switches, wireless access points, etc).
>
>Please correct this if I am wrong, but if I use Net::SSH, I will need
>to create and maintain a host key for each network component. This is
>the primary reason I looked into Net::SSH:Perl first.
>
>When you say to use "Expect along with the 'ssh' command instead",
>would you be kind enough to provide a link to an example? I'm not
>quite sure I understand your suggestion.
>
>Also, I'm suprised I haven't received any additional responses. Do
>you think I might have posted this in the wrong perl group?
>
>Thank you again.

You would be best off using the newer Net::SSH2

#!/usr/bin/perl
use warnings;
use strict;
use Net::SSH2;
use Data::Dumper;

# assuming a user named 'z' for demonstration
# connecting to localhost, so you need your sshd running

# see maillist archives at
# http://lists.sourceforge.net/lists/listinfo/ssh-sftp-perl-users
# for deeper discussions

my $ssh2 = Net::SSH2->new();

#connect
$ssh2->connect('localhost') or die "Unable to connect Host $@ \n";

# authorize
# this works but I use keys below
# $ssh2->auth_password('z','zfoobar') or die "Unable to login $@ \n";

#this dosn't work
#$ssh2->auth(username=>'z', interact => 1);

#get the password for the key
use Term::ReadKey;
print "And your key password: ";
ReadMode('noecho');
chomp(my $pass = ReadLine(0));
ReadMode('restore');
print "\n";
$ssh2->auth_publickey('z',
'/home/z/.ssh/id_rsa.pub', #testing on localhost
'/home/z/.ssh/id_rsa',
$pass );


my $chan = $ssh2->channel();
$chan->exec('ls -la');
while (<$chan>){ print }

#will get dir named 2
my $chan1 = $ssh2->channel();
$chan1->exec('ls -la 2');
while (<$chan1>){ print }

# mkdir with sftp
my $sftp = $ssh2->sftp();
my $dir = '/home/z/3';
$sftp->mkdir($dir);
my %stat = $sftp->stat($dir);
print Dumper([\%stat]), "\n";

#put a file
my $remote = "$dir/".time;
$ssh2->scp_put($0, $remote);

#get a small file to a scalar
use IO::Scalar;
my $local = IO::Scalar->new; #it needs a blessed reference
$ssh2->scp_get($remote, $local);
print "$local\n\n";

#get a large file like a 100Meg wav file
my $remote1 = $dir.'/1.wav';
use IO::File;
my $local1 = IO::File->new("> 2.wav"); #it needs a blessed reference
$ssh2->scp_get($remote1, $local1);


# get a dirlist
my $dh = $sftp->opendir($dir);
while(my $item = $dh->read) {
print $item->{'name'},"\n";
}

#shell use
my $chan2 = $ssh2->channel();
$chan2->shell();
print $chan2 "uname -a\n";
print "LINE : $_" while <$chan2>;
print $chan2 "who\n";
print "LINE : $_" while <$chan2>;
$chan2->close;
__END__




--
I'm not really a human, but I play one on earth.
http://zentara.net/japh.html
From: CsB on
On Feb 8, 7:18 am, zentara <zent...(a)highstream.net> wrote:
>
> You would be best off using the newer Net::SSH2
>

Wow, I didn't know Net::SSH2 existed. Searching for SSH on cpan only
turned up the Net::SSH varieties. I will give it a try.

Also, thank you for the example code. It will certainly save me some
time.