I have written an application for SSH, but the originally used library is no longer developed and has old methods of encryption. Thus, it is not usable for contemporary devices. I am looking for alternatives and I found Chilkat.
I am able to start connecting to the device (Cisco switch for instance), but communication behaves in strange ways.
The basic principle of my program is based on talking client (my program) and server (Cisco switch). After the login is done, I get prompt saying that I would get into priviledged mode by command enable. I recongize this need by sign > at the end of prompt. I send command enable and awaiting prompt Password: After I get it I a send password. I am using two components and timer in this time :
success = ssh.ChannelSendString(channelNum, commandToSend & Chr(13), "ansi")
and
auxStr = ssh.GetReceivedText(channelNum, "ansi")
when I get word Password: in receiving text, I send password string like a commandToSend
but I get % Access denied
I am pretty sure that the password is OK; it seems like one extra enter is sent via connection, because during next returned text is this message :
Translating "passwordString"...domain server (255.255.255.255)
it indicates that passwordString was sent into the switch after message
% Access denied
not like an answer to Password: prompt.
I made debugging in the code to see what my program is sending to switch, but everything seems to be correct. Maybe some mistake in chilkat component ?
Has anybody similar experience ? Or explanation of this behaviour and advice how to solve it, please ?
Send the "enable" command (or just "ena") followed by a single CHR(13). Then get the output from the SSH server, which should be the "Password:" prompt. Then send the password followed by the CHR(13). Then get the output. The send each command terminated by a single CHR(13) and get the output after each command.
Related
I login our company server by ssh, but the server ask my password and otp token.
Since i know my otp secret, so i can generate my otp in my script.
the prompt looks like this:
$ ssh mike#relay.office.com
Your password:
Your token:
let's assume my password is "123", and token is "456"
I wrote a expect script like this, which is supposed to work
#!/usr/bin/expect
spawn ssh mike#relay.office.com
expect "password:"
send "123\n"
send "456\n"
interact
However the prompt just like this:
$ ./expect.sh
Your [EMAIL] password:
Your [VPN] token:
^[[?65;1;9cInvalid credentials
You see, the ssh server return some massy code followed by "Invalid credentials"
I don't understand where the messy code came from.
In normal situation. Even i type the wrong password or token, it will just prompt "Invalid credentials" without any messy code. Is it some sort of anti-script login method from our ssh server?
Some Supplyment
Per answer below, i need to clarify, i forget to paste expect line in my script before. But even with it, the problem stands still.
And another thing i didn't mention before, but maybe related. when i type ssh mike#xxx.com. the server returned a QR code.(yeah, QR code in terminal.) it contains color escape as well as some unicode characters. I'm not sure if expect has any bug on handling unicode characters
The "messy code" is a terminal escape sequence, probably intended to change the colour or font of the following error message.
But the main problem here is that as written, your script will launch the ssh command and then immediately send the following lines, without waiting for ssh to connect to the remote machine. You should use expect commands to wait for each prompt before sending the response, e.g.
spawn ssh mike#relay.office.com
expect "password:"
send "123\n"
expect "token:"
send "456\n"
interact
When I ssh to git#github.com, I get a message that looks like this:
Hi <my username>! You've successfully authenticated, but GitHub does not provide shell access.
The connection is then closed. I understand this is intentional behavior, but how do they do it? Is there a config option in sshd_config? Is it a different or proprietary package to manage ssh connections? How do they change the message to include the username?
I have no idea what to look up to find these answers. Any searches involving TTY allocation seem to only return troubleshooting for servers that shouldn't be doing that.
It's either that the user shell is set to /bin/false (or something else that does nothing) and there is a sshd "banner" or "motd" (message of the day) that has that message,
or that the user shell is set to a program that emits that message and exits.
I need to SSH a remote machine and get onto the developer mode. To be specific, I want to execute the command 'Ctrl+gog' upon which I will be prompted for a password. I know how to execute the normal commands, for example chan.send("enable\n"). Please provide me with an answer.
chan.send("\x07\x0F\x07")
Above command worked fine for me.Just concatenate the Hexa equivalent for Ctrl-g,Ctrl-o,Ctrl-g which is, x07x0Fx07.
i am trying to connect to a remote machine(Windows) using TST10 script.i have the VPN access to that machine. i want to automate the telnet session using the TST10 script, kinldy help.
my code is:
xx.x.xxx.xx
WAIT "login:"
SEND "domain\username\m"
WAIT "password:"
SEND "VPNpassword\m"
WAIT ">"
SEND "command 1\m"
WAIT ">"
SEND "command 2\m"
Here the "username" is the VPN username and not the user account name on the remote machine and "domain" is different from my computer's domain.
If i am telnetting manually from my command prompt with the same VPN credentials, it is working.
But, using the script, i am getting an error : the handle is invalid.
Do i need to give the credentials of the user account in the script or these VPN credentials can also work.
Also, please tell me the reason why i am able to do it manually and why not using the script.
you need a double backslash between your domain and username:
xx.x.xxx.xx
WAIT "login:"
SEND "domain\\username\m"
Hi I've the following script that make an ssh login to my server.
spawn ssh presnetwork#192.168.244.14
expect "*(yes/no)?"
send "yes"
expect "password:"
send "pwd\n"
close
it works fine but it doesn't pass 'pwd' value to system, so script goes timeout and quit.
Any suggestions?
You could try with "KbdInteractiveAuthentication" set to "no"
(ssh -o KbdInteractiveAuthentication="no" presnetwork#192....). SSH by default uses Keyboard Interactive Authentication, which is something expect might not understand.
I would strongly recommend that you use public key authentication instead (as already recommended by Flo). It is way easier to handle, and way more secure, and way more comfortable. If you are just looking for a way to login to a remote server without having to enter the password everytime, take a look at ssh-agent, which will store the password for you after you entered it once in your desktop session. If you really don't want to enter your password, use pam_ssh, where your desktop login password will be used.
By default, the expect command is not yet installed. So, you to install it to acquire correct output.