Re: Automatic ssh connections

yuki_at_mbc.ocn.ne.jp
Date: 03/15/04

  • Next message: secureshell_at_securityfocus.com: "RE: Protected message"
    Date: Mon, 15 Mar 2004 09:25:11 +0900 (JST)
    To: youssef.benkirane@mystream.fr
    
    

    > From: "Benkirane Youssef" <youssef.benkirane@mystream.fr>
    > Subject: Automatic ssh connections
    > Date: Fri, 12 Mar 2004 18:44:25 +0100
    > Message-ID: <002301c40859$a955a390$691ac289@Youssef>

    > Hi,
    >  
    > I want to make a script to make automatic ssh connections to cisco routers,
    > to modify their configuration dynamically.
    > For this purpose, I will use a file which stores the ssh passwords for each
    > router, and my script will use this file to log to the routers.
    > But the problem is when you connect with the openssh client, you must enter
    > the password in the tty.
    >  
    > Does anyone knows how to modify openssh client configuration or source code,
    > so he can read the password from a file.

    I recommend you to use the "expect".
      -> see: http://expect.nist.gov/

    Following is my simple example script.
    (But I have no environment to test my code.)

    ---------------------- sample script ----------------------
    #!/usr/local/bin/expect -f

    set timeout 10

    set pwdfile [open "/hogehoge/passwords" "r"]

    set ssh "/usr/bin/ssh"
    #set ssh "/usr/local/bin/ssh"

    while { [gets $pwdfile line] != -1 } {
            set target_ip [lindex $line 0]
            set hostname [lindex $line 1]
            set login_pass [lindex $line 2]
            set enable_pass [lindex $line 3]
            #
            set prompt [append $hostname ">"]
            set prompt_ena [append $hostname "#"]
            set prompt_conf [append $hostname "(config)#"]

            # to skip the comment line
            if { [string compare $target_ip "#"] == 0 } continue;

            puts "DEBUG: IP = $target_ip"

            spawn $ssh $target_ip

            expect "Password:"
            send "$login_pass\r"

            expect {
                    "$prompt" {
                            send "ena\r"

                            expect "password:"
                            send "$enable_pass\r"

                            expect {
                                    "$prompt_ena" {
                                            send "conf t\r"

                                            # place the code here to modify
                                            # the configuration
                                    }
                            }
                    }
            }

            send "exit\r"
    }

    close $pwdfile
    ----------------- end of sample script --------------

    ----------------- /hogehoge/passwords ----------------
    # IP address hostname login pwd enable pwd
    192.168.0.1 sun sierjnd eksienc
    192.168.0.2 mercury xirnjfu jelfnse
    192.168.0.3 venus viheuwg wqpvjmw
    192.168.0.4 earth bldjwng sikwfjh
    192.168.0.5 mars digvufj gpikdue
    ----------------- end of /hogehoge/passwords ----------------


  • Next message: secureshell_at_securityfocus.com: "RE: Protected message"

    Relevant Pages

    • Automatic ssh connections
      ... I want to make a script to make automatic ssh connections to cisco routers, ... Does anyone knows how to modify openssh client configuration or source code, ...
      (SSH)
    • Re: Automatic ssh connections
      ... > I want to make a script to make automatic ssh connections to cisco routers, ... and my script will use this file to log to the routers. ... > Does anyone knows how to modify openssh client configuration or source code, ...
      (SSH)
    • RE: changing routers and switchs passwords remotely
      ... executes whatever command you want on them and outputs the results in a ... Another script was written to specifically get "show tech" and can do ... # device file format is router_name router_ip. ... changing routers and switchs passwords remotely ...
      (Security-Basics)
    • RE: changing routers and switchs passwords remotely
      ... the telnet scripting tool. ... Just google for it, it's used to script ... changing routers and switchs passwords remotely ... The Freeware edition of Kiwi CatTools supports: ...
      (Security-Basics)
    • Cisco + Linux How to store configs in one script?
      ... I tried to do a linux shell script that made a sh run in each of my ... the exit of this script goes directly to a file so I could ... tell me other win/linux engine to get all the configs of my routers? ...
      (comp.dcom.sys.cisco)