| |||
Authentication using SSH Posted by elliot (elliot), 11 July 2003 Hi,Just wondering if anyone can help I am attempting to validate using SSH, a given user for a given host. I am unsure as to how to handle the return - and have little experience in this side of tcl. Any help, example scripts would be appreciated. Many thanks Elliot Posted by admin (Graham Ellis), 11 July 2003 Are you using (or hoping to use) Expect?If so, the best way forward is to run a session manually, and note down the exact "I send" anbd "I get" sequences - almost like noting down the moves of two characters around the stage in a play or ballet. The automate it step by step - a spawn, followed by a series of expect and send commands. Concentrate at first on getting the code working for a good connection, they start adding in the extras to handle errors. If the script appears to hang for 10 seconds, you have something wrong and have suffered a timeout ... Posted by elliot (elliot), 14 July 2003 Hi,Thanks for the reply - but, I am not sure what "Expect" is? So far I have:- set sid [socket -async fidev54 22] fileevent $sid w {set connected 1} vwait connected puts "$connected=connected" set err [ fconfigure $sid -error] if { [string length $err ] } { puts "error = $err" } else { set authed 1 } I have tried exec ssh etc - but do not get a return..... bit confused and stuck! Thanks Elliot Posted by admin (Graham Ellis), 14 July 2003 Expect is a Tcl extension (see http://expect.nist.gov that allows you to automate hard-to-automate tasks ... This is a brief answer - I'm writing from a mobile ... let me know if you want me to post further. By the way - Expect will be much quicker for you that programming raw sockets!Posted by elliot (elliot), 14 July 2003 Graham,Many thanks for the reply.... I had not heard of Expect before. I am currently investigating getting hold of expect (due to corporate poilcy) - and so in the mean time am looking at socket level connection - is this possible? Thanks Elliot Posted by admin (Graham Ellis), 14 July 2003 I think that you would need to get hold of the secure socket layer libraries in order to write your own SSH client; it's not something that I would like to attempt personally, but there might be something available that I've not come across. If you were using Telnet or some other protocol, that would be much easier (but then also much less secure too). The beauty of expect is that it will use the security that's already built into the ssh client on the local machine.Posted by elliot (elliot), 14 July 2003 Graham,Many thanks for your assistance - I would not want to attempt to code my own SSH! I am currently looking at Expect, and hope, that I can use it just to interogate the SSH server - to confirm that the public key is correct. At that point, I would want the tcl app to continue. Elliot Posted by admin (Graham Ellis), 15 July 2003 Yes; Expect is EXTRA commands on top of Tcl, so all the Tcl stuff will remain available to youThis page is a thread posted to the opentalk forum
at www.opentalk.org.uk and
archived here for reference. To jump to the archive index please
follow this link.
| |||
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho |