Weird output observed on executing ssh commands remotely over ProxyCommand - bash

Team, I have two steps to perform:
SCP a shell script file to remote ubuntu linux machine
Execute this uploaded file on remote ubuntu linux machine over SSH session using PROXYCommand because I have bastion server in front.
Code:
scp -i /home/dtlu/.ssh/key.key -o "ProxyCommand ssh -i /home/dtlu/.ssh/key.key lab#api.dev.test.com -W %h:%p" /home/dtlu/backup/test.sh lab#$k8s_node_ip:/tmp/
ssh -o StrictHostKeyChecking=no -i /home/dtlu/.ssh/key.key -o 'ProxyCommand ssh -i /home/dtlu/.ssh/key.key -W %h:%p lab#api.dev.test.com' lab#$k8s_node_ip "uname -a; date;echo "Dummy123!" | sudo -S bash -c 'echo 127.0.1.1 \`hostname\` >> /etc/hosts'; cd /tmp; pwd; systemctl status cachefilesd | grep Active; ls -ltr /tmp/test.sh; echo "Dummy123!" | sudo -Sv && bash -s < test.sh"
Both calls above are working fine. I am able to upload test.sh and also its running but what is bothering me is during the process am observe weird output being thrown out.
output:
/tmp. <<< expected
[sudo] password for lab: Showing one
Sent message type=method_call sender=n/a destination=org.freedesktop.DBus object=/org/freedesktop/DBus interface=org.freedesktop.DBus member=Hello cookie=1 reply_cookie=0 error=n/a
Root directory /run/log/journal added.
Considering /run/log/journal/df22e14b1f83428292fe17f518feaebb.
Directory /run/log/journal/df22e14b1f83428292fe17f518feaebb added.
File /run/log/journal/df22e14b1f83428292fe17f518feaebb/system.journal added.
So, I don't want /run/log/hournal and other lines which don't correspond to my command in sh.


Consider adding -q to the scp and ssh commands to reduce the output they might produce. You can also redirect stderr and stdout to /dev/null as appropriate.
For example:
{
scp -q -i /home/dtlu/.ssh/key.key -o "ProxyCommand ssh -i /home/dtlu/.ssh/key.key lab#api.dev.test.com -W %h:%p" /home/dtlu/backup/test.sh lab#$k8s_node_ip:/tmp/
ssh -q -o StrictHostKeyChecking=no -i /home/dtlu/.ssh/key.key -o 'ProxyCommand ssh -i /home/dtlu/.ssh/key.key -W %h:%p lab#api.dev.test.com' lab#$k8s_node_ip "uname -a; date;echo "Dummy123!" | sudo -S bash -c 'echo 127.0.1.1 \`hostname\` >> /etc/hosts'; cd /tmp; pwd; systemctl status cachefilesd | grep Active; ls -ltr /tmp/test.sh; echo "Dummy123!" | sudo -Sv && bash -s < test.sh"
} >&/dev/null

Related

Empty ssh invitation (no "user#host:~$") when run command after connect (sh script, sshpass)

Client OS: MacOS 12.1, Server OS: Linux Debian 9 (any server)
case 1:
#!/bin/bash
sshpass -p mypass ssh user#host.ru -o StrictHostKeyChecking=no
works fine:
case 2:
#!/bin/bash
sshpass -p mypass ssh user#host.ru -o StrictHostKeyChecking=no "cd /var/www ; git status ; /bin/bash"
Output of "git status" works fine, but
no "user#host:~$" message in output (input is active).
I tried:
/bin/bash
bash -l
(in server "echo $SHELL" shows /bin/bash)
How to fix it?

Use ssh -t and && inside commands list
#!/bin/bash
sshpass -p mypass ssh -t user#host.ru -o StrictHostKeyChecking=no "cd /var/www && git status && /bin/bash"

Get output from a shell script that does ssh two level

I have two shell scripts like below:
Script1:
ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null my_username#jump_box <<EOF
ls
ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null actual_host <<EOF1
sudo docker ps --format='{{json .}}'
EOF1
EOF
Script2:
details=nothing
ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null my_username#jump_box <<EOF
ls
details=$(ssh -q -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null actual_host "sudo docker ps --format='{{json .}}'")
EOF
echo "${details}"
I need the docker details in a varilable in my local machine so that I can do some operations on it. The first script runs fine and I can see the output of the docker command on my local machine but the second script doesn't work. It seems to be hung/stuck and doesn't do anything and I have to forcefully quit it.

Like the comment from #Gordon Davisson, use a jumpbox.
But you can define it in the ~/.ssh/config file, too.
HOST my_jump_box
hostname jump_box
user my_username
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
HOST actual
hostname actual_hostname
user actual_user
ProxyJump my_jump_box
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
RemoteCommand sudo docker ps --format='{{json .}}'"
Then you can just use ssh actual
To fetch the output details=$(ssh actual).
Btw. Your specific problem could also be solved by changing script2 to:
#!/bin/bash
details=$(./script1)
echo "$details"

How to run shell script with sudo inside through nohup on remote machine

I ran the following command from my local machine:
ssh -i key remote_host "nohup sh test.sh > nohup.out 2> nohup.err < /dev/null &"
then I got error: sudo: sorry, you must have a tty to run sudo
I added -tt option:
ssh -tt -i key remote_host "nohup sh test.sh > nohup.out 2> nohup.err < /dev/null &"
I checked on the remote, test.sh was not running (there was no process id).
I took out the nohup, everything runs fine, ssh -tt -i key remote_host "sh test.sh" but I need to use nohup. Can someone help me? Thanks a lot!
One remote_host: test.sh script:
#!/bin/bash
sudo iptables -A OUTPUT -p tcp --dport 443 -j DROP
sleep 30
sudo iptables -D OUTPUT -p tcp --dport 443 -j DROP

sudo is probably trying to prompt you for a password. You need to set up NOPASSWD in your remote_host's sudoers file or you can use expect

Using bash and ssh how do I write a log locally from a remote host

I am trying to get data from a file from a remote host and write to a log file locally using SSH. The log file tmp_results.log is not being created. Any ideas where I 'm going wrong please?
( ssh -nq -o StrictHostKeyChecking=no \
-i $PEM_PATH/$PEM_FILE $USER#${host} -p $REMOTE_PORT \
tail -n 6 $REMOTE_HOME/data/result.jtl | >> $SCRIPT_DIR/$project/tmp_results.log)

You seems a little bit confused by using pipes and redirections of filedescriptors.
Here you write in your logfile:
ssh -nq -o StrictHostKeyChecking=no \
-i $PEM_PATH/$PEM_FILE $USER#${host} -p $REMOTE_PORT \
tail -n 6 $REMOTE_HOME/data/result.jtl > $SCRIPT_DIR/$project/tmp_results.log
If you want to append the output on existing file just use:
ssh -nq -o StrictHostKeyChecking=no \
-i $PEM_PATH/$PEM_FILE $USER#${host} -p $REMOTE_PORT \
tail -n 6 $REMOTE_HOME/data/result.jtl >> $SCRIPT_DIR/$project/tmp_results.log

Shell script to grep logs on different host and write the grepped output to a file on Host 1

Shell script needs to
ssh to Host2 from Host1
cd /test/test1/log
grep logs.txt for string error
write the grepped output to a file
and move that file to Host1

This can be accomplished by specifying the -f option to ssh:
ssh user#host -f 'echo "this is a logfile">logfile.txt'
ssh user#host -f 'grep logfile logfile.txt' > locallogfile.txt
cat locallogfile.txt
An example using a different directory and cd changing directories to it:
ssh user#host -f 'mkdir -p foo/bar'
ssh user#host -f 'cd foo/bar ; echo "this is a logfile">logfile.txt'
ssh user#host -f 'cd foo/bar ; echo "this is a logfile">logfile.txt'
ssh user#host -f 'cd foo/bar ; grep logfile logfile.txt' > locallogfile.txt
cat locallogfile.txt

Resources