I am looking to execute a password change over Net-ssh and this code seems to hang:
Net::SSH.start(server_ip, "user", :verbose => :debug ) do |session|
session.process.popen3("ls") do |input, output, error|
["old_pass","test", "test"].each do |x|
input.puts x
end
end
end
I know the connection works because using a simple exec I can get the output from ls on the remote server, but this hangs.
Any ideas?
The last message from debug is that the public key succeeded.
This one will solve your issue ,, note this script to change password for a list of servers list in file
#~~~~~~~~~~~~~~~~~~~~~~~
# Change Password is a simple script to change the password for a list of servers
# Coded by : Sabry Saleh
# License : GPL2
#~~~~~~~~~~~~~~~~~~~~~~~
#=-Notes-=
# You have to install ruby + net-ssh gems
# sudo gem install net-ssh
#~~~~~~~~~~~~~~~~~~~~~~~
require 'net/ssh'
host = IO.readlines('test1.txt') # full path of servers' list
port = 22 # SSH port
user = 'username' # username
i = 0
while i < host.length
Net::SSH.start(host[i], user , :password => "User pass" , :port=> port) do |ssh|
ssh.open_channel do |channel|
channel.on_request "exit-status" do |channel, data|
$exit_status = data.read_long
end
channel.request_pty do |channel, success|
channel.exec("sudo passwd UserName") # Logged user shuold be root or sudoers memeber
if success
channel.on_data do |channel, data|
puts data.inspect.chomp("\r\n")
channel.send_data("New pass\n") # put the New password you need to set
sleep 0.1
end
else
puts "FAILED!!"
end
end
channel.wait
puts "SUCCESS!!" if $exit_status == 0
end
end
i += 1
end
Related
I have code that requires me to connect to one server, rsync to a different server, then connect to the second server and run a bunch of commands on it. But without fail, the second SSH connection throws a 'do_open_failed': open failed (1) (Net::SSH::ChannelOpenFailed) error. Am I doing something wrong here, is there a way to close the first connection properly that makes the second one connect?
Net::SSH.start(self.from_creds['host'], self.from_creds['user'], :password => self.from_creds['password']) do |ssh|
channel = ssh.open_channel do |ch|
ch.exec "/usr/bin/rsync -e ssh -varuzP --exclude=sys-export --delete #{self.from_creds['filepath']}/#{self.client_id}/ #{self.scp_to}/#{new_client_id}" do |ch, success|
raise "could not execute command" unless success
# "on_data" is called when the process writes something to stdout
ch.on_data do |c, data|
$stdout.print data
end
# "on_extended_data" is called when the process writes something to stderr
ch.on_extended_data do |c, type, data|
$stderr.print data
end
ch.on_close { puts "done!" }
end
end
channel.wait
end
Net::SSH.start(self.to_creds['host'], self.to_creds['user'], :password => self.to_creds['password']) do |ssh1|
# Do some other stuff here
tmp_path = "#{self.to_creds['filepath']}/tmp/#{Time.now.to_i}"
ssh1.exec "mkdir -p #{tmp_path}"
ssh1.exec "cd #{self.to_creds['filepath']}/#{new_client_id}"
end
According to the documentation, exec doesn't block. Trying using exec! instead.
Net::SSH.start(self.to_creds['host'], self.to_creds['user'], :password => self.to_creds['password']) do |ssh1|
# Do some other stuff here
tmp_path = "#{self.to_creds['filepath']}/tmp/#{Time.now.to_i}"
ssh1.exec! "mkdir -p #{tmp_path}"
ssh1.exec! "cd #{self.to_creds['filepath']}/#{new_client_id}"
end
Alternatively,
Net::SSH.start(self.to_creds['host'], self.to_creds['user'], :password => self.to_creds['password']) do |ssh1|
# Do some other stuff here
tmp_path = "#{self.to_creds['filepath']}/tmp/#{Time.now.to_i}"
ssh1.exec "mkdir -p #{tmp_path}"
ssh1.exec "cd #{self.to_creds['filepath']}/#{new_client_id}"
ssh1.loop
end
I'm having problems getting Net::SSH::Multi library to work, it should connect to each box and run that command, I'm trying to get the output.
Here's my code:
#!/usr/bin/env ruby
require 'rubygems'
require 'net/ssh'
require 'net/ssh/multi'
#ssh_responses = Array.new
puts "Starting vhost grab..."
# SSH into each instance, and download Vhost Dump
Net::SSH::Multi.start(:on_error => :ignore) do |ssh|
ssh.use 'ec2-1-1-1-1.compute-1.amazonaws.com', :user => 'portal_user', :keys => ['~/.ssh/portal_user.pem']
ssh.use 'ec2-1-1-1-2.compute-1.amazonaws.com', :user => 'portal_user', :keys => ['~/.ssh/portal_user.pem']
puts "Added servers..."
stdout = ""
# run this on all boxes
ssh.exec 'pwd' do |channel, stream, data|
puts "Trying execution..."
channel.request_pty do |c, success|
puts "Trying to request tty..."
if success
puts "Successfully requested tty"
command = "sudo ls /root"
c.exec(command) do |c, success, data|
puts "Executing commands..."
stdout << data if stream == :stdout
end
#ssh_responses << stdout
puts "Storing responses..."
end
end
end
ssh.loop
end
puts #ssh_responses
puts "Script executed."
And the response I get from running is:
$ ruby serverAction.rb
Starting vhost grab...
Added servers...
Trying execution...
Script executed.
I have to read the contents of a remote file I have permissions to (sudo) read with
cat,less or tail.
I am going to be doing this in Ruby so I assume I should be using Net::SSH to do it.
The file is a log file so it can be quite big.
This is the code I am trying now:
require 'rubygems'
require 'net/ssh'
cmd = "sudo cat /var/logs/httpd/ACCESS_log.2012.03.23"
Net::SSH.start( "SERVER" , "USER", :password => "PASSWORD") do |ssh|
ssh.open_channel do |channel|
channel.request_pty
channel.exec(cmd);
channel.on_close do
puts "shell terminated"
end
channel.on_eof do |ch|
puts "remote end is done sending data"
end
channel.on_extended_data do |ch, type, data|
puts "got stderr: #{data.inspect}"
end
channel.on_data do |channel, data|
if data =~ /^\[sudo\] password for USER:/
puts "data works"
channel.send_data 'PASSWORD'
end
channel.on_data do |ch,data|
puts "in third"
puts data.inspect
end
end
channel.on_process do |ch|
puts "in process"
end
ssh.loop
end
end
When I run that I get the following output:
in process
in process
in process
data works
in process
in process
in process
in third
"\r\n"
remote end is done sending data
shell terminated
The log actually currently has a few thousand lines of data in it, because I can read it from the actual server using putty.
How do I get that out from channel.on_data ?
Thanks
I think you need to add a \n to the password you send. This works for me. Note, The place where I commented out the else clause, you could possibly get the info from there too, but it works as you have it, but with a \n in the password.
require 'rubygems'
require 'net/ssh'
cmd = "sudo cat /var/log/mail.log"
HOSTNAME = "myhost.example.com"
USERNAME = "me"
PASSWORD = "12345"
Net::SSH.start( HOSTNAME , USERNAME, :password => PASSWORD) do |ssh|
ssh.open_channel do |channel|
channel.request_pty
channel.exec(cmd);
channel.on_close do
puts "shell terminated"
end
channel.on_eof do |ch|
puts "remote end is done sending data"
end
channel.on_extended_data do |ch, type, data|
puts "got stderr: #{data.inspect}"
end
channel.on_data do |channel, data|
if data =~ /^\[sudo\] password for #{USERNAME}:/
puts "data works"
channel.send_data "#{PASSWORD}\n"
else
#puts "OUTPUT NOT MATCHED: #{data}"
end
channel.on_data do |ch,data|
puts "in third"
puts data.inspect
end
end
channel.on_process do |ch|
puts "in process"
end
ssh.loop
end
end
You are replacing a new on_data callback while executing an on_data callback. I haven't spelunked the internals of Net::SSH, but that could produce surprising behavior.
Try changing your code in your two on_data callbacks to be one, and see if that helps.
channel.on_data do |channel, data|
if data =~ /^\[sudo\] password for USER:/
puts "data works"
channel.send_data 'PASSWORD'
else
puts "in third"
puts data.inspect
if
end
As a side note, since you need sudo to read the logs, someone thinks they and that server are worth protecting. It looks like you're embedding passwords which give privileged access to the server in this ruby program. That implies anyone who can read the program gains the same privileged access. What will you do to limit access to the password in this program?
require 'net/ssh'
Net::SSH.start('host', 'user', :password => "password") do |ssh|
# capture all stderr and stdout output from a remote process
output = ssh.exec!("hostname")
puts output
# capture only stdout matching a particular pattern
stdout = ""
ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
stdout << data if stream == :stdout
end
puts stdout
# run multiple processes in parallel to completion
ssh.exec "sed ..."
ssh.exec "awk ..."
ssh.exec "rm -rf ..."
ssh.loop
# open a new channel and configure a minimal set of callbacks, then run
# the event loop until the channel finishes (closes)
channel = ssh.open_channel do |ch|
ch.exec "/usr/local/bin/ruby /path/to/file.rb" do |ch, success|
raise "could not execute command" unless success
# "on_data" is called when the process writes something to stdout
ch.on_data do |c, data|
$stdout.print data
end
# "on_extended_data" is called when the process writes something to stderr
ch.on_extended_data do |c, type, data|
$stderr.print data
end
ch.on_close { puts "done!" }
end
end
channel.wait
# forward connections on local port 1234 to port 80 of www.capify.org
ssh.forward.local(1234, "www.capify.org", 80)
ssh.loop { true }
end
Latest Document 17.11.25
Good day everyone
I need to execute command on linux machine this command is interactive
command.
Interactive command means require input like [yes , no] or password
twice
my real case is.
I create a script execute commands and get the outputs successfully.
but some servers has Loging password expired so I need to interact with
server to send the current password + the new password(twice)
ssh userName#10.0.0.243
userName#10.0.0.243's password:
You are required to change your password immediately (password aged)
Last login: Sun Aug 7 13:15:40 2011 from 10.0.0.28
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user userName.
Changing password for userName
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
Notes::
I'm using Ruby 1.9.2
I've no problem in executing command in normal case
please, I have to avoid workarounds like (echo "pass" | ssh -S) to make me pass any other interactive situations.
I'm using 'net/ssh' libs
The Script is Attached http://king-sabri.net/files/LinuxHWScanner.rb
I tried "net/ssh/telnet" and it doesn't help
Some advises tell useing 'rake/remote_task' is the solution but I can't understand how it works in my case
if you need more simplicity, here a simple code if you make it works I thing it'll solve my previous issue
require 'net/ssh'
host = "10.0.0.106"
port = 22 # SSH port
user = 'root' # username
pass = "123123" # password
Net::SSH.start( host,user,:password => pass, :port=> port , :verbose => :error ) do |session|
puts session.exec!("passwd root")
end
Something like this?
Net::SSH.start('10.0.0.6', 'not_root', :password => "test") do |ssh|
ssh.open_channel do |channel|
channel.on_request "exit-status" do |channel, data|
$exit_status = data.read_long
end
channel.exec("passwd") do |channel, success|
if success
channel.on_data do |channel, data|
# Don't really need this callback actually
puts "got data: #{data.inspect}"
end
# You don't need this line if you're root
channel.send_data("oldpass\n")
channel.send_data("newpass\n")
channel.send_data("newpass\n")
else
puts "FAILED"
end
end
channel.wait
puts "SUCCESS" if $exit_status == 0
end
end
This one is dirty, but working for both upon premature on-expiration prompt and upon passwd issuing:
Net::SSH.start('localhost', 'not_root', :password => "test") do |ssh|
ssh.open_channel do |channel|
channel.on_request "exit-status" do |channel, data|
$exit_status = data.read_long
end
channel.on_data do |channel, data|
puts data.inspect
if data.inspect.include? "current"
channel.send_data("oldpass\n");
elsif data.inspect.include? "new"
channel.send_data("newpass\n");
end
end
channel.request_pty
# This will just safely fail if we have already a password prompt on
channel.exec("passwd");
channel.wait
# Will reflect a valid status in both cases
puts $exit_status
end
end
In a previous question I figured out how to start a password-authenticated ssh sessions on multiple servers to run a single command. Now I need to be able to execute a "sudo" command. The problem is, that net-ssh-multi does not allocate a pseudo terminal (pty), which sudo needs to run, resulting in the following error:
[127.0.0.1 : stderr] sudo: sorry, you must have a tty to run sudo
According to the documentation, a pseudo-terminal can be allocated with a method call to a channel object, however, the following code does not work: it generates the "no tty" error above:
require 'net/ssh'
require 'net/ssh/multi'
Net::SSH::Multi.start do |session|
# define the servers we want to use
my_ticket.servers.each do |session_server|
session.use session_server , :user => user_name , \
:password => user_pass
end
# execute commands on all servers
session.exec 'sudo ls /root' do |channel, stream, data|
if data =~ /^\[sudo\] password for user:/
channel.request_pty # <- problem must be here.
channel.send_data user_pass
end
end
# run the aggregated event loop
session.loop
end
$ ruby --version
ruby 1.8.7 (2008-08-11 patchlevel 72) [i386-cygwin]
Can you try something like this:
channel.request_pty do |c, success|
if success
command = "sudo YOUR_COMMAND"
c.exec(command) do |c, success|
# Some processing
end
end
end
In this case 'sudo' is inside.
You need to request a pty before running the command.
session.open_channel do |ch|
ch.request_pty
ch.exec "sudo ls /root"
end
Also you may remove the tty requeriment from /etc/sudoers. To do it run visudo and comment Defaults requiretty
This is what I wound up doing, thanks to #Christian and this wonderful Pastie:
Net::SSH::Multi.start do |session|
# define the servers we want to use
my_ticket.servers.each do |session_server|
session.use session_server , :user => my_ticket.user_name , \
:password => my_ticket.user_pass
end
session.open_channel do |channel|
channel.request_pty do |c, success|
raise "could not request pty" unless success
channel.exec "sudo YOUR_COMMAND"
channel.on_data do |c_, data|
if data = /\[sudo\]/
channel.send_data(#password + "\n")
end
puts data
end
end
end
# run the aggregated event loop
session.loop
end