Net::SSH::Perl - Channel open failure?

Discussion in 'Perl Misc' started by CsB, Feb 6, 2007.

  1. CsB

    CsB Guest

    I am attempting to write a couple of test scripts to use SSH for
    connecting to a host, executing commands, and displaying the results..

    I've exhausted my google-fu (even Google code search) and hoped
    someone might be able to enlighten me as to why this script is
    failing.

    I'm receiving "Channel open failure: 1: reason 1: open failed" in my
    debug statements. From what I can tell, all this means is the SSH
    Open was administratively prohibited (for any number of reasons).

    What I'm confused about, though, is I connect to my test host using
    SSH 2. And in the Net::SSH::perl docs, it says "SSH-2 fuly supports
    running more than one command over the same connection". However, in
    my debug info (below) it looks like my script is attempting to open a
    second connection (channel 1) for sending the command instead of using
    the currently open connection (channel 0).

    Is there something special I need to do to utilize the existing open
    connection for subsequent commands? Or, am I way out in left-field on
    ths problem?

    Any suggestions or advice would be greatly appreciated.

    - - BEGIN - SCRIPT - - - - - - - -

    use Net::SSH::perl;
    use strict;
    use warnings;
    my $host = "example.host.com";
    my $user = "username";
    my $password = "password";
    my $cmd = "ls";
    my $ssh = Net::SSH::perl->new(
    $host,
    debug => 1,
    protocol => '2,1',
    port => 22
    );
    $ssh->login( $user, $password );
    $ssh->register_handler(
    "stdout",
    sub {
    my ( $channel, $buffer ) = @_;
    print "I received this: ", $buffer->bytes;
    }
    );
    $ssh->cmd($cmd);

    - - END - SCRIPT - - - - - - - -

    - - BEGIN - OUTPUT - - - - - - - -

    development[/home/user]# test-ssh.pl
    development: Reading configuration data //.ssh/config
    development: Reading configuration data /etc/ssh_config
    development: Allocated local port 1021.
    development: Connecting to example.host.com, port 22.
    development: Remote version string: SSH-2.0-OpenSSH_2.9p2

    development: Remote protocol version 2.0, remote software version
    OpenSSH_2.9p2
    development: Net::SSH::perl Version 1.30, protocol version 2.0.
    development: No compat match: OpenSSH_2.9p2.
    development: Connection established.
    development: Sent key-exchange init (KEXINIT), wait response.
    development: Algorithms, c->s: 3des-cbc hmac-sha1 none
    development: Algorithms, s->c: 3des-cbc hmac-sha1 none
    development: Entering Diffie-Hellman Group 1 key exchange.
    development: Sent DH public key, waiting for reply.
    development: Received host key, type 'ssh-dss'.
    development: Host 'example.host.com' is known and matches the host
    key.
    development: Computing shared secret key.
    development: Verifying server signature.
    development: Waiting for NEWKEYS message.
    development: Enabling incoming encryption/MAC/compression.
    development: Send NEWKEYS, enable outgoing encryption/MAC/compression.
    development: Sending request for user-authentication service.
    development: Service accepted: ssh-userauth.
    development: Trying empty user-authentication request.
    development: Authentication methods that can continue: keyboard-
    interactive,password.
    development: Next method to try is password.
    development: Trying password authentication.
    development: Login completed, opening dummy shell channel.
    development: channel 0: new [client-session]
    development: Requesting channel_open for channel 0.
    development: channel 0: open confirm rwindow 0 rmax 16384
    development: Got channel open confirmation, requesting shell.
    development: Requesting service shell on channel 0.
    development: channel 1: new [client-session]
    development: Requesting channel_open for channel 1.
    development: Entering interactive session.
    development: Channel open failure: 1: reason 1: open failed
    development[/home/user]#

    - - END - OUTPUT - - - - - - - - - -
     
    CsB, Feb 6, 2007
    #1
    1. Advertising

  2. On 02/06/2007 10:33 AM, CsB wrote:
    > I am attempting to write a couple of test scripts to use SSH for
    > connecting to a host, executing commands, and displaying the results..
    >
    > I've exhausted my google-fu (even Google code search) and hoped
    > someone might be able to enlighten me as to why this script is
    > failing.
    >
    > I'm receiving "Channel open failure: 1: reason 1: open failed" in my
    > debug statements. From what I can tell, all this means is the SSH
    > Open was administratively prohibited (for any number of reasons).
    > [...]


    Maybe, maybe not. I advise against using Net::SSH::perl. Others have
    noted it to be buggy, and I consider it to be overly complicated and
    perhaps a reduction of system security.

    Please use Net::SSH or Expect along with the 'ssh' command instead.


    HTH


    --
    Windows Vista and your freedom in conflict:
    http://www.badvista.org/
     
    Mumia W. (NOSPAM), Feb 6, 2007
    #2
    1. Advertising

  3. CsB

    CsB Guest

    On Feb 6, 2:39 pm, "Mumia W. (NOSPAM)" <paduille.4060.mumia.w
    > wrote:
    > Please use Net::SSH or Expect along with the 'ssh' command instead.


    Thank you for your response.

    The script I will eventually produce will replace one that currently
    uses Net::Telnet. It accesses several thousand network components
    (routers, switches, wireless access points, etc).

    Please correct this if I am wrong, but if I use Net::SSH, I will need
    to create and maintain a host key for each network component. This is
    the primary reason I looked into Net::SSH:perl first.

    When you say to use "Expect along with the 'ssh' command instead",
    would you be kind enough to provide a link to an example? I'm not
    quite sure I understand your suggestion.

    Also, I'm suprised I haven't received any additional responses. Do
    you think I might have posted this in the wrong perl group?

    Thank you again.
     
    CsB, Feb 7, 2007
    #3
  4. On 02/07/2007 01:22 PM, CsB wrote:
    > On Feb 6, 2:39 pm, "Mumia W. (NOSPAM)" <paduille.4060.mumia.w
    > > wrote:
    >> Please use Net::SSH or Expect along with the 'ssh' command instead.

    >
    > Thank you for your response.
    >
    > The script I will eventually produce will replace one that currently
    > uses Net::Telnet. It accesses several thousand network components
    > (routers, switches, wireless access points, etc).
    >
    > Please correct this if I am wrong, but if I use Net::SSH, I will need
    > to create and maintain a host key for each network component. This is
    > the primary reason I looked into Net::SSH:perl first.
    >


    I'm not an ssh or cryptography expert, but I think you would only need
    to create the private and public keys on the machine doing the
    accessing. The other machines would only need a copy of the public key
    of the machine that will do the accessing. Read "man ssh-keygen."


    > When you say to use "Expect along with the 'ssh' command instead",
    > would you be kind enough to provide a link to an example? I'm not
    > quite sure I understand your suggestion.
    >


    Expect.pm is a perl module that allows your program to interact with
    other programs. You can use Expect to start the "ssh" utility and
    programatically issue commands to ssh.

    > Also, I'm suprised I haven't received any additional responses. Do
    > you think I might have posted this in the wrong perl group?
    >
    > Thank you again.
    >


    You could also try comp.lang.perl.modules or alt.perl. A couple of weeks
    ago, there was a discussion of Net::SSH::perl in comp.lang.perl.modules.


    HTH

    --
    Windows Vista and your freedom in conflict:
    http://www.regdeveloper.co.uk/2006/10/29/microsoft_vista_eula_analysis/
     
    Mumia W. (NOSPAM), Feb 7, 2007
    #4
  5. CsB

    zentara Guest

    On 7 Feb 2007 11:22:08 -0800, "CsB" <> wrote:

    >On Feb 6, 2:39 pm, "Mumia W. (NOSPAM)" <paduille.4060.mumia.w
    >> wrote:
    >> Please use Net::SSH or Expect along with the 'ssh' command instead.

    >
    >Thank you for your response.
    >
    >The script I will eventually produce will replace one that currently
    >uses Net::Telnet. It accesses several thousand network components
    >(routers, switches, wireless access points, etc).
    >
    >Please correct this if I am wrong, but if I use Net::SSH, I will need
    >to create and maintain a host key for each network component. This is
    >the primary reason I looked into Net::SSH:perl first.
    >
    >When you say to use "Expect along with the 'ssh' command instead",
    >would you be kind enough to provide a link to an example? I'm not
    >quite sure I understand your suggestion.
    >
    >Also, I'm suprised I haven't received any additional responses. Do
    >you think I might have posted this in the wrong perl group?
    >
    >Thank you again.


    You would be best off using the newer Net::SSH2

    #!/usr/bin/perl
    use warnings;
    use strict;
    use Net::SSH2;
    use Data::Dumper;

    # assuming a user named 'z' for demonstration
    # connecting to localhost, so you need your sshd running

    # see maillist archives at
    # http://lists.sourceforge.net/lists/listinfo/ssh-sftp-perl-users
    # for deeper discussions

    my $ssh2 = Net::SSH2->new();

    #connect
    $ssh2->connect('localhost') or die "Unable to connect Host $@ \n";

    # authorize
    # this works but I use keys below
    # $ssh2->auth_password('z','zfoobar') or die "Unable to login $@ \n";

    #this dosn't work
    #$ssh2->auth(username=>'z', interact => 1);

    #get the password for the key
    use Term::ReadKey;
    print "And your key password: ";
    ReadMode('noecho');
    chomp(my $pass = ReadLine(0));
    ReadMode('restore');
    print "\n";
    $ssh2->auth_publickey('z',
    '/home/z/.ssh/id_rsa.pub', #testing on localhost
    '/home/z/.ssh/id_rsa',
    $pass );


    my $chan = $ssh2->channel();
    $chan->exec('ls -la');
    while (<$chan>){ print }

    #will get dir named 2
    my $chan1 = $ssh2->channel();
    $chan1->exec('ls -la 2');
    while (<$chan1>){ print }

    # mkdir with sftp
    my $sftp = $ssh2->sftp();
    my $dir = '/home/z/3';
    $sftp->mkdir($dir);
    my %stat = $sftp->stat($dir);
    print Dumper([\%stat]), "\n";

    #put a file
    my $remote = "$dir/".time;
    $ssh2->scp_put($0, $remote);

    #get a small file to a scalar
    use IO::Scalar;
    my $local = IO::Scalar->new; #it needs a blessed reference
    $ssh2->scp_get($remote, $local);
    print "$local\n\n";

    #get a large file like a 100Meg wav file
    my $remote1 = $dir.'/1.wav';
    use IO::File;
    my $local1 = IO::File->new("> 2.wav"); #it needs a blessed reference
    $ssh2->scp_get($remote1, $local1);


    # get a dirlist
    my $dh = $sftp->opendir($dir);
    while(my $item = $dh->read) {
    print $item->{'name'},"\n";
    }

    #shell use
    my $chan2 = $ssh2->channel();
    $chan2->shell();
    print $chan2 "uname -a\n";
    print "LINE : $_" while <$chan2>;
    print $chan2 "who\n";
    print "LINE : $_" while <$chan2>;
    $chan2->close;
    __END__




    --
    I'm not really a human, but I play one on earth.
    http://zentara.net/japh.html
     
    zentara, Feb 8, 2007
    #5
  6. CsB

    CsB Guest

    On Feb 7, 5:49 pm, "Mumia W. (NOSPAM)"
    >
    >I think you would only need to create the private and public keys on the
    >machine doing the accessing. ... Read "man ssh-keygen."
    >
    > You can use Expect to start the "ssh" utility and programatically issue
    > commands to ssh.
    >
    > You could also try comp.lang.perl.modules or alt.perl. A couple of weeks
    > ago, there was a discussion of Net::SSH::perl in comp.lang.perl.modules.
    >


    Thank you again for your suggestions, I'll certainly take a look into
    them.
     
    CsB, Feb 8, 2007
    #6
  7. CsB

    CsB Guest

    On Feb 8, 7:18 am, zentara <> wrote:
    >
    > You would be best off using the newer Net::SSH2
    >


    Wow, I didn't know Net::SSH2 existed. Searching for SSH on cpan only
    turned up the Net::SSH varieties. I will give it a try.

    Also, thank you for the example code. It will certainly save me some
    time.
     
    CsB, Feb 8, 2007
    #7
  8. CsB

    rahed Guest

    "CsB" <> writes:
    > Is there something special I need to do to utilize the existing open
    > connection for subsequent commands? Or, am I way out in left-field on
    > ths problem?
    >
    > Any suggestions or advice would be greatly appreciated.
    >
    > - - BEGIN - SCRIPT - - - - - - - -
    >
    > use Net::SSH::perl;
    > use strict;
    > use warnings;
    > my $host = "example.host.com";
    > my $user = "username";
    > my $password = "password";
    > my $cmd = "ls";
    > my $ssh = Net::SSH::perl->new(
    > $host,
    > debug => 1,
    > protocol => '2,1',
    > port => 22
    > );
    > $ssh->login( $user, $password );
    > $ssh->register_handler(
    > "stdout",
    > sub {
    > my ( $channel, $buffer ) = @_;
    > print "I received this: ", $buffer->bytes;
    > }
    > );
    > $ssh->cmd($cmd);


    I don't use register_handler method but you can run more commands with
    cmd method like this (from docs) ($out,$err,$exit) = $ssh->cmd($cmd);
    It's limited to ssh-2 protocol.

    I run your code whithout problems. I think you should upgrade openSSH,
    2.9 is quite outdated.

    HTH

    --
    Radek
     
    rahed, Feb 8, 2007
    #8
  9. CsB

    rahed Guest

    "Mumia W. (NOSPAM)" <> writes:

    > Maybe, maybe not. I advise against using Net::SSH::perl. Others have
    > noted it to be buggy, and I consider it to be overly complicated and
    > perhaps a reduction of system security.


    I use the module quite frequently and for my usage haven't noticed any
    bugs. Complicated can be the installation because there are many
    prerequisite modules.

    --
    Radek
     
    rahed, Feb 8, 2007
    #9
  10. CsB

    CsB Guest

    On Feb 8, 7:42 am, rahed <> wrote:
    > I run your code whithout problems. I think you should upgrade openSSH,
    > 2.9 is quite outdated.


    Thank you. The remote system is a network switch. It's not under my
    jurisdiction so I have no control over its software release. I think
    it may be the problem.
     
    CsB, Feb 12, 2007
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. loial
    Replies:
    0
    Views:
    430
    loial
    Feb 3, 2009
  2. otaku

    Net::SSH Failure Vs. 0.6.0

    otaku, Jan 10, 2005, in forum: Ruby
    Replies:
    5
    Views:
    132
    otaku
    Jan 11, 2005
  3. Tench Johnson
    Replies:
    1
    Views:
    319
    Biff Tannen
    Apr 23, 2010
  4. salamond

    net/ssh in ruby. ssh.exec fails

    salamond, Feb 17, 2011, in forum: Ruby
    Replies:
    0
    Views:
    270
    salamond
    Feb 17, 2011
  5. Replies:
    0
    Views:
    127
Loading...

Share This Page