Discussion:
Connect to a switch with SSH
Rudá G.
2013-05-08 14:32:30 UTC
Permalink
I need connect to a Cisco Switch with SSH and Ruby. The main problem is
the authentication which is different. I must enter 'login as', 'User
Name' and 'Password'. The 'login as' can be any value, usually I just
press enter (empty value).

My first try was with Net::SSH but it was impossible to authenticate. I
don't know if I did something wrong but I had always the
Net::SSH::AuthenticationFailed error then I gave up.

Now I'm trying with Plink (a command-line interface to the PuTTY back
ends). On the shell I do like this:


plink -ssh ***@XX.XX.XXX.XX
User Name: <enter user here>
Password: <enter pass here>
Commands...


Now I need call and interact with Plink on Ruby. My last try was this:

IO.popen "plink -ssh user@#{CISCO}", 'w+' do |io|
io.each do |line|
puts line
if line.include?('User Name')
io.write(USER)
elsif line.include?('Password')
io.write(PASS)
end
end
end

and the error was:
'write': Broken pipe <Errno::EPIPE>

What am I doing wrong?
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-08 15:29:26 UTC
Permalink
Why not just use net/ssh/telnet? I provided a link for you in the other
thread.
Post by Rudá G.
I need connect to a Cisco Switch with SSH and Ruby. The main problem is
the authentication which is different. I must enter 'login as', 'User
Name' and 'Password'. The 'login as' can be any value, usually I just
press enter (empty value).
My first try was with Net::SSH but it was impossible to authenticate. I
don't know if I did something wrong but I had always the
Net::SSH::AuthenticationFailed error then I gave up.
Now I'm trying with Plink (a command-line interface to the PuTTY back
User Name: <enter user here>
Password: <enter pass here>
Commands...
io.each do |line|
puts line
if line.include?('User Name')
io.write(USER)
elsif line.include?('Password')
io.write(PASS)
end
end
end
'write': Broken pipe <Errno::EPIPE>
What am I doing wrong?
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Rudá G.
2013-05-08 15:49:11 UTC
Permalink
I tried this:

t = Net::SSH::Telnet::new("Host" => CISCO,
"Timeout" => 60,
"Telnetmode"=> true,
"Waittime"=>10) {|c| print c }

And the error is the same:
Net::SSH::AuthenticationFailed
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-08 16:06:43 UTC
Permalink
You need to pass an SSH session to Net::SSH::Telnet. That will include your
credentials needed for authentication.

Did you see my GIST I posted for you?


class SSH
attr_accessor :errors

def initialize(creds)
begin
@ssh_session = Net::SSH.start(creds[:host], creds[:user], :password
=> creds[:password], :keys => [])
@ssh = Net::SSH::Telnet.new("Session" => @ssh_session, "Prompt" =>
creds[:prompt])
@errors = false
rescue Exception => e
@errors = e
end
end

def cmd(command)
@ssh.cmd(command)
end

def close
@ssh.close
end

end
Post by Rudá G.
t = Net::SSH::Telnet::new("Host" => CISCO,
"Timeout" => 60,
"Telnetmode"=> true,
"Waittime"=>10) {|c| print c }
Net::SSH::AuthenticationFailed
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Rudá G.
2013-05-08 16:53:42 UTC
Permalink
I tried your class and it throws an exception. The output of the
exception is the USER value.

Also I tried only this:

@ssh_session = Net::SSH.start(CISCO, USER, :password => PASS, :keys =>
[])
@ssh = Net::SSH::Telnet.new("Session" => @ssh_session, "Prompt" =>
/.*>|.*#/)

and I got the Net::SSH::AuthenticationFailed error

I dont know why the authentication fails if in the 'login as' field you
can enter any value...
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-08 17:43:58 UTC
Permalink
For my ssh class it is simply
Post by Rudá G.
ssh = SSH.new({:user => USERNAME, :password => PASSWORD, :host => CISCO,
:prompt => /.*>|.*#/}
...
Post by Rudá G.
puts ssh.errors
=> false
Post by Rudá G.
puts ssh.cmd("show run")
=> ...

Just used it. Works fine. Can you authenticate to the cisco device using
basic SSH?
Post by Rudá G.
I tried your class and it throws an exception. The output of the
exception is the USER value.
@ssh_session = Net::SSH.start(CISCO, USER, :password => PASS, :keys =>
[])
@ssh = Net::SSH::Telnet.new("Session" => @ssh_session, "Prompt" =>
/.*>|.*#/)
and I got the Net::SSH::AuthenticationFailed error
I dont know why the authentication fails if in the 'login as' field you
can enter any value...
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Rudá G.
2013-05-08 17:53:53 UTC
Permalink
I can only authenticate with Putty.

I tried on the Windows Prompt:
ssh ***@XX.XX.XXX.XX

Output:
ssh is not recognized as an internal or external command

How do I enable/install the ssh command?
--
Posted via http://www.ruby-forum.com/.
Matt Lawrence
2013-05-08 17:58:33 UTC
Permalink
Post by Rudá G.
I can only authenticate with Putty.
ssh is not recognized as an internal or external command
How do I enable/install the ssh command?
When running on Windows I normally install large parts of the Cygwin
toolkit. cygwin.org

-- Matt
It's not what I know that counts.
It's what I can remember in time to use.
Cliff Rosson
2013-05-08 18:00:05 UTC
Permalink
ssh is a unix program. It is used instead of putty. Putty is fine as well.
putty -ssh ***@devicename

Try this

putty -ssh ***@devicename


Does that work?

In your ruby script what do the following variables look like

please do
Post by Rudá G.
p CISCO
=>
Post by Rudá G.
p USERNAME
=>
Post by Rudá G.
p PASSWORD
Particularly are there newline characters in there that shouldn't be?
Post by Rudá G.
I can only authenticate with Putty.
ssh is not recognized as an internal or external command
How do I enable/install the ssh command?
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Cliff Rosson
2013-05-08 18:05:51 UTC
Permalink
putty will have to be in your path to run it from a command line FYI
Post by Cliff Rosson
ssh is a unix program. It is used instead of putty. Putty is fine as well.
Try this
Does that work?
In your ruby script what do the following variables look like
please do
Post by Rudá G.
p CISCO
=>
Post by Rudá G.
p USERNAME
=>
Post by Rudá G.
p PASSWORD
Particularly are there newline characters in there that shouldn't be?
Post by Rudá G.
I can only authenticate with Putty.
ssh is not recognized as an internal or external command
How do I enable/install the ssh command?
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
--
vizualize.me/cliffrosson
s***@web.de
2013-05-09 17:46:42 UTC
Permalink
Post by Cliff Rosson
ssh is a unix program. It is used instead of putty.
vice versa :)
--
<https://github.com/stomar/>
Rudá G.
2013-05-08 18:12:02 UTC
Permalink
Using putty or plink (putty command line) on shell works fine:

<plink/putty> -ssh ***@XX.XX.XXX.XX

The variables are set at the top of the file like this:

CISCO = "99.99.999.99"
USER = "operacao"
PASS = "mypassword"
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-08 18:27:42 UTC
Permalink
Well the error is clear. Your authentication is failing.

Log into your router and run the following.

term mon
debug aaa authentication


Try logging in and watch what the on-screen messages say.
You can also try debugging ssh on the device

debug ip ssh

but that will add quite a bit of noise.

Are you using certs at all?
Post by Rudá G.
CISCO = "99.99.999.99"
USER = "operacao"
PASS = "mypassword"
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Rudá G.
2013-05-08 18:43:12 UTC
Permalink
I have more than 3000 switchs. I need to work with default config =/

The option "SSH User Authentication by Password" is disabled. To enable
this option on all switchs it would take like 1 month, but could be a
solution.

I'm trying to execute shell commands and interact with them with Ruby as
I told on the first message of this topic.

Btw, thanks for all the help.
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-08 18:54:09 UTC
Permalink
Post by Rudá G.
I have more than 3000 switchs. I need to work with default config =/
Presumably you aren't testing your script on all 3000 switches. :)
Post by Rudá G.
The option "SSH User Authentication by Password" is disabled. To enable
this option on all switchs it would take like 1 month, but could be a
solution.
That is why I asked if you are authenticating by key or password. Clearly
my script is for passwords only. You can see my keys array is left blank.
You will have to modify the class to support that. No one is asking you to
switch to password authentication if you don't want to.

Once you get the key thing figured out feel free to share it here. I'd love
to add that support to my ssh class.

I'm trying to execute shell commands and interact with them with Ruby as


yup
Post by Rudá G.
I told on the first message of this topic.
Btw, thanks for all the help.
np. Good luck!
Post by Rudá G.
I have more than 3000 switchs. I need to work with default config =/
The option "SSH User Authentication by Password" is disabled. To enable
this option on all switchs it would take like 1 month, but could be a
solution.
I'm trying to execute shell commands and interact with them with Ruby as
I told on the first message of this topic.
Btw, thanks for all the help.
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Rudá G.
2013-05-09 13:06:56 UTC
Permalink
I must enter a file which contains the SSH key in the key parameter
right? But how do I generate this file with Ruby? I'm a bit lost...
--
Posted via http://www.ruby-forum.com/.
Cliff Rosson
2013-05-09 17:14:29 UTC
Permalink
http://net-ssh.github.io/net-ssh/

That is the best I can do for now. Sorry I don't have more time to research
this. I would also be interested in this.
Post by Rudá G.
I must enter a file which contains the SSH key in the key parameter
right? But how do I generate this file with Ruby? I'm a bit lost...
--
Posted via http://www.ruby-forum.com/.
--
vizualize.me/cliffrosson
Loading...