[Omaha.pm] Net::SSH::Perl and sudo or su

Mon Dec 10 12:57:28 PST 2007

On Mon, December 10, 2007 14:29, Tony Simons wrote:
> I take it I have you stumped on the initial problem. :)   I was hoping
> to get the whole thing to work under perl in one shot as I have with the
> bash script.

To recap, you're trying to use the Net::SSH:Perl module and you provided
this basic code in your initial e-mail:
<BEGIN>
#!/usr/bin/perl -w
$|=1;
use strict;
use warnings;
use Net::SSH::Perl;
use Term::ReadKey;
use Getopt::Long;
my $hos="192.168.99.99";
my $port=22;
my $user="dan";

my $cmd = "whoami";
my $ssh = Net::SSH::Perl->new($hos, interactive =>1, use_pty => 1, debug
=> 1, port => $port, protocol => '2,1', options => ["BatchMode yes"]) or
die("Could not connect");

$ssh->login($user);
printf ("\n\t***Got past login***\n");
my ($stdout, $stderr, $exit) = $ssh->cmd($cmd);
printf ("OUT:%s\n",$stdout);
printf ("ERR:%s\n",$stderr);
printf ("EXIT:%s\n",$exit);
<END>

(You'll need to change the $hos and $port to match your machines IP and
port that SSHd is running on.)

When I run it, I get the following output:
<BEGIN OUTPUT>
dan at titan:~/tmp/PerlTests$ perl d5.pl
titan: Reading configuration data /home/dan/.ssh/config
titan: Reading configuration data /etc/ssh_config
titan: Connecting to 192.168.99.99, port 22.
titan: Remote version string: SSH-2.0-OpenSSH_4.2p1 Debian-7ubuntu3.1

titan: Remote protocol version 2.0, remote software version OpenSSH_4.2p1
Debian-7ubuntu3.1
titan: Net::SSH::Perl Version 1.30, protocol version 2.0.
titan: No compat match: OpenSSH_4.2p1 Debian-7ubuntu3.1.
titan: Connection established.
titan: Sent key-exchange init (KEXINIT), wait response.
titan: Algorithms, c->s: 3des-cbc hmac-sha1 none
titan: Algorithms, s->c: 3des-cbc hmac-sha1 none
titan: Entering Diffie-Hellman Group 1 key exchange.
titan: Sent DH public key, waiting for reply.
titan: Received host key, type 'ssh-dss'.
titan: Host '192.168.99.99' is known and matches the host key.
titan: Computing shared secret key.
titan: Verifying server signature.
titan: Waiting for NEWKEYS message.
titan: Enabling incoming encryption/MAC/compression.
titan: Send NEWKEYS, enable outgoing encryption/MAC/compression.
titan: Sending request for user-authentication service.
titan: Service accepted: ssh-userauth.
titan: Trying empty user-authentication request.
titan: Authentication methods that can continue: publickey.
titan: Next method to try is publickey.
titan: Trying pubkey authentication with key file '/home/dan/.ssh/id_dsa'
titan: Authentication methods that can continue: publickey.
titan: Next method to try is publickey.
Permission denied at d5.pl line 15
dan at titan:~/tmp/PerlTests$
<END OUTPUT>

Line 15 is the "$ssh->login($user);" line so I have to think the login()
routine is having issues.  From the command line I can perform a "ssh
dan at 192.168.99.99 whoami" and it runs and returns "dan" (the output from
'whoami').

For now it looks like the "login()" subroutine isn't handling the ssh
public key correctly.  Is it possibly related to one of the options
supplied to the Net::SSH::Perl->new() call?  Does yours die at the same
login() call?

Dan

- - - -
"There are four boxes to be used in defense of liberty: soap, ballot,
jury, and ammo. Please use in that order."
-- Ed Howdershelt (Author)

"I do not fear computers, I fear the lack of them." -- Isaac Asimov (Author)
** *** ***** ******* *********** *************
SIRC, CID, subversives, 414, Flu, utopia, &
basement, GEO, Information Security, DSD, cocaine, SIGDEV, Keyhole
CESID, PRIME, Lexis-Nexis, CTP, DynCorp, gorilla, Recce