Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Perl > Perl Misc > ssh tullen

Reply
Thread Tools

ssh tullen

 
 
Dr Eberhard Lisse
Guest
Posts: n/a
 
      01-16-2012
Hi,

I have a PostgreSQL database behind a firewall which I can access from a
fixed IP address but obviously not while on the road where I must issue
something like:

ssh -N -C http://www.velocityreviews.com/forums/(E-Mail Removed) -L 5433/localhost/5432

and then run my script to generate the report.

I can in a slightly different context using Net::SSH issue commands
to the remote host, but I have been unable to figure out how to open a
tunnel from within the perl script (preferably with a module, but that's
not really the issue), then do my usual thing, and then close the tunnel
again.

Is this a unique problem? Or can someone point me to a code fragment
that does something like this...

el
 
Reply With Quote
 
 
 
 
Peter J. Holzer
Guest
Posts: n/a
 
      01-16-2012
On 2012-01-16 07:59, Dr Eberhard Lisse <(E-Mail Removed)> wrote:
> I have a PostgreSQL database behind a firewall which I can access from a
> fixed IP address but obviously not while on the road where I must issue
> something like:
>
> ssh -N -C (E-Mail Removed) -L 5433/localhost/5432
>
> and then run my script to generate the report.
>
> I can in a slightly different context using Net::SSH issue commands
> to the remote host, but I have been unable to figure out how to open a
> tunnel from within the perl script (preferably with a module, but that's
> not really the issue), then do my usual thing, and then close the tunnel
> again.


maybe I misunderstand the problem, but have you tried simply starting
ssh in the background (with open or fork/exec) at the start of your
script and killing it at the end?

hp

--
_ | Peter J. Holzer | Deprecating human carelessness and
|_|_) | Sysadmin WSR | ignorance has no successful track record.
| | | (E-Mail Removed) |
__/ | http://www.hjp.at/ | -- Bill Code on (E-Mail Removed)
 
Reply With Quote
 
 
 
 
Dr Eberhard W Lisse
Guest
Posts: n/a
 
      01-17-2012
Haven't been able to successfully do that.

Have you got a working code fragment?


el

On 2012-01-16 13:46 , Peter J. Holzer wrote:
> On 2012-01-16 07:59, Dr Eberhard Lisse <(E-Mail Removed)> wrote:
>> I have a PostgreSQL database behind a firewall which I
>> can access from a fixed IP address but obviously not
>> while on the road where I must issue something like:
>>
>> ssh -N -C (E-Mail Removed) -L
>> 5433/localhost/5432
>>
>> and then run my script to generate the report.
>>
>> I can in a slightly different context using Net::SSH
>> issue commands to the remote host, but I have been unable
>> to figure out how to open a tunnel from within the perl
>> script (preferably with a module, but that's not really
>> the issue), then do my usual thing, and then close the
>> tunnel again.

>
> maybe I misunderstand the problem, but have you tried
> simply starting ssh in the background (with open or
> fork/exec) at the start of your script and killing it at
> the end?
>
> hp
>



--
If you want to email me, replace nospam with el
 
Reply With Quote
 
Peter Makholm
Guest
Posts: n/a
 
      01-17-2012
Dr Eberhard W Lisse <(E-Mail Removed)> writes:

>> maybe I misunderstand the problem, but have you tried
>> simply starting ssh in the background (with open or
>> fork/exec) at the start of your script and killing it at
>> the end?

>
> Haven't been able to successfully do that.


What did you try? How did it fail?

> Have you got a working code fragment?


I have written a lot of code which rather na´vely uses IPC::Open3 to run
ssh as a background process. It should work for opening a tunnel.

The problems I don't usual handle is that the initial connection often
asks whether to accept the host key. In this scenario the process just
hangs. If you just accept the hostkey by hand it works correctly.

//Makholm

 
Reply With Quote
 
Dr Eberhard W Lisse
Guest
Posts: n/a
 
      01-19-2012
Peter,

reason for failure:

Stupidity and Ignorance of this elderly Gynaecologist -O

I have the key pairs organized -O

el

On 2012-01-17 12:17 , Peter Makholm wrote:
> Dr Eberhard W Lisse <(E-Mail Removed)> writes:
>
>>> maybe I misunderstand the problem, but have you tried
>>> simply starting ssh in the background (with open or
>>> fork/exec) at the start of your script and killing it at
>>> the end?

>>
>> Haven't been able to successfully do that.

>
> What did you try? How did it fail?
>
>> Have you got a working code fragment?

>
> I have written a lot of code which rather na´vely uses
> IPC::Open3 to run ssh as a background process. It should
> work for opening a tunnel.
>
> The problems I don't usual handle is that the initial
> connection often asks whether to accept the host key. In
> this scenario the process just hangs. If you just accept
> the hostkey by hand it works correctly.
>
> //Makholm
>



--
If you want to email me, replace nospam with el
 
Reply With Quote
 
Peter J. Holzer
Guest
Posts: n/a
 
      01-21-2012
On 2012-01-17 11:46, Ben Morrow <(E-Mail Removed)> wrote:
> Try system("ssh -f -L... ... sleep 10") instead of open3. It's important
> with -f to use 'sleep 10' rather than -N, otherwise the ssh process will
> never exit. (It doesn't seem to be very easy to find its pid to kill it
> manually.)


open($fh, '-|', ...) returns the pid, so does fork. The following script
works for me, at least on linux:


#!/usr/bin/perl
use warnings;
use strict;
use IO::Socket::INET;

$| = 1;
print "opening tunnel ... ";
my $pid = open(my $fh, '-|',
'ssh', '-N', '(E-Mail Removed)', '-L', '10007:chronos.DOMAIN:7'
) or die;
print " done (pid=$pid)\n";

sleep 5;
system('lsof', '-i', ':10007');
sleep 5;

print "opening socket ... ";
my $sock = IO::Socket::INET->new(PeerHost => 'localhost',
PeerPort => 10007,
Proto => 'tcp');
print " done\n";

print "sending request ... ";
print $sock "test123\n";
print " done\n";

print "reading response ... ";
my $resp = <$sock>;
print " done (resp = $resp)\n";

print "closing socket ... ";
close($sock);
print " done\n";

sleep(5);
system('lsof', '-i', ':10007');
sleep(5);

print "closing tunnel ... ";
kill(15, $pid);
my $rc = waitpid($pid, 0);
print " done (rc = $rc)\n";

sleep(5);
system('lsof', '-i', ':10007');
__END__

hp


--
_ | Peter J. Holzer | Deprecating human carelessness and
|_|_) | Sysadmin WSR | ignorance has no successful track record.
| | | (E-Mail Removed) |
__/ | http://www.hjp.at/ | -- Bill Code on (E-Mail Removed)
 
Reply With Quote
 
Peter J. Holzer
Guest
Posts: n/a
 
      01-21-2012
On 2012-01-21 17:35, Ben Morrow <(E-Mail Removed)> wrote:
> Quoth "Peter J. Holzer" <(E-Mail Removed)>:
>> On 2012-01-17 11:46, Ben Morrow <(E-Mail Removed)> wrote:
>> > Try system("ssh -f -L... ... sleep 10") instead of open3. It's important
>> > with -f to use 'sleep 10' rather than -N, otherwise the ssh process will
>> > never exit. (It doesn't seem to be very easy to find its pid to kill it
>> > manually.)

>>
>> open($fh, '-|', ...) returns the pid, so does fork. The following script
>> works for me, at least on linux:

>
> I think you're not realising what the -f argument to ssh does. It makes
> ssh put itself in the background, but only after any possible need to
> prompt the user has been dealt with.


Yes, but there is no reason to use it. Perl can put processes in the
"background" just fine. You will notice that my little test program
doesn't use it.

hp


--
_ | Peter J. Holzer | Deprecating human carelessness and
|_|_) | Sysadmin WSR | ignorance has no successful track record.
| | | (E-Mail Removed) |
__/ | http://www.hjp.at/ | -- Bill Code on (E-Mail Removed)
 
Reply With Quote
 
Peter J. Holzer
Guest
Posts: n/a
 
      01-21-2012
On 2012-01-21 20:49, Ben Morrow <(E-Mail Removed)> wrote:
>
> Quoth "Peter J. Holzer" <(E-Mail Removed)>:
>> On 2012-01-21 17:35, Ben Morrow <(E-Mail Removed)> wrote:
>> > Quoth "Peter J. Holzer" <(E-Mail Removed)>:
>> >> On 2012-01-17 11:46, Ben Morrow <(E-Mail Removed)> wrote:
>> >> > Try system("ssh -f -L... ... sleep 10") instead of open3. It's important
>> >> > with -f to use 'sleep 10' rather than -N, otherwise the ssh process will
>> >> > never exit. (It doesn't seem to be very easy to find its pid to kill it
>> >> > manually.)
>> >>
>> >> open($fh, '-|', ...) returns the pid, so does fork. The following script
>> >> works for me, at least on linux:
>> >
>> > I think you're not realising what the -f argument to ssh does. It makes
>> > ssh put itself in the background, but only after any possible need to
>> > prompt the user has been dealt with.

>>
>> Yes, but there is no reason to use it. Perl can put processes in the
>> "background" just fine. You will notice that my little test program
>> doesn't use it.

>
> Perl can put processes in the background just fine, yes. That's not the
> issue. The issue is that sometimes ssh needs to prompt, and running it in
> the background from Perl doesn't handle that very well.


Prompting doesn't work if the script is run from cron, or from a web
server, or most other situations where I've ever needed to call ssh from
a perl script. Your assumption that it is possible to prompt isn't any
more reasonable than my assumption that the environment has been set up
correctly (remote host key in known_hosts, local public key in remote
authorized_keys, ...).


> I took the program you posted and made the following change:


"Doctor, it hurts when I do this!"

"Well, then don't do it!"


hp

--
_ | Peter J. Holzer | Deprecating human carelessness and
|_|_) | Sysadmin WSR | ignorance has no successful track record.
| | | (E-Mail Removed) |
__/ | http://www.hjp.at/ | -- Bill Code on (E-Mail Removed)
 
Reply With Quote
 
C.DeRykus
Guest
Posts: n/a
 
      01-22-2012
On Jan 17, 2:17*am, Peter Makholm <(E-Mail Removed)> wrote:
> Dr Eberhard W Lisse <(E-Mail Removed)> writes:
>
> >> maybe I misunderstand the problem, but have you tried
> >> simply starting ssh in the background (with open or
> >> fork/exec) at the start of your script and killing it at
> >> the end?

>
> > Haven't been able to successfully do that.

>
> What did you try? How did it fail?
>
> > Have you got a working code fragment?

>
> I have written a lot of code which rather na´vely uses IPC::Open3 to run
> ssh as a background process. It should work for opening a tunnel.
>
> The problems I don't usual handle is that the initial connection often
> asks whether to accept the host key. In this scenario the process just
> hangs. If you just accept the hostkey by hand it works correctly.
>
> //Makholm


Off-topic a bit, but I seem to recall a workaround with /dev/null...
ah, here's
the incantation:

$ ssh -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
...

--
Charles DeRykus
 
Reply With Quote
 
l v
Guest
Posts: n/a
 
      01-26-2012
On 1/16/2012 1:59 AM, Dr Eberhard Lisse wrote:
> Hi,
>
> I have a PostgreSQL database behind a firewall which I can access from a
> fixed IP address but obviously not while on the road where I must issue
> something like:
>
> ssh -N -C (E-Mail Removed) -L 5433/localhost/5432
>
> and then run my script to generate the report.
>
> I can in a slightly different context using Net::SSH issue commands
> to the remote host, but I have been unable to figure out how to open a
> tunnel from within the perl script (preferably with a module, but that's
> not really the issue), then do my usual thing, and then close the tunnel
> again.
>
> Is this a unique problem? Or can someone point me to a code fragment
> that does something like this...
>
> el


How about trying Net::OpenSSH? I have not used this module.

http://search.cpan.org/~salva/Net-Op...SSH.pm#Tunnels

<quote>

tunnel => $bool

Instead of executing a command in the remote host, this option instruct
Net::OpenSSH to create a TCP tunnel. The arguments become the target IP
and port.

Example:

my ($in, $out, undef, $pid) = $ssh->open_ex({tunnel => 1}, $IP, $port);

</quote>

--
Len

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh tullen Dr Eberhard Lisse Perl Misc 0 01-16-2012 07:59 AM
net/ssh in ruby. ssh.exec fails salamond Ruby 0 02-17-2011 03:16 AM
NET:SSH fails authentification with :keys - ssh works Tench Johnson Ruby 1 04-23-2010 12:11 AM
python ssh and Tetia SSH server loial Python 0 02-10-2009 01:06 PM
Python ssh with SSH Tectia server loial Python 0 02-03-2009 03:38 PM



Advertisments