Connect to a switch with SSH

Ruby
#1

I need connect to a Cisco Switch with SSH and Ruby. The main problem is
the authentication which is different. I must enter ‘login as’, ‘User
Name’ and ‘Password’. The ‘login as’ can be any value, usually I just
press enter (empty value).

My first try was with Net::SSH but it was impossible to authenticate. I
don’t know if I did something wrong but I had always the
Net::SSH::AuthenticationFailed error then I gave up.

Now I’m trying with Plink (a command-line interface to the PuTTY back
ends). On the shell I do like this:

plink -ssh [email protected]
User Name:
Password:
Commands…

Now I need call and interact with Plink on Ruby. My last try was this:

IO.popen “plink -ssh [email protected]#{CISCO}”, ‘w+’ do |io|
io.each do |line|
puts line
if line.include?(‘User Name’)
io.write(USER)
elsif line.include?(‘Password’)
io.write(PASS)
end
end
end

and the error was:
‘write’: Broken pipe Errno::EPIPE

What am I doing wrong?

#2

Why not just use net/ssh/telnet? I provided a link for you in the other
thread.

#3

I tried this:

t = Net::SSH::Telnet::new(“Host” => CISCO,
“Timeout” => 60,
“Telnetmode”=> true,
“Waittime”=>10) {|c| print c }

And the error is the same:
Net::SSH::AuthenticationFailed

#4

You need to pass an SSH session to Net::SSH::Telnet. That will include
your
credentials needed for authentication.

Did you see my GIST I posted for you?

class SSH
attr_accessor :errors

def initialize(creds)
begin
@ssh_session = Net::SSH.start(creds[:host], creds[:user],
:password
=> creds[:password], :keys => [])
@ssh = Net::SSH::Telnet.new(“Session” => @ssh_session, “Prompt” =>
creds[:prompt])
@errors = false
rescue Exception => e
@errors = e
end
end

def cmd(command)
@ssh.cmd(command)
end

def close
@ssh.close
end

end

#5

I tried your class and it throws an exception. The output of the
exception is the USER value.

Also I tried only this:

@ssh_session = Net::SSH.start(CISCO, USER, :password => PASS, :keys =>
[])
@ssh = Net::SSH::Telnet.new(“Session” => @ssh_session, “Prompt” =>
/.>|.#/)

and I got the Net::SSH::AuthenticationFailed error

I dont know why the authentication fails if in the ‘login as’ field you
can enter any value…

#6

For my ssh class it is simply

ssh = SSH.new({:user => USERNAME, :password => PASSWORD, :host => CISCO,
:prompt => /.>|.#/}

puts ssh.errors
=> false

puts ssh.cmd(“show run”)
=> …

Just used it. Works fine. Can you authenticate to the cisco device using
basic SSH?

ssh [email protected]

#7

I can only authenticate with Putty.

I tried on the Windows Prompt:
ssh [email protected]

Output:
ssh is not recognized as an internal or external command

How do I enable/install the ssh command?

#8

ssh is a unix program. It is used instead of putty. Putty is fine as
well.
putty -ssh [email protected]

Try this

putty -ssh [email protected]

Does that work?

In your ruby script what do the following variables look like

please do

p CISCO
=>

p USERNAME
=>

p PASSWORD

Particularly are there newline characters in there that shouldn’t be?

#9

On Thu, 9 May 2013, Rudá G. wrote:

I can only authenticate with Putty.

I tried on the Windows Prompt:
ssh [email protected]

Output:
ssh is not recognized as an internal or external command

How do I enable/install the ssh command?

When running on Windows I normally install large parts of the Cygwin
toolkit. cygwin.org

– Matt
It’s not what I know that counts.
It’s what I can remember in time to use.

#10

putty will have to be in your path to run it from a command line FYI

#11

Well the error is clear. Your authentication is failing.

Log into your router and run the following.

term mon
debug aaa authentication

Try logging in and watch what the on-screen messages say.
You can also try debugging ssh on the device

debug ip ssh

but that will add quite a bit of noise.

Are you using certs at all?

#12

Using putty or plink (putty command line) on shell works fine:

<plink/putty> -ssh [email protected]

The variables are set at the top of the file like this:

CISCO = “99.99.999.99”
USER = “operacao”
PASS = “mypassword”

#13

I have more than 3000 switchs. I need to work with default config =/

The option “SSH User Authentication by Password” is disabled. To enable
this option on all switchs it would take like 1 month, but could be a
solution.

I’m trying to execute shell commands and interact with them with Ruby as
I told on the first message of this topic.

Btw, thanks for all the help.

#14

I have more than 3000 switchs. I need to work with default config =/

Presumably you aren’t testing your script on all 3000 switches. :slight_smile:

The option “SSH User Authentication by Password” is disabled. To enable
this option on all switchs it would take like 1 month, but could be a
solution.

That is why I asked if you are authenticating by key or password.
Clearly
my script is for passwords only. You can see my keys array is left
blank.
You will have to modify the class to support that. No one is asking you
to
switch to password authentication if you don’t want to.

Once you get the key thing figured out feel free to share it here. I’d
love
to add that support to my ssh class.

I’m trying to execute shell commands and interact with them with Ruby as

yup

I told on the first message of this topic.

Btw, thanks for all the help.

np. Good luck!

#15

http://net-ssh.github.io/net-ssh/

That is the best I can do for now. Sorry I don’t have more time to
research
this. I would also be interested in this.

#16

I must enter a file which contains the SSH key in the key parameter
right? But how do I generate this file with Ruby? I’m a bit lost…

#17

Am 08.05.2013 20:00, schrieb Cliff R.:

ssh is a unix program. It is used instead of putty.

vice versa :slight_smile: