ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Im running an expect code, trying to do auto ssh-keygen
Heres the script:
Code:
#!/usr/bin/expect -f
set timeout -1
exec ssh-keygen -b 2048 -t rsa
expect "*?ter file in which to save the key (/root/.ssh/id_rsa): "
send -- "\r"
expect "*?ssphrase (empty for no passphrase): "
send -- "\r"
expect "*? same passphrase again: "
send -- "\r"
expect eof
exit
Problem is that script stops at "file in which to save the key (/root/.ssh/id_rsa): " so either send is not sending or is sending too fast, help me out with this one...
I forgot to mention that I use exec cuz when I use spawn I get an error saying that spawn command is not found!
Thank you
Last edited by Ricio; 07-19-2008 at 04:39 PM.
Reason: Forgot to mention spawn!
I also will have to use scp to send the id_rsa.pub to a server with ssh! I suppose I do have to use expect for that right, since ssh does ask for password?
If you have no ssh keys on the remote machine when you are doing this process, then I suppose you will need to authenticate by password at some point. Having said that, it's generally a really a bad idea to put passwords in cleartext in your expect script. Sometimes though, I accept there are few practical alternatives if you want to automate things. Be careful though! At the very least, make sure the script permissions are such that only root can read the script file.
You should know that scp might prompt you with all sorts of things, not just for the password. For example, the first time you connect you will be asked if you want to add the host fingerprint to your known hosts file.
This might cause expect to get stuck waiting for some output which will never come because scp/ssh is waiting for some response to a question. I am not 100% sure if scp does this sort of prompting. I know for sure ssh does it.
You need to find a list from somewhere which contains all the possible prompts, and then write an expect rule for each one, with an appropriate response. You should also set a timeout on your expect commands in case an unexpected prompt occurs.
Probably the only reliable list would be made by looking in the source for the same version of ssh which you use. You should also explicitly set the locale when calling the program to ensure you don't get translated strings should the environment change.
Lets say there were the following possible prompts (not these are NOT the correct strings/messages):
Host unknown with fingerprint ... add? (yes/no)
fingerprint incorrect - possible man-in-the-middle attack. continue (yes/no)
Password:
Then your script might look like this:
Code:
#!/bin/sh
# start expect from somewhere in the PATH \
exec expect "$0" "$@"
set host whatever
set user someusername
set pass somepassword
spawn "scp /root/.ssh/id_rsa.pub $user@$host /place/to/copy/to"
expect {
"Host unknown with fingerprint" {
send "yes\n"
send_user "INFO: added $host to known hosts\n"
exp_continue
}
"fingerprint incorrect - possible man-in-the-middle attack" {
send "no\n"
send_user "ERROR: bad host fingerprint for $host\n"
exp_continue
}
"Password:" {
send "$pass\n"
}
...
I can never remember if the end of line character is supposed to be \n or \r. I think ssh likes \n and telnet likes \r, but I might have mis-remembered that, or it may be that there are more cases/conditions to consider.
Oh by the way, if you want to copy the host keys to a remote system so you can use public key authentication, you can use ssh-copy-id instead of scp. this will put the public key into the authorized_keys file on the remote host, and set the proper permissions on the .ssh directory.
e.g.
I have tried to run the spawn initializing the script as follows:
Code:
#!/bin/sh
# start expect fr
Still same problem, spawn: command not found.
I have to admit it is quite annoying to see that lots of people (i ve been googling around a lot) have got it working but me..
Does the fact that im using rocks cluster 4.3 and that I installed expect from the rpm matter, in the fact that spawn does not work... I really would like to get some help here, cuz I really need expect in order to interact within cluster nodes, by sending the public key of the cluster nodes to the server... and then doing ssh without having to use the password... thank you...
Sorry if I was not clear, I think you have misunderstood what I meant about using spawn and exec.
Using exec at the top of the script is an alternative to using the shebang line (#!/usr/bin/expect) to get the expect interpreter working and reading the rest of the file. Using exec has the advantage that you do not need to hard-code the full path to the expect interpreter in your script - it will be found in the PATH. This is often useful with expect because it is often installed in non-standard locations.
Once you are past the whole shebang/exec expect part, it is then expect syntax to use the spawn command to start a child process. In your original post, you used exec where I think you should have used spawn.
For example, this is how your script might start:
Code:
#!/bin/bash
# start expect from somewhere in the PATH \
exec expect "$0" "$@"
# Right, the rest of the script is being parsed by the expect interpreter.
# We want to start ssh and interact with it, so we have to spawn it:
spawn "ssh user@host"
expect "something" {
...
Last edited by matthewg42; 07-21-2008 at 12:09 PM.
Reason: removal of extraneous [/code]
mmm... ill be looking to it tonight... hopefully Ill get it fixed, thanks a lot matthewg42, but please could you explain what the exec expect "$0" "$@" means...
please could you explain what the exec expect "$0" "$@" means...
exec is a shell command which replaces the current shell process with some other specified program (in this case expect). The new program inherits the open file handles, so as long as the specified program is an interpreter of some kind (as expect is), the rest of the file can be a program which the interpreter will read and process.
The "$0" "$@" are a way to pass the file path and command line arguments to expect.
Great! got expect working, thanks to matthewg42, I finally understood what I was doing wrong, and the solution is really really dumb as I feel embarrased but I guess this things happen!
# expect <scriptname>
I tought it was installed as native interpreter so that I could run the scripts like always ./<scriptname> or sh <scriptname>
Thanks all for your help, and I still need help with a script but Ill make a new post.
Thank you matthewg42 what you said on your penultimate post was the fixing post -> and thank you all
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.