Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-MimeOLE: Produced By Microsoft Exchange V6.0.4417.0
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Subject: RE: Expect and ssh
Date: Tue, 16 Jul 2002 12:11:39 -0400
Message-ID: <BADF3C947A1BD54FBA75C70C241B0B9E10AA5A@ex02.idirect.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
From: "Harig, Mark A." <maharig AT idirect DOT net>
To: "David Shapiro" <david DOT shapiro AT btitele DOT com>,
   "Ville Herva" <vherva AT niksula DOT hut DOT fi>, <cygwin AT cygwin DOT com>,
   <Arthur DOT Taylor AT noaa DOT gov>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g6GGBn122164

My best understanding is that, at present, inetutils does not provide
support for pseudo-terminals.  As a result, the Cygwin 'expect' does not
have a properly functioning 'spawn'.  Until someone can contribute the
pty support to inetutils, the Cygwin 'expect' should probably be avoided
for most expect scripts.

From the 'TODO' file for inetutils-1.3.2:

"Add support for sysv-style ptys, whatever that is."


> -----Original Message-----
> From: David Shapiro [mailto:david DOT shapiro AT btitele DOT com]
> Sent: Wednesday, July 03, 2002 8:23 AM
> To: 'Ville Herva'; cygwin AT cygwin DOT com
> Subject: RE: Expect and ssh
> 
> 
> I agree that public key authentication is best. Here is even 
> another way
> (gotta love unix type things --- million ways to do the same 
> thing!): perl
> and its expect module works fine:
> 
> #!/usr/local/bin/perl -w
> 
> use strict;
> use Expect;
> 
> # Optional debugging, explained later.
> #$Expect::Debug=1;
> #$Expect::Exp_Internal=1;
> #$Expect::Log_Stdout=0; # On by default.
> 
> # Could put a loop here with different host names so you can 
> ssh to multiple
> servers...
> my $hostname = "put_server_name_here";
> my $user = "put_user_name_here";
> 
> my $ssh = Expect->spawn("ssh -l $user $hostname")) or
> return "Couldn't spawn ssh connection, ".$ssh->exp_error()."\n";
> 
> unless ($ssh->expect(30,-re,'#')) {
> 	return "Never got the prompt on $hostname during login,
> ".$ssh->exp_error()."\n";
> }
> $ssh->clear_accum();
> 
> my $cmd = "/usr/bin/ls";
> print $ssh "$cmd\r";
> 
> # Now we look for a prompt, having (we hope) successfully logged in.
> unless ($ssh->expect(30,-re,'#')) {
> 	return "Never got ssh prompt after sending command $cmd
> ".$ssh->exp_error()."\n";
> }
> my $read = $ssh->exp_before();
> my @read = split (/\cM/,$read);
> @read now has all the ls stuff.
> .
> .
> .
> # do another command --- weee!
> 
> 
> 
> -----Original Message-----
> From: Ville Herva [mailto:vherva AT niksula DOT hut DOT fi]
> Sent: Wednesday, July 03, 2002 4:11 AM
> To: cygwin AT cygwin DOT com
> Subject: Re: Expect and ssh
> 
> 
> On Tue, Jul 02, 2002 at 06:26:54PM -0400, you [Arthur Taylor] wrote:
> > Someone had a similar issue to this in May...  But I didn't see any
> > follow up...
> > Arthur
> > 
> > Sample expect script:
> > 
> > ---------------------
> > 
> > #! /usr/bin/expect -f
> > 
> > spawn /usr/bin/ssh <name>@<host>
> > expect "password:"
> > send "<password>\r"
> > expect ">"
> > send "ls -l\r"
> > expect ">"
> > send "exit\r"
> > exit
> 
> First: Any particular reason you are not using public key 
> authentication?
> You just need to 
> 
>   ssh-keygen -t dsa
>   (store the keys somewhere safe)
>   append the pub key to remotehost:~user/.ssh/authorized_keys2
> 
> then just
> 
>   ssh -i <path to priv key> <name>@<host> "ls -l"
> 
> You can use empty passphrases for the keys - that's not less 
> safe than your
> expect case - but it's always better to have a passphrase. 
> Also, you can
> limit the command allowed for that particular key from the 
> remote end by
> specifying the command in 
> remotehost:~user/.ssh/authorized_keys2 after the
> key. Then anyone who gets access to that particular private 
> key can only
> execute "ls -l" or so.
> 
> As for your problem: I imagine your script does not work, because ssh
> (I'm looking at openssh-3.4) checks in function 
> readpass.c:read_passphrase()
> whether stdin is a TTY (in your case it's not) and then tries 
> to to use
> ssh_askpass, /dev/tty etc. Have a look at the code yourself. 
> 
> lftp had the same problem in its ssh-code, I'm not sure how 
> they solved it.
> 
> 
> -- v --
> 
> v AT iki DOT fi
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/