[svlug] Problems with expect and ssh
Richard Sharpe
rsharpe at richardsharpe.com
Thu Mar 23 09:57:10 PST 2006
Well,
I tried all sorts of things, including one suggestion about closing file
descriptors on the shell, but to no avail, so I modified ssh.
Attached is a patch that took maybe 30 minutes to develop and test.
After modifying openssh, I got to thinking that it would be good if
someone librified it so that openssh could be called from programs to do
things. It would be great in testing ...
Then I found, with the help of a collegue, that a Java library exists:
http://www.jcraft.com/jsch/index.html
Better than nothing.
Regards
-------
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
-------------- next part --------------
diff -uNr openssh-4.3p2/ssh.c openssh-4.3p2.mod/ssh.c
--- openssh-4.3p2/ssh.c 2005-12-30 21:33:37.000000000 -0800
+++ openssh-4.3p2.mod/ssh.c 2006-03-22 21:44:34.000000000 -0800
@@ -144,6 +144,9 @@
/* fd to control socket */
int control_fd = -1;
+/* Where we keep the pointer to the command-line password */
+char * cmd_line_password = NULL;
+
/* Multiplexing control command */
static u_int mux_command = 0;
@@ -162,7 +165,7 @@
" [-i identity_file] [-L [bind_address:]port:host:hostport]\n"
" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
" [-R [bind_address:]port:host:hostport] [-S ctl_path]\n"
-" [-w tunnel:tunnel] [user@]hostname [command]\n"
+" [-w tunnel:tunnel] [-z password] [user@]hostname [command]\n"
);
exit(255);
}
@@ -244,7 +247,7 @@
again:
while ((opt = getopt(ac, av,
- "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XY")) != -1) {
+ "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XYz:")) != -1) {
switch (opt) {
case '1':
options.protocol = SSH_PROTO_1;
@@ -275,6 +278,10 @@
options.forward_x11 = 1;
options.forward_x11_trusted = 1;
break;
+ case 'z':
+ cmd_line_password = strdup(optarg);
+ memset(optarg, 0, strlen(optarg));
+ break;
case 'g':
options.gateway_ports = 1;
break;
diff -uNr openssh-4.3p2/sshconnect1.c openssh-4.3p2.mod/sshconnect1.c
--- openssh-4.3p2/sshconnect1.c 2005-11-04 20:15:00.000000000 -0800
+++ openssh-4.3p2.mod/sshconnect1.c 2006-03-23 08:40:23.300450872 -0800
@@ -42,6 +42,7 @@
u_int supported_authentications = 0;
extern Options options;
+extern char *cmd_line_password;
extern char *__progname;
/*
@@ -435,7 +436,7 @@
try_password_authentication(char *prompt)
{
int type, i;
- char *password;
+ char *password = NULL;
debug("Doing password authentication.");
if (options.cipher == SSH_CIPHER_NONE)
@@ -443,11 +444,21 @@
for (i = 0; i < options.number_of_password_prompts; i++) {
if (i != 0)
error("Permission denied, please try again.");
- password = read_passphrase(prompt, 0);
+ if (!cmd_line_password) {
+ password = read_passphrase(prompt, 0);
+ }
packet_start(SSH_CMSG_AUTH_PASSWORD);
- ssh_put_password(password);
- memset(password, 0, strlen(password));
- xfree(password);
+ if (cmd_line_password) {
+ ssh_put_password(cmd_line_password);
+ memset(cmd_line_password, 0, strlen(cmd_line_password));
+ xfree(cmd_line_password);
+ cmd_line_password = NULL;
+ }
+ else {
+ ssh_put_password(password);
+ memset(password, 0, strlen(password));
+ xfree(password);
+ }
packet_send();
packet_write_wait();
diff -uNr openssh-4.3p2/sshconnect2.c openssh-4.3p2.mod/sshconnect2.c
--- openssh-4.3p2/sshconnect2.c 2005-11-04 20:07:33.000000000 -0800
+++ openssh-4.3p2.mod/sshconnect2.c 2006-03-23 08:40:58.046168720 -0800
@@ -57,6 +57,7 @@
/* import */
extern char *client_version_string;
extern char *server_version_string;
+extern char *cmd_line_password;
extern Options options;
/*
@@ -725,7 +726,7 @@
{
static int attempt = 0;
char prompt[150];
- char *password;
+ char *password = NULL;
if (attempt++ >= options.number_of_password_prompts)
return 0;
@@ -733,17 +734,27 @@
if (attempt != 1)
error("Permission denied, please try again.");
- snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
- authctxt->server_user, authctxt->host);
- password = read_passphrase(prompt, 0);
+ if (!cmd_line_password) {
+ snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
+ authctxt->server_user, authctxt->host);
+ password = read_passphrase(prompt, 0);
+ }
packet_start(SSH2_MSG_USERAUTH_REQUEST);
packet_put_cstring(authctxt->server_user);
packet_put_cstring(authctxt->service);
packet_put_cstring(authctxt->method->name);
packet_put_char(0);
- packet_put_cstring(password);
- memset(password, 0, strlen(password));
- xfree(password);
+ if (cmd_line_password) {
+ packet_put_cstring(cmd_line_password);
+ memset(cmd_line_password, 0, strlen(cmd_line_password));
+ xfree(cmd_line_password);
+ cmd_line_password = NULL;
+ }
+ else {
+ packet_put_cstring(password);
+ memset(password, 0, strlen(password));
+ xfree(password);
+ }
packet_add_padding(64);
packet_send();
More information about the svlug
mailing list