Net::Telnet into Net::SSH

[Josh Hurtado]

Hi,
Does anyone know if there is way to run a NET::TELNET object in a
NET::SSH session?

I have a secure jump server that I want to have ruby ssh into then run a
group of NET::Telnet object. For grabbing running-config from Cisco
routers.

Thanks!

 

[Brian Candler]

Josh Hurtado wrote in post #1001108:

Does anyone know if there is way to run a NET::TELNET object in a
NET::SSH session?

I have a secure jump server that I want to have ruby ssh into then run a
group of NET::Telnet object. For grabbing running-config from Cisco
routers.

The question doesn't really make much sense in its current form, but the
following might help.

(1) If you want to use Net::SSH but with a Net::Telnet-style API, then
look at Net::SSH::Telnet (separate package)

(2) If you are ssh'ing to a box, then via the command line you can issue
the command "telnet x.x.x.x". At that point, anything you send to the
remote host (over ssh) will be relayed to x.x.x.x (over telnet)

This does not involve Net::Telnet at all.

(3) A cleaner way is to use ssh port forwarding: open an ssh connection
to the intermediate host, but set up LocalForward from port yyy to
x.x.x.x port 23. Then you can telnet to 127.0.0.1 port yyy

You can demonstrate this at the command line:

ssh -L 1234:x.x.x.x:23 my-ssh-host

(in another window)
telnet 127.0.0.1 1234

And you can do the same using Net::SSH - there is an example in
README.rdoc

# forward connections on local port 1234 to port 80 of
www.capify.org
ssh.forward.local(1234, "www.capify.org", 80)
ssh.loop { true }

If you do this, then you can use Net::Telnet to open a connection to
127.0.0.1 port 1234, and it will be transparently proxied through to the
end target. This sounds to me closest to what you're trying to achieve.

This depends on the ssh host supporting port forwarding. Most of them
do, but some don't (e.g. Cisco routers ssh don't)

(4) You can also use the command line ssh with dynamic SOCKS
port-forwarding; a single ssh connection can then be used to tunnel
connections to multiple routers, without having to assign a different
local port for each. But AFAIK, Net::SSH doesn't support this. If you
spawn the command-line ssh you can use this. You'd need to get
Net::Telnet to work via a SOCKS proxy too.

If you're doing this in Ruby, assigning a new local port for each
forwarded connection will probably be easier.

HTH,

Brian.

 

[Josh Hurtado]

Thanks Brian. Let me clarify what I want.

So I am running my script from my box (making up IPs) at 192.168.0.254

The I am sshing into my jump box at 192.168.1.1

192.168.0.254 -> 192.168.1.1

Then want to use that box to establish various telnet sessions to cisco
routers and grab the running config (going to list out some make believe
cisco router IPs):

192.168.0.254 -> 192.168.1.1 -> 192.168.2.100 (grab config)
192.168.0.254 -> 192.168.1.1 -> 192.168.2.101 (grab config)
192.168.0.254 -> 192.168.1.1 -> 192.168.2.102 (grab config)

I want to use NET:SSH to establish the connection on one box, then see
if I could run NET::TELNET objects within that session for each router.
The reason: the NET:TELNET already is built and I don't want ot have to
build a new class from scratch to handle the logins.

I will try the port forwarding before (with a NET::SSH) object and
didn't seem to work, but I will try rewriting my config.

Thanks for taking the time to respond.

 

[Josh Hurtado]

Also, would the syntax of my NET::TELNET be something like:


port = ssh.forward.local(1234, "www.capify.org", 80)
NET::TELNET.new ( "user", "PASS", port)
ssh.loop { true }

Thanks

 

[Brian Candler]

Josh Hurtado wrote in post #1001596:

So I am running my script from my box (making up IPs) at 192.168.0.254

The I am sshing into my jump box at 192.168.1.1

192.168.0.254 -> 192.168.1.1

What sort of device is the jump box? Is it a Linux box, or a Cisco
router running ssh, or something else?

If it's a Linux box, then you probably want to use ssh port forwarding.
Do it from the command line, as I showed before (using 'ssh' and
'telnet' commands), to prove it works and understand the principles.
Then you can migrate to Ruby.

Also, would the syntax of my NET::TELNET be something like:

port = ssh.forward.local(1234, "www.capify.org", 80)
NET::TELNET.new ( "user", "PASS", port)
ssh.loop { true }

You'll need to run ssh.loop in a separate Thread:

Thread.new { ssh.loop { true } }
t = Net::Telnet.new("Host"=>"127.0.0.1", "Port"=>1234)