Problem using Net::SSH::Perl

[Krishna Chaitanya]

Hi all,

Am trying to run a program called "1.pl" on a linux box with IP
10.0.75.201. Contents of "1.pl":

------------------------

#!/usr/bin/perl -w

use Net::SSH:erl;

my $ssh = Net::SSH:erl->new("10.0.75.201", debug => 1, protocol =>
'2,1', identity_files => ['/root/.ssh/id_rsa']);
$ssh->login("root","<root passwd goes here>");
my ($stdout,$stderr,$exit_status) = $ssh->cmd("ls -l");

print "Stdout is $stdout\n\nStderr is $stderr\n\nExit Status is
$exit_status\n\n";

------------------------

So...the attempt is to connect to this own IP....I generated rsa
keypair using ssh-keygen -t rsa with empty paraphrase and mentioned
path of id_rsa to identity_files as you can see above in the
constructor.

Am running as root user and want to connect as root user. Following is
the debug output:

-------------------------------------------------------

SSLES10-SP2-32:~/packages # perl 1.pl
SSLES10-SP2-32: Reading configuration data /root/.ssh/config
SSLES10-SP2-32: Reading configuration data /etc/ssh_config
SSLES10-SP2-32: Allocated local port 1023.
SSLES10-SP2-32: Connecting to 10.0.75.201, port 22.
SSLES10-SP2-32: Remote protocol version 1.99, remote software version
OpenSSH_4.2
SSLES10-SP2-32: Net::SSH:erl Version 1.34, protocol version 2.0.
SSLES10-SP2-32: No compat match: OpenSSH_4.2.
SSLES10-SP2-32: Connection established.
SSLES10-SP2-32: Sent key-exchange init (KEXINIT), wait response.
SSLES10-SP2-32: Algorithms, c->s: 3des-cbc hmac-sha1 none
SSLES10-SP2-32: Algorithms, s->c: 3des-cbc hmac-sha1 none
SSLES10-SP2-32: Entering Diffie-Hellman Group 1 key exchange.
SSLES10-SP2-32: Sent DH public key, waiting for reply.
SSLES10-SP2-32: Received host key, type 'ssh-dss'.
SSLES10-SP2-32: Host '10.0.75.201' is known and matches the host key.
SSLES10-SP2-32: Computing shared secret key.
SSLES10-SP2-32: Verifying server signature.
SSLES10-SP2-32: Waiting for NEWKEYS message.
SSLES10-SP2-32: Send NEWKEYS.
SSLES10-SP2-32: Enabling encryption/MAC/compression.
SSLES10-SP2-32: Sending request for user-authentication service.
SSLES10-SP2-32: Service accepted: ssh-userauth.
SSLES10-SP2-32: Trying empty user-authentication request.
SSLES10-SP2-32: Authentication methods that can continue:
publickey,keyboard-interactive.
SSLES10-SP2-32: Next method to try is publickey.
SSLES10-SP2-32: Trying pubkey authentication with key file '/root/.ssh/
id_rsa'
SSLES10-SP2-32: Authentication methods that can continue:
publickey,keyboard-interactive.
SSLES10-SP2-32: Next method to try is publickey.
SSLES10-SP2-32: Trying pubkey authentication with key file '/root/.ssh/
id_rsa'
SSLES10-SP2-32: Authentication methods that can continue:
publickey,keyboard-interactive.
SSLES10-SP2-32: Next method to try is publickey.
Permission denied at 1.pl line 6

---------------------------------------------------------

Why is this happening? I've no clue, frankly. The configuration files
it tried reading - /root/.ssh/config and /etc/ssh_config both don't
exist. Instead, there's a configuration file /etc/ssh/ssh_config.

Can anyone help me please? I've installed all the Crypt:: modules
required for Net::SSH:erl to succeed.

Regards,
Chaitanya

 

[zentara]

Hi all,

Am trying to run a program called "1.pl" on a linux box with IP
10.0.75.201. Contents of "1.pl":

use Net::SSH:erl;

my $ssh = Net::SSH:erl->new("10.0.75.201", debug => 1, protocol =>
'2,1', identity_files => ['/root/.ssh/id_rsa']);
$ssh->login("root","<root passwd goes here>");
my ($stdout,$stderr,$exit_status) = $ssh->cmd("ls -l");

print "Stdout is $stdout\n\nStderr is $stderr\n\nExit Status is
$exit_status\n\n";

Am running as root user and want to connect as root user. Following is
the debug output:

My guess is that a common security setup on the server....to disallow
remote root ssh logins....is enabled. If you can change that it means
you are root on the machine you are accessing? Bad bad hacker....!!!!

You probably need to log in via a normal user via ssh, then su to root,
and you may be blocked there with control lists.

zentara

 

[Krishna Chaitanya]

Hi, I've tried all combinations after I wrote my first post. Not
succeeding with root and non-root users. Same problem. I need quick
help...

 

[Krishna Chaitanya]

BTW, the business case I am trying to solve INVOLVES running this
script as root and connecting to a lot of remote linux boxes as root.
It's for installing software on those boxes remotely, and this
particular software can ONLY be installed as root user.

 

[Krishna Chaitanya]

Hi Christopher,

I can connect as root.....the password prompt appears at which I type
in the password. Since there is no authorized_keys file in ~/.ssh ,
password prompting is inevitable.

My requirement is to accept IP addresses and passwords of a set of
machines and then install a software remotely on them. For doing it, I
thought of using Net::SSH:erl since it's the only module I know
which provides facility to accept passwords.

If you think this is really bad idea, can you pls. help by pointing
out better ideas? I am open for trying out the safest way that works
given the user input of IP addresses and passwords.

Thanks a lot,
Chaitanya