7

I write the active.ksh script (based on expect) in order to login automatically to some Solaris machine and execute the hostname command (login to virtual IP in order to verify which hostname is the active machine - I have two cluster solaris machines )

The problem is with expect; expect sends the password string (pass123) and it misses the Password question, and it still waits for the password.

So actually the password (pass123) was entered after password question. On most cases the expect script works fine but sometimes it missed the password.

EXAMPLE OF THE PROBLEM

 ./active.ksh
 spawn ssh 10.10.18.61
 sh: /usr/local/bin/stty: not found
 This computer system, including all related equipment, networks and network devices      (specifically including Internet access),is provided only for authorized uss
 Password:        * my remark - pass123 string was missed the Password Question        pass123
 Password:

THE SCRIPT

  #!/bin/ksh

  VIP_ADDRESS=10.10.18.61


  expect_for_verify_which_active_machine=`cat << EOF
  set timeout -1
  spawn  ssh   $VIP_ADDRESS 
  expect {
  ")?"   { send "yes\r"  ; exp_continue  }
  Password:  {send "pass123\r"}
  }
  expect >  {send "hostname\r"}
  expect >    {send exit\r}
  expect eof
  EOF`


  expect -c  "$expect_for_verify_which_active_machine"

EXAMPLE OF RIGHT RESULTS

  ./active.ksh 
  [Friday, February 24, 2012  2:32:06 PM IST] INFO Verify which is active SMU machine 
  spawn ssh 10.10.18.61
  sh: /usr/local/bin/stty: not found
  This computer system, including all related equipment, networks and network devices       (specifically including Internet access),is provided only for authorized uss
  yes
  Password: 
  Last login: Fri Feb 24 14:32:06 2012 from smu1a
  This computer system, including all related equipment, networks and network devices       (specifically including Internet access),is provided only for authorized uss
  solaris1:/ ROOT > hostname
  solaris1
  solaris1:/ ROOT > exit

  logout
  Connection to 10.10.18.61  closed.
larsks
  • 41,276
  • 13
  • 117
  • 170
Eytan
  • 601
  • 6
  • 13
  • 26

2 Answers2

7

You will want to avoid using "Password:" if you monitor your strings during login, you will find that it is not always capitalized.

Changing your expect to -re "(.*)assword:" or "assword:" tends to be much more effective for catching the line.

If you find that the timings are still too quick you can put a sleep 1; before your send

This is what i use for expect

expect {
    "(yes/no)?" { send "yes\n" }
    "passphrase" { send "\r" }
    -re "(.*)assword:"  { sleep 1; send -- "password\r" }
    -re $prompt { return }
    timeout     { puts "un-able to login: timeout\n"; return }
    eof         { puts "Closed\n" ; return }
}
Xarses
  • 321
  • 1
  • 5
4

It's not clear to me why you're using expect at all. Since you have ssh access to the remote hosts, the easiest solution would be to establish ssh public key authentication explicitly for this purpose; then you could simply run...

ssh 10.10.18.61 hostname

...and everything would Just Work*. Even using expect you're doing too much work, since even using password authentication you could issue the above command and not have to worry about interacting with the remote shell using expect. You'd send up with something like:

#!/bin/sh

VIP_ADDRESS=10.10.18.61

expect <<EOF
spawn ssh $VIP_ADDRESS hostname
expect Password:
send "pass123\n"
expect eof
EOF

And that's it.

You can debug your expect scripts using the -d flag. In my case, the output of the above expect script run in debug mode includes the following:

expect: does "" (spawn_id exp4) match glob pattern "password:"? no
lars@localhost's password: 
expect: does "lars@localhost's password: " (spawn_id exp4) match glob pattern "password:"? yes
expect: set expect_out(0,string) "password:"
expect: set expect_out(spawn_id) "exp4"
expect: set expect_out(buffer) "lars@localhost's password:"
send: sending "PASSWORD\n" to { exp4 }

myhost.example.com
expect: read eof
expect: set expect_out(spawn_id) "exp4"
expect: set expect_out(buffer) " \r\nobliquity.int.seas.harvard.edu\r\n"

This shows exactly what expect is matching and what it's sending.

* Technically you might have to resolve some host key issues, but this is easy.

larsks
  • 41,276
  • 13
  • 117
  • 170
  • I cant because customor not want to set public keys ( I work on customor machines) – Eytan Feb 24 '12 at 14:15
  • yes your example better but it not solve my problem , I get the same results , I run it 10 times and two times its stuck and 8 times its work fine – Eytan Feb 24 '12 at 14:21
  • Does running expect in debug mode (`-d`) produce any useful information? – larsks Feb 24 '12 at 14:44
  • you mean to run expect -d .... – Eytan Feb 24 '12 at 14:53
  • Yes, exactly. `expect -d ...` – larsks Feb 24 '12 at 15:13
  • @Eytan still agree with larsks, though. Since you seem to be the expert in that business relationship you may want to educate them and explain why they should turn off password authentication altogether. – 0xC0000022L Feb 02 '20 at 22:31