ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

How to hard code SSH commands in CL program?!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to hard code SSH commands in CL program?!

    Hi guys,

    We have recently installed SSH utilities in our Iseries server. We had a requirement for replacing Telnet with SSH to start a remote session with one of the Unix server. So from my knowledge through command line i'm able to connect to Unix server using below steps,

    Step1 : CALL QP2TERM (it opens a Secure shell session)

    Step2 : ssh -l "userid" -T "server_address"

    But now i need to automate this step in CL program. My aim is to automate 2nd step.

    Please help me Thanks in advance.
    Live and Let Live

  • #2
    Re: How to hard code SSH commands in CL program?!

    This is what i do to use sFT and you would do something similar.

    Code:
    CHGVAR     VAR(&COMMAND) +                            
                 VALUE('/QOpenSys/usr/bin/sftp -vvv -b +  
                 /home/' *TCat &sFTPUser *TCat +          
                '/Utility/put_trs.txt ' || &slcFTPUser +  
                 *TCat '@' *TCat &sFTPSite *TCat +        
                 ' > /home/' *TCat &slcFTPUser *TCat +    
                 '/Utility/Put_trs_Log.txt 2>&1')         
                                                          
    QSH        CMD(&Command)                              
                                                          
    RCVMSG  MSGTYPE(*COMP) RMV(*NO) MSGDTA(&MSGDTA) +     
            MSGID(&MSGID)                                 
                                                          
                                                          
    CHGVAR VAR(&RC) VALUE(0)                              
    IF      COND(&MSGID *EQ 'QSH0005') THEN(CHGVAR +      
        VAR(&RC) VALUE(%BIN(&MSGDTA)))                    
    IF COND(&RC *NE 0) THEN(DO)                           
       /* Error processing */                             
       DlyJob 10                                          
     CHGVAR     VAR(&SendFile) VALUE('/home/' *TCat +                                 
                  &sftpUser *TCat '/Utility/put_trs_log.txt')                         
     MMAIL/emlhtml SUBJECT('sftp - Connection Issue: View Source to Read') +     
                  FROMNAME('ftp Errors') +                                            
                  FROMADDR(DONOTREPLY@F.CO+                        
                  M) TO(FTPISSUE@F.COM/'ftp +                             
                  issue'/*TO) +                                                       
                  STMF(&SendFile) +                                                   
                  IMPORTNC(*HIG) PRIORITY(*URG)                                       
     ENDDO
    Hunting down the future ms. Ex DeadManWalks. *certain restrictions apply

    Comment


    • #3
      Re: How to hard code SSH commands in CL program?!

      Hi,

      Thanks for your reply, i will take this SFTP script as a prototype for my SSH connection and i will try it tomorrow. But to be clear i don't want to transfer files between servers instead i need to just login to Unix server and execute a script.
      Live and Let Live

      Comment


      • #4
        Re: How to hard code SSH commands in CL program?!

        Hi,

        Thanks for your reply,I will take this SFTP script as a prototype for my SSH connection script and will try it tomorrow. But to be clear i don't want to transfer files between servers instead i need to just login to Unix server and execute a script.
        Live and Let Live

        Comment


        • #5
          Re: How to hard code SSH commands in CL program?!

          Hi,

          I have tried below script:

          QSH CMD('/QOpenSys/usr/bin/ssh -vvv -b ssh -l "userid" -T "Host_Name"

          (what does -vvv and -b represents?!)

          but im getting below error for this format, please correct me to make changes in the above command,

          Code:
          [SIZE=3]OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004             
          debug1: Reading configuration data /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_config                                                       
          debug3: Seeding PRNG from /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/libexec/ssh-rand-helper                                                       
          debug1: Rhosts Authentication disabled, originating port will not be trusted.
          debug1: ssh_connect: needpriv 0                     
          debug1: Connecting to [B][I]"Host_Name"[/I][/B] [[B][I]"Ip_address"[/I][/B]] port 22.  
          getaddrinfo: ssh: Hostname and service name not provided or found           
          ssh: connect to host [B][I]"Host_Name"[/I][/B] port 22: A file or directory in the path name does not exist.  [/SIZE]
          Live and Let Live

          Comment


          • #6
            Re: How to hard code SSH commands in CL program?!

            the -vvv is for verbose (more connection tracking debug lines) -b is for batch.

            ssh supports the -vvv. I don't know about the -b

            are you using a password to connect or a key. My example uses a key.
            Hunting down the future ms. Ex DeadManWalks. *certain restrictions apply

            Comment


            • #7
              Re: How to hard code SSH commands in CL program?!

              Hi,

              I want to login using password,

              When i execute this command QSH CMD('/QOpenSys/usr/bin/ssh -vvv -b ssh -T "userid"@"Host_Name"') it should prompt for asking password.

              When I executed the above command below errors i got, its actually trying to login without prompting for password input through keyboard.

              Code:
              OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004             
              debug1: Reading configuration data /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openss
              h-3.5p1/etc/ssh_config 
              debug3: Seeding PRNG from /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/libexec/ssh-rand-helper 
              debug1: Rhosts Authentication disabled, originating port will not be trusted.
              debug1: ssh_connect: needpriv 0                                              
              debug1: Connecting to Host_Name [[B][I]IP_Address[/I][/B]] port 22.          
              debug1: Connection established.                                              
              debug1: identity file /home/hari/.ssh/identity type -1                       
              debug3: Not a RSA1 key file /home/hari/.ssh/id_rsa.                          
              debug2: key_type_from_name: unknown key type '-----BEGIN'                    
              debug3: key_read: no key found                                               
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug2: key_type_from_name: unknown key type '-----END'                      
              debug3: key_read: no key found                                               
              debug1: identity file /home/hari/.ssh/id_rsa type 1                          
              debug3: Not a RSA1 key file /home/hari/.ssh/id_dsa.                          
              debug2: key_type_from_name: unknown key type '-----BEGIN'                    
              debug3: key_read: no key found                                               
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug3: key_read: no space                                                   
              debug2: key_type_from_name: unknown key type '-----END'                      
              debug3: key_read: no key found                                               
              debug1: identity file /home/hari/.ssh/id_dsa type 2                          
              debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1+sf
              tpfilecontrol-v1.3-hpn13v12                                                  
              debug1: match: OpenSSH_5.9p1+sftpfilecontrol-v1.3-hpn13v12 pat OpenSSH*      
              debug1: Enabling compatibility mode for protocol 2.0                         
              debug1: Local version string SSH-2.0-OpenSSH_3.5p1                           
              debug3: RNG is ready, skipping seeding                                       
              debug1: SSH2_MSG_KEXINIT sent                                                
              debug1: SSH2_MSG_KEXINIT received                                            
              debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
              debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
              debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
              debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
              debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
              debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
              debug2: kex_parse_kexinit: none,zlib
              debug2: kex_parse_kexinit: none,zlib
              debug2: kex_parse_kexinit:
              debug2: kex_parse_kexinit:
              debug2: kex_parse_kexinit: first_kex_follows 0                               
              debug2: kex_parse_kexinit: reserved 0                                        
              debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
              debug2: kex_parse_kexinit: ssh-rsa,ssh-dss                                   
              debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
              debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se                                     
              debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
              debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
              debug2: kex_parse_kexinit: none,zlib@openssh.com
              debug2: kex_parse_kexinit: none,zlib@openssh.com
              debug2: kex_parse_kexinit:
              debug2: kex_parse_kexinit:
              debug2: kex_parse_kexinit: first_kex_follows 0
              debug2: kex_parse_kexinit: reserved 0
              debug2: mac_init: found hmac-md5
              debug1: kex: server->client aes128-cbc hmac-md5 none
              debug2: mac_init: found hmac-md5
              debug1: kex: client->server aes128-cbc hmac-md5 none
              debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
              debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
              debug1: dh_gen_key: priv key bits set: 121/256
              debug1: bits set: 1000/2048                                                  
              debug1: SSH2_MSG_KEX_DH_GEX_INIT sent                                        
              debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY                                  
              debug3: check_host_in_hostfile: filename /home/hari/.ssh/known_hosts         
              debug3: check_host_in_hostfile: match line 2                                 
              debug3: check_host_in_hostfile: filename /home/hari/.ssh/known_hosts         
              debug3: check_host_in_hostfile: match line 2                                 
              debug1: Host 'tht062af.dadc.sbc.com' is known and matches the RSA host key.  
              debug1: Found key in /home/hari/.ssh/known_hosts:2                           
              debug1: bits set: 995/2048                                                   
              debug1: ssh_rsa_verify: signature correct                                    
              debug1: kex_derive_keys
              debug1: newkeys: mode 1
              debug1: SSH2_MSG_NEWKEYS sent                                                
              debug1: waiting for SSH2_MSG_NEWKEYS                                         
              debug1: newkeys: mode 0
              debug1: SSH2_MSG_NEWKEYS received                                            
              debug1: done: ssh_kex2.
              debug1: send SSH2_MSG_SERVICE_REQUEST                                        
              debug1: service_accept: ssh-userauth                                         
              debug1: got SSH2_MSG_SERVICE_ACCEPT                                          
              debug3: input_userauth_banner                                                
              This is an [B][I]System_Name[/I][/B], restricted to authorized individuals. This system    
              is subject to monitoring. Unauthorized users, access, and/or modification    
                                         will be prosecuted.                               
              debug1: authentications that can continue: publickey,password                
              debug3: start over, passed a different list publickey,password               
              debug3: preferred publickey,keyboard-interactive,password                    
              debug3: authmethod_lookup publickey                                          
              debug3: remaining preferred: keyboard-interactive,password                   
              debug3: authmethod_is_enabled publickey                                      
              debug1: next auth method to try is publickey                                 
              debug1: try privkey: /home/hari/.ssh/identity                                
              debug3: no such identity: /home/hari/.ssh/identity                           
              debug1: try pubkey: /home/hari/.ssh/id_rsa                                   
              debug3: send_pubkey_test                                                     
              debug2: we sent a publickey packet, wait for reply                           
              debug1: authentications that can continue: publickey,password                
              debug1: try pubkey: /home/hari/.ssh/id_dsa                                   
              debug3: send_pubkey_test                                                     
              debug2: we sent a publickey packet, wait for reply                           
              debug1: authentications that can continue: publickey,password                
              debug2: we did not send a packet, disable method                             
              debug3: authmethod_lookup password                                           
              debug3: remaining preferred: ,password                                       
              debug3: authmethod_is_enabled password                                      
              debug1: next auth method to try is password                                 
              debug2: readpassphrase: not a 5250 return ENOTTY                            
              debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)             
              debug2: we sent a password packet, wait for reply                           
              debug1: authentications that can continue: publickey,password               
              Permission denied, please try again.                                        
              debug2: readpassphrase: not a 5250 return ENOTTY                            
              debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)             
              debug2: we sent a password packet, wait for reply                           
              debug1: authentications that can continue: publickey,password               
              Permission denied, please try again.                                        
              debug2: readpassphrase: not a 5250 return ENOTTY                            
              debug3: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)             
              debug2: we sent a password packet, wait for reply                           
              debug1: authentications that can continue: publickey,password               
              debug2: we did not send a packet, disable method                            
              debug1: no more auth methods to try                                         
              Permission denied (publickey,password). 
              debug1: Calling cleanup 0x20013a74(0x0) 
              Press ENTER to end terminal session.
              Live and Let Live

              Comment

              Working...
              X