• Support
  • Articles
  • Resources
  • Products

MACRO for SSH - over 1000 devices

Moderator: boris

  • 1
  • 2

30 postsPage 1 of 2

ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Sat Sep 19, 2009 12:54 pm
Hello mr. Boris, hello everybody !
Well I have an issue, a big one. I am trying to develop a script to help me change the passwords for let's say 1000 devices. The thing I have to do is :

1. connect to the device, through ssh - it has a linux interface
2. then change the password for user admin - level
3. enter root level and change the password for user root.

After these three steps, the script must grab a second ip address from the txt file and repeat the process. Well everything is ok untill now. I have the following issues :
a) some of my devices have two ip addresses through which they can be accessed remotely; it's a redundant solution, if one ip responds to ping, the second one doesn't; so the device can be accessed remotely through one of the 2 ip addresses.
Let's say the txt file contains 4 ip addresses IP1, IP2, IP3, IP4. - with IP1 and IP2 coresponding to one device, and IP3 and IP4 corresponding to the second device.
The script goes ok if my txt file had only IP addresses that respond to ping and if my devices had only IP address to connect to them.
Well, in the example with the two devices : Tera term connects to IP1, solves the job, exists the session and then it tries to connect to IP2 which corresponds to the same device.
At this moment, the script should wait for let's say 5 sec, and if the IP address is not accessible to jump to the next IP - as in our example - IP3 - and also to type in a log file a message :
"IP2" is not accessible.

b) the second issue is that if the first IP address in the txt file is an ip address which is not reachable, THE SCRIPT STOPS. It should be done something for the script, to test the reachability to the host (ip address from the txt file) first, type a message in a log file and jump to the next IP address.

Final word : The script works ok if the txt file contains only accesible IP addresses (accessible to ping) !!!

Here is my script :

Code: Select all

  1. fileopen fh "e:\bytton\bytton_IP.txt" 0
  2. filereadln fh line
  3. while result=0
  4.    
  5.     strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxxxxx'
  6.     connect line
  7.     wait 'admin@bytton:~$'
  8.     sendln 'passwd'
  9.     wait 'Old password:'
  10.     sendln 'xxxxxxx'
  11.     wait 'Enter new password:'
  12.     sendln 'xxxxxxxxxxx'
  13.     wait 'password:'
  14.     sendln 'xxxxxxxxxx'
  15.     unlink
  16.     filereadln fh line
  17.   endwhile


Thank you in advance, I hope to hear from you soon !!!
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Sat Sep 19, 2009 3:04 pm
Add /timeout=5 to the end of your connect string and use testlink command after connect to validate if the connection was established successfully. Check TeraTerm help file for more details.
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Sat Sep 19, 2009 5:50 pm
Hello, back again !

Well, my script looks like this now :

Code: Select all

  1. fileopen fh "e:\bytton\bytton_IP.txt" 0
  2. filereadln fh line
  3. while result=0
  4.    
  5.     strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxxx /timeout=5'
  6.     connect line
  7.     testlink
  8.     mpause 3000
  9.     if result=1 unlink
  10.     connect line
  11.     wait 'admin@bytton:~$'
  12.     sendln 'passwd'
  13.     wait 'Old password:'
  14.     sendln 'xxxxxx'
  15.     wait 'Enter new password:'
  16.     sendln 'xxxxx'
  17.     wait 'password:'
  18.     sendln 'xxxxxx'
  19.     unlink
  20.     filereadln fh line
  21.    
  22. endwhile


It's not functional; it connects to the first device(which has 2 ip addresses), does the job, then connects to the second ip address, it ends the tera term session, it connects to the 3rd ip address in the txt file, which is also not reachable (the second ip address of the device is reachable at ping) and after this it stops. I receive macro error at line 12; the 4th ip address in the txt file is reachable at ping, but the script doesn't reach that one :( !!

Hope to hear from you soon !
Thanks !

Brgds,
Ciprian.
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Sun Sep 20, 2009 5:45 pm
There were couple of issues with your code and I had to do few changes to make it work.

One thing that I observed and that looks to me like a bug in 4.63 is that unlink command does not work as expected. Actually, it does not do anything! Open connection remains open and the next connect command creates new instance of TeraTerm. That's why I replaced unlink with closett.

So, here is what worked for me (obviously during my tests lines 5 and 9-16 were different from shown below) :

Code: Select all

  1. fileopen fh "e:\bytton\bytton_IP.txt" 0  ; file contains one IP per line
  2. filereadln fh line
  3.  
  4. while result=0
  5.   strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxx /timeout=5'
  6.   connect line
  7.   testlink
  8.   if result = 2 then
  9.     wait 'admin@bytton:~$'
  10.     sendln 'passwd'
  11.     wait 'Old password:'
  12.     sendln 'xxxxxx'
  13.     wait 'Enter new password:'
  14.     sendln 'xxxxxx'
  15.     wait 'password:'
  16.     sendln 'xxxxxx'
  17.     closett
  18.   else
  19.     if result = 1 closett
  20.   endif         
  21.   filereadln fh line
  22. endwhile
  23.  
  24. fileclose fh
  25. end
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Mon Sep 21, 2009 7:32 am
hello mr boris, hello everybody !!

Well, as far as I have checked until now, the script works ok now ! :smile:
There is only one problem left, only at least this is what is bothering me now !
I want the script to create log files for both the IP addresses that are reachable or not reachable.

It would be usefull for the follwing command to work :

"filewriteln 'e:\bytton\log_ok.txt' line " or something like this.

I need to have at the end of my tests to files (log files) that would have the follwing composition :

Clock/date "@ IP reachable : (this would be a text written by me)" 'the ip address that tera term connected and did the job '. So 3 things :

1.clock/ date
2. a text written by me, followed by :
3. the IP address that tera term connected OR NOT

As I said, I need two log files. I believe I would put the lines in the 'if' and 'elseif' branches of the script. I want to mention that I tried with logopen and filewrite commands but it doesn't do the job.

Any help ?
Thanks.

Brgds,
Ciprian.
IshmaelCallMe
Guru

Posts:
672
Joined: Thu Jan 26, 2006 2:28 am
by IshmaelCallMe » Tue Sep 22, 2009 1:26 pm
This can indeed be done with either logopen or filewrite commands. Why don't you try it yourself for as far as you can get, then post your new code with any problems you run into that you get stuck on.
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Tue Sep 22, 2009 6:40 pm
Hello IshmaelCallMe ! First of all,thanks for your reply. I have tried using log commands but I haven't succeded. First hour tomorow morning I will recheck my code, try use filewriteln as well and I will post my script code here too. I don't think I will succed as I have spent nearly half a day with the log problem. Thanks and Hope to hear from you soon cause I will surely need assistance.

Brgds,
Ciprian.
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Wed Sep 23, 2009 8:36 am
Back ! :D

Well, my script looks like this now :

Code: Select all

  1. fileopen fh "e:\bytton\bytton_IP.txt" 0  ; file contains one IP per line
  2.     filereadln fh line
  3.      
  4. while result=0
  5.       IP = line
  6.       strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxx /timeout=4'
  7.       connect line
  8.       testlink
  9.       if result = 2
  10.          then   
  11.             logopen "e:\bytton\log_ok.txt" 0 1
  12.             logpause
  13.             logwrite IP
  14.             logwrite '  ok '
  15.             wait 'admin@bytton:~$'
  16.             sendln 'passwd'
  17.             wait 'Old password:'
  18.             sendln 'xxxxxx'
  19.             wait 'Enter new password:'
  20.             sendln 'xxxxx'
  21.             wait 'password:'
  22.             sendln 'xxxxxx'
  23.             closett
  24.          elseif result = 1 closett
  25.       endif        
  26.     filereadln fh line
  27. endwhile
  28.     fileclose fh
  29. end


First hour in the morning, the script was working. When I say it was working, I say that the script did the job and the log file was almost ok. My problem now is that when I run the script :
- it connects to IP1 - reachable at ping, does the job, jump to IP2
- closes Tera Term for this connection - IP2- because it is not reachable at ping, jump to IP3
- closes Tera Term for this connection - IP3- because it is not reachable at ping, jump to IP4
- IP4 is reachable at ping, but I really don't know what I did and the script doesn't connect to this one :((((( :cry:

If you can help me solve this problem, there is one more. The resulting log file : log_ok.txt, has the following structure :

IP1 ok IP4 ok ....etc
It would be very very ok if the log file would look like this :
IP1 ok
IP4 ok
.
.
.etc
I tried to solve this problem with lots of filewriteln, readln, etc etc but failed. Please support.

Thanks and brgds,
Ciprian.
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Thu Sep 24, 2009 7:59 am
Hello everyone !

Good news, I have tried on another computer, the connection to all IP's are ok. The only problem is the log file, the output to appear one line undear the line before.

example :
IP1 ok
IP7 ok
IP23 ok
etc.
IshmaelCallMe
Guru

Posts:
672
Joined: Thu Jan 26, 2006 2:28 am
by IshmaelCallMe » Thu Sep 24, 2009 2:04 pm
Replace
logwrite ' ok '

with

logwrite ' ok'#13#10
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Thu Sep 24, 2009 7:32 pm
Hello again !

I hope this is my last question : when I FIRST connect to a device, a window regarding security appears, and I have to click a button OR hit enter on the keyboard. I have tried with "send 28" but doesnt't happend anything ! Any idea ? Basicly this ENTER should come before the lines when I start to send code.

Thank u guys !

Best regards !!
Ciprian.
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Thu Sep 24, 2009 7:39 pm
Check this post for the correct connect syntax.
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Fri Sep 25, 2009 5:18 am
hello mr boris, hello everyone!
well, I didn't understand too much from the post that mr boris suggested - connect command syntax.
I believe the "enter" key should be sent at line 15, because if I don't hit "enter" the connection to the host it's not opened.
Again, I didn't understand what I should have looked for in that post.
Please be more specific !!!

Thanks and best regards !
Ciprian

Code: Select all

  1.  
  2. fileopen fh "e:\bytton\bytton_IP.txt" 0  ; file contains one IP per line
  3.     filereadln fh line
  4.      
  5. while result=0
  6.       IP = line
  7.       strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxx /timeout=4'
  8.       connect line
  9.       testlink
  10.       if result = 2
  11.          then  
  12.             logopen "e:\bytton\log_ok.txt" 0 1
  13.             logpause
  14.             logwrite IP
  15.             logwrite '  ok '
  16.                                <--------------------------------- I believe here      
  17.             sendln 'passwd'
  18.             wait 'Old password:'
  19.             sendln 'xxxxxx'
  20.             wait 'Enter new password:'
  21.             sendln 'xxxxxxx'
  22.             wait 'password:'
  23.             sendln 'xxxxxxx'
  24.             closett
  25.          elseif result = 1 closett
  26.       endif        
  27.     filereadln fh line
  28. endwhile
  29.     fileclose fh
  30. end
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Fri Sep 25, 2009 10:48 am
MY code is :

Code: Select all

  1. fileopen fh "d:\bytton\bytton_IP.txt" 0
  2.  filereadln fh line
  3.      
  4. while result = 0
  5.       IP = line
  6.       strconcat line ':2222 /ssh /auth=password  /user=admin /passwd=xxxxx /timeout=7'
  7.       connect line
  8.       testlink
  9.       if result = 2 then     
  10.         logopen "d:\bytton\log_ok.txt" 0 1
  11.         logpause
  12.         logwrite IP
  13.         logwrite '  ok '#13#10
  14.         wait 'admin@bytton:~$'
  15.         sendln 'passwd'
  16.         wait 'Old password:'
  17.         sendln 'xxxxxx'
  18.         wait 'Enter new password:'
  19.         sendln 'xxxxxx'
  20.         wait 'password:'
  21.         sendln 'xxxxxx'
  22.         closett
  23.     else
  24.         if result = 1 closett
  25.     endif        
  26.     filereadln fh line
  27. endwhile
  28.     fileclose fh
  29. end


I have searched the forum and tried all sort of commands : sendkcode 28, send 13 10, send 13, send 10, sendln ' ', and nothing worked for me. If I connect manually to the device, I have to press "enter" and after that the tera term begins to connect to the device. I mean that it opens a tera term window in background, upon it I see the user/ password window, and the most close to me it's this window I have to press ENTER for the script to continue. Any ideas ?

PS : Sorry for the many posts, but I tried to explain the better I could the situation.

Thanks and best regards !
Ciprian
IshmaelCallMe
Guru

Posts:
672
Joined: Thu Jan 26, 2006 2:28 am
by IshmaelCallMe » Fri Sep 25, 2009 1:43 pm
Try this, maybe?

viewtopic.php?f=13&t=965
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Fri Sep 25, 2009 1:53 pm
If you get popup window titled "SSH Authentication" and your macro does not move forward until you hit <Enter> this either means you have incorrect connect string (that's why I suggested you to read another topic), or old version of TeraTerm. Make sure you are running TeraTerm 4.63.

You cannot interact with "SSH Authentication" window by sending sendln or any other macro commands. You either pass it after running connect, if connect syntax matches your remote host authentication method (which can be different) and if credentials are correct, or not.

Since connect is inside the loop and assuming that all remote hosts are using the same authentication method, you should be hitting <Enter> for each connection. Is that true? I got impression from your posts that popup appears only once. Please confirm.
Also, try to change the order of IP-s in bytton_IP.txt file to identify whether the popup is "linked" to certain IP(s) or not.


And finally, please use macro code syntax highlighting when you post on these forums. Either select the code and click "Code" button above editor area, or surround your code with [code] [/code] tags.
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Sat Sep 26, 2009 4:35 am
hello folks !

It seems that I was not so clear. There is nothing wrong with the ssh authentication window. I will say it again. When the script reads bytton_IP.txt file it grabs an IP address, and then tries to connect. At this point, TeraTerm opens a window - a window in which I will see the password changes and all I want the script to do to the device. But, before all this, upon the main TEraTerm window appears the ssh authentication window. I DON'T have to press anything to get passed this window. NOW, HEAR THE PROBLEM : Upon this ssh auth window appears the third window, which, mr. Boris, appears to every IP address the first time I connect to it - it is about security, it says something about the network I am trying to access , bla bla bla. THE fact is that I have 2 buttons at this point : Connect and Disconnect . Anyway, connect is selected already and I have to ONLY hit enter on keyboard.
After I hit enter, the ssh authentication window continues it's job, authenticates the host - IP address and the Tera Term window starts to change passwords or whatever job I'll do.

My problem is, how am I going to get rid of that 3rd window ? How is TeraTerm going to hit enter key so that the process can continue ?
I hope that this time I was more clear.

Thanks and best regards !
Ciprian
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Sat Sep 26, 2009 5:56 am
Ok, now we are talking :smile:. The windows you are referring to has title SECURITY WARNING and notifies user that server's key fingerprint has not been saved in known hosts file.

This window appears when you SSH to a remote server at the very first time. Once you click Continue in this popup box, it will never show up again for that server, unless you delete ssh_known_hosts file from TeraTerm directory, or remote server's fingerprint changes.

Now, the bad news is that there is no way to avoid this popup using macro and the only existing solution is to use 3rd party tool AutoIt as IshmaelCallMe suggested earlier.

This issue has been brought up several times here, but by some reason TeraTerm project team is very reluctant in addressing this problem. My understanding is that they are trying to enforce security by keeping this popup.
Well, I guess it is time to ask them directly:

Yutaka, maya, doda: what would you suggest Ciprian to do, to avoid clicking Continue button manually 1000 times?
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Sun Sep 27, 2009 11:54 am
Hello everyone ! Well, mr Boris indeed understood what my problem is ! I am very happy to be on this forum and I am also very thankfull for your quick responses ! Let us hope we are going to have an answer from the experts, as I presume ! Thank you all, I shall wait now ...

Best regards,
Ciprian.
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Wed Sep 30, 2009 9:48 am
Hello mr Boris ! Do I have to make another request to the Tera Term developers : Yutaka, maya, doda ?? Or I just have to wait for a response ? Thank you in advance for your response !!!

Beste regards,
Ciprian.
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Wed Sep 30, 2009 3:02 pm
Do not create duplicate messages, they are considered spam and may "cost" you a warning. Read our Rules and Regulations.

I'd suggestion you to create new topic under TeraTerm Suggestions forum and request the feature of having bypass option for that additional popup. Make sure you mention the number of devices you're dealing with.

Another place to post your request is TeraTerm project site in Japan http://en.sourceforge.jp/projects/ttssh2/. There are few sections there - another forum, bugs reporting section and suggestions section.

And finally, please lower your expectation. It may take quite some time before you get the answer, if ever. As I've mentioned earlier you are not the first one who brought up this issues and it stays unresolved for years. Consider using AutoIt, or if you, or someone of your friends knows programming language C, just obtain TeraTerm source and try to fix this issue yourself. The downside of latter approach is that you will need to re-introduce your fix in each new release of the software.
Thanks.
Best regards,
Boris
Yutaka Hirata
TeraTerm Developer

Posts:
606
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Sat Oct 03, 2009 3:58 pm
Hi Boris,

I added a new "/nosecuritywarning" option in the TTSSH command line. When a user uses this option, the known_hosts check dialog does not appear on connecting to the server with SSH2 protocol. And also, this option has the security problem. I decide that this option is the hidden option. So, I will not document about this option in the Tera Term reference.

http://ttssh2.sourceforge.jp/snapshot/s ... 091004.zip

Thanks.
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Sun Oct 04, 2009 1:38 am
THANKS YUTAKA !!! :veryhappy: :veryhappy: :veryhappy:

Ciprian: Please test this build and let us know if it works.
Thanks.
Best regards,
Boris
ciprian_s
Newbie

Posts:
21
Joined: Sat Sep 19, 2009 12:19 pm
by ciprian_s » Mon Oct 05, 2009 9:25 am
Hello Boris, hello Yutaka, hello readers !

what am I supposed to do to use it ? after downloading the package, I saw that it was like my original tera term folder !!! what am I supposed to do ?

Hope to hear from you soon !
Have a nice day, bye bye !

Best regards,
Ciprian.
boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1596
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Tue Oct 06, 2009 8:47 pm
Ciprian: Just add /nosecuritywarning to the end of your connect string and run your macro using the latest TeraTerm build provided by Yutaka.

Info for all: /nosecuritywarning completely removes additional security popup window, however, it does not add server fingerprint to ssh_known_hosts file, which I think is very good solution. Thanks again, Yutaka!
Thanks.
Best regards,
Boris
Display posts from previous:
Sort by:
  • 1
  • 2

30 postsPage 1 of 2

Users browsing this forum: No registered users