Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssh key autologin fails #6

Open
netvipe opened this issue Apr 24, 2018 · 4 comments
Open

ssh key autologin fails #6

netvipe opened this issue Apr 24, 2018 · 4 comments

Comments

@netvipe
Copy link

netvipe commented Apr 24, 2018

We're using ciscocmd in combination with ssh-key based autologin.
It turns out that ciscocmd fails to detect the next valid line if ssh key authentication in combination with a predefined ssh username is being used.

We have therefore enhanced ciscocmd to detect a possible prompt even before the first waitprompt call.

Modifications are as follows:

--- /data/shared/install/ciscocmd
+++ /usr/local/bin/ciscocmd
@@ -496,7 +496,7 @@
        }


-       catch { expect -re  "(assword)|(ser(name)?)|(yes/no)" }
+       catch { expect -re  "(assword)|(ser(name)?)|(yes/no)|(> *$)" }
         if { [ catch { set loginbuf "$expect_out(0,string)" } ] } {
         #       if { [ catch { set loginbuf "$expect_out(2,string)" } ] } {
        #               set loginbuf "$expect_out(3,string)"
@@ -532,6 +532,9 @@
                                varcheck "password" 1
                                send  "$password\r"
                                }
+               "> "            {
+                               varcheck "password" 0
+                               }
                default         {
                                exit
                                }

Maybe you would like to included that for the official version.
@alvarezp
Copy link
Collaborator

Interesting case. I guess a user could also be directly dropped in to enable level 15, so the prompt could also end in a hash sign (#) instead of a greater-than sign (>).

@alvarezp
Copy link
Collaborator

Additionally, what happens with your solution if the host is not added to the host key list and thus you get the following prompt?

RSA key fingerprint is 00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff.
Are you sure you want to continue connecting (yes/no)?

@netvipe
Copy link
Author

netvipe commented Apr 25, 2018

You are right. I've added the hash sign to the pattern def. It just makes sense.
The "yes/no" handling is still covered since the "fix" only takes care of connections that are auto connected due to specific ssh policies. The original features are still working as intended.

@tpo
Copy link

tpo commented Jun 14, 2018

@netvipe - would be nice if you could fork ciscocmd-cosi and publish your tree, so others could pull from it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alvarezp @tpo @netvipe