How to use SSH from the cmd line in Ruby?


#1

Since an SSH package for Ruby doesn’t exist right now, I have been
trying to implement an SSH client through Ruby by sending text
directly to the command line and retrieving the results. It’s not
working, though.

I was originally trying to use code similar to this to run the SSH
program at the command line automatically and print the results:

cmd = open("|ssh www.myhost.com")
cmd.each {|x| puts x}
cmd.close

If I use open("|dir") or open("|date") or other similar programs that
are built-into MS-DOS, the program works as expected and outputs the
full text results. When I try to use open("|ssh www.myhost.com")
though, it returns nil.

Does anyone have any ideas about how to initiate an SSH session at the
command line through Ruby and be able to control it/send commands to
it? i.e. I need to be able to write something like this in Ruby

$stdin << “exit”

And the SSH program should then exit. I want to be able to send
commands to SSH (run at a command prompt) and receive commands from
SSH programmatically through Ruby.


(Nikodemus Siivola) #2

Just guessing, but I believe ssh implementations typically connect directly
to the tty in use for password/phrase queries for security.

This means that you need to use tools like expect or open a pty. Another
option would be to use keypairs that do not require passphrases, or a
daemon that supplies the passphrase provided it has already been provided
once.

The last option is AFAIK the secure & “correct” one. Look into ssh-agent.

The basic idea is to start the daemon and supply it manually with the
passphrase, which it stores in memory. After this the daemon supplies the
information for all future connections.

– Nikodemus

···

On Sat, 22 Jun 2002, Richard wrote:

Since an SSH package for Ruby doesn’t exist right now, I have been
trying to implement an SSH client through Ruby by sending text
directly to the command line and retrieving the results. It’s not
working, though.


(Paul Duncan) #3

Since an SSH package for Ruby doesn’t exist right now, I have been
trying to implement an SSH client through Ruby by sending text
directly to the command line and retrieving the results. It’s not
working, though.

Just guessing, but I believe ssh implementations typically connect
directly to the tty in use for password/phrase queries for security.

Yup.

openssh-3.3p1/readpass.c:100
rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
if (flags & RP_ALLOW_STDIN) {
if (!isatty(STDIN_FILENO))
use_askpass = 1;
} else {
rppflags |= RPP_REQUIRE_TTY;
ttyfd = open(_PATH_TTY, O_RDWR);
if (ttyfd >= 0)
close(ttyfd);
else
use_askpass = 1;
}

···

On Sat, 22 Jun 2002, Richard wrote:

This means that you need to use tools like expect or open a pty. Another
option would be to use keypairs that do not require passphrases, or a
daemon that supplies the passphrase provided it has already been provided
once.

The last option is AFAIK the secure & “correct” one. Look into ssh-agent.

The basic idea is to start the daemon and supply it manually with the
passphrase, which it stores in memory. After this the daemon supplies the
information for all future connections.

– Nikodemus


Paul Duncan pabs@pablotron.org pabs in #gah (OPN IRC)
http://www.pablotron.org/ OpenPGP Key ID: 0x82C29562