gafaman has asked for the wisdom of the Perl Monks concerning the following question:

Dearest monks, I have been trying for some time now to create a script, using Net::SSH::Expect, to send the contents of the local id_rsa.pub file to another host's authorized_keys file. I thinkg I have managed to exec the command on the remote host properly, but I do not know how to send the password (which I must do once), stored in a variable, when it is is requested. This is my current code: 
#!/usr/bin/perl
use strict;
use warnings;
use Net::SSH::Expect;
print "Device IP:   ";
my $deviceIP        = <STDIN>;
chomp $deviceIP;
my $user            = "gafaman";
print "User password:   ";
my $pass            = <STDIN>;
chomp $pass;
my $epass           = "beholder";
my $login_timeout   = 60;
use POSIX qw(strftime);
my $datestring = strftime "%F", localtime;

my $ssh = Net::SSH::Expect->new(
        host        => $deviceIP,
        user        => $user,
        password    => $pass,
        raw_pty     => 1,
        no_terminal => 0,
        log_stdout  => 1
                );

$ssh->login();
#When the line below is executed, it ends with a "Password: " prompt
$ssh->exec("cat \~\/\.ssh\/id_rsa.pub|ssh \'-o StrictHostKeyChecking=n
+o\' bkpuser\@10.11.12.13 \'cat \>\> \.ssh\/authorized_keys \&\& echo 
+\"KeyCopied\"\'",2);
$ssh->waitfor('Password:\s*', 5) or die "prompt 'Password' not found a
+fter 5 seconds";
$ssh->send("$epass");
$ssh->close();

[download]
Could you please lend me some wisdom? Thanks! Gafaman

Replies are listed 'Best First'.
Re: Send password in Net::SSH::Expect
by Fletch (Bishop) on Jan 21, 2020 at 15:11 UTC

    Perhaps use the existing ssh-copy-id that comes with most of the *NIX ssh implementations?

    Update: Aaah, I missed you're trying to put the key from box B onto box C run from A ( A =hop=> B =hop=> C). It'd be a cleaner thing to run than your cat | ssh cat >>... but it's still going to prompt for the remote password going to the third box C.

    Second update: Never used it, but reading over the docs I think you want to do something like this with send rather than exec: 

    ## ... setup through to your login call the same
$ssh->send( qq{ssh-copy-id bkpuser\@10.11.12.13} );
$ssh->waitfor( qq{Password:} );
$ssh->send( $epass );

    [download]

    The cake is a lie.
    The cake is a lie.
    The cake is a lie.

[reply]
[d/l]
[select]
      Unfortunately, this is a netscaler image without that function: -bash: ssh-copy-id: command not found I have been trying something a bit different though, and am stuck with this system call: 
      system("ssh -q $ssh_user\@$bkp_destination 'sed -i \"s#.*$hostname#$sk
+ey#g\" /tmp/test.txt'");

      [download]
      The idea here is to replace the entry in /tmp/test.txt containing the $hostname with the $skey string. It works from the shell itself, but fails from the script, so I am pretty sure it is a escape issue.
[reply]
[d/l]
        I ran ssh with -v and the problem is that it is sending only a bit of the command: 
        system("ssh -qv $ssh_user\@$bkp_destination 'sed -i \"s#.*$hostname#$s
+key#g\" /tmp/test.txt'");

Variables:
$hostname = "HOSTA";
$skey = "ssh-rsa AAAAB3NzaC1yc2 root@HOSTA";

SSH output:
...
debug1: Sending env LANG = en_GB.UTF-8
#ssh-rsa AAAAB3NzaC1yc2 root@HOSTA#g" /tmp/test.txt
...

        [download]
        So it is not sending the entire -- sed -i \"s#.*$hostname -- bit.
[reply]
[d/l]

Back to Seekers of Perl Wisdom