Net::SSH::Perl Module Problem

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: Net::SSH::Perl Module Problem by SyN/AcK (Scribe) on Jul 30, 2003 at 15:21 UTC
I do not think this is possible with Net::SSH::Perl. I used this module recently and I don't remember seing any methods for doing such a thing. I think what you want to use is probably IO::Socket. This should let you listen to a port and do an appropriate action. If you need to actually read what is being passed, however, you will run into some problems, since SSH is encrypted. In this case, you might be able to use a different implementation of IO::Socket. I do believe that there is an IO::Socket::SSL, or something like that. I would think that this might allow you to communicate with SSH, since I believe that SSH uses SSL for its encryption. Hope this helps.	[reply]
I'm getting tired of SSH questions... by crenz (Priest) on Jul 30, 2003 at 15:57 UTC
You have asked the same question at least two times. Can you please elaborate on why the answers you got didn't work for you first before asking your question again? You won't be able to listen to port 22 and log the info you want, unless you write your own SSH server (not recommended...). Are you sure my suggestion won't work for you? (ie. either using sshd's logfiles or issueing the `last` command)	[reply] [d/l]
Re: Net::SSH::Perl Module Problem by naChoZ (Curate) on Jul 30, 2003 at 17:02 UTC
This is sort of a flimsy suggestion, but tcsh has a built in method for watching other users logging in and out. You might have a go at joining their mailing list and asking how they do it. .tcshrc clipping: `# Watch any(1) other users every 0 seconds from any(2) console, # when logging in/out.(I like this one!) # It gives something like "root has logged on tty1 from local." # You may find it annoying on busy systems (like shell1.sourceforge.ne +t) set watch=(0 any any) # Format of output string when someone logins or logouts.(Look above) # Hmm, can't be internationalised easily. set who="%n has %a %l from %M."` [download] ~~ naChoZ	[reply] [d/l]
Re: Net::SSH::Perl Module Problem by gnu@perl (Pilgrim) on Jul 30, 2003 at 16:41 UTC
There is an extremely large problem with this idea that has not been covered. An operating system can have only one thing in 'Listen' on a port at any one time. If you were to connect to a box via ssh (port 22) and attempt to open a listen socket on port 22 you would receive an error that the port is in use (assuming that sshd is running as a daemon). If sshd is running from inetd (not recommended) you may be able to start a listen socket on port 22, but now ssh connections would not be accepted because your application is now listening on port 22 and handling all connections instead of the sshd process. When you connect to a machine using ssh your initial connection is accepted on port 22, but almost immediately that request is shifted to an alternate port for the remainder of the session. The reason for this is that a particular port can not only have just one 'thing' in listen mode but it can also only handle one connection at a time. If you were to stay on port 22 no other people would be able to connect to the server. Also, as requested, please explain in full detail exactly what you are attempting to accomplish, maybe it has been done before. If you want immediate notification when someone logs in or out there are many ways to do it depending on the level of system access you have (user level vs. root). UPDATE: After posting noticed that this issue was partially addressed in this post by crenz	[reply]
Re: Re: Net::SSH::Perl Module Problem by Anonymous Monk on Jul 30, 2003 at 18:22 UTC
Hi , Thanks for ur help . Here is what I want to achieve . I want to display the list of user's logged in on port 22 . This display should include the IP addresses from where they arrived , their time of connection ,userid and their time of disconnection . Is it possible using IO:Socket. Also the display should include the userid's who after getting connected to port 22 made exit i.e got disconnected . Can i keep a track of user's in the manner mentioned above . Thankyou !	[reply]
Re: Re: Re: Net::SSH::Perl Module Problem by gnu@perl (Pilgrim) on Jul 30, 2003 at 19:46 UTC
Just to make sure I understand you completely. You only want to moniter users connecting using ssh. You don't care about telnet (shouldn't use telnet anyway). There are only two ways I can think of to do this, the realy easy way that is less accurate and the really hard way (some think it's hard) that is much more accurate. The easy way, and still not too bad is to monitor the log file from sshd or your messages file. It has basically all the information you want there. Since I don't know what OS you are running I will relate things to Red Hat linux. In my /var/log/messages file I have the following: K, this gets long winded... Read more... (3 kB)	[reply] [d/l]
Re: Re: Re: Net::SSH::Perl Module Problem by SyN/AcK (Scribe) on Jul 30, 2003 at 23:22 UTC
Seriously, as others have said there is better ways of doing this. Are you on a *Nix box? If so, you should be able to use tcpdump or ethereal or any kind of sniffer to figure out whoose making connections to ssh. Furthermore, you could use ntop to display a list of all incoming connections. Whether this would display a list of users, I doubt it, but what is the point of that anyways? Why don't you do as others have suggested and take a look at working with SSH's log files. Hell, if you really want to get funky and generate some sort of report with perl, you could easily just manipulate what is inside of the logs to how you want to see it.	[reply]
Re: Net::SSH::Perl Module Problem by nega (Scribe) on Jul 30, 2003 at 14:55 UTC
Please wrap your code in <code> tags. I think you're looking for a more complicated answer than you need. Just use Net::SSH:Perl to log into the remote machine and grep the info you need out of sshd's logfiles.	[reply]
Re: Re: Net::SSH::Perl Module Problem by Anonymous Monk on Jul 30, 2003 at 15:05 UTC
`#!/usr/bin/perl use Net::SSH::Perl; use strict; my $cmd = 'w'; my $host = 'devel.dot.com'; my $user = 'john'; my $ssh = Net::SSH::Perl->new ($host, compression=>1); $ssh->login($user, 'pass'); my ($out, $err, $exit) = $ssh->cmd($cmd); print $out;` [download] This is my perl script which logs to remote machine and executes "w" command . But I need to listen on port 22 to track incoming connections on the remote machine and display messages for the same . Is it possible using the net::ssh::perl module ??? Thanks for ur previous help .	[reply] [d/l]
Re: Re: Re: Net::SSH::Perl Module Problem by Grygonos (Chaplain) on Jul 30, 2003 at 15:15 UTC
you could cron your script up to run every so often? I don't know that port listening was the intended use of Net::SSH::Perl Have a look at what the author says the module does/can do. Then decide if the module is what you need. with a socket connection your port 22 is not someone else's port 22, so being able to listen to a port, would just be between the client and the server. Read more... (521 Bytes)	[reply]
Re: Re: Re: Net::SSH::Perl Module Problem by nega (Scribe) on Jul 30, 2003 at 16:54 UTC
Net::SSH::Perl implements a client, not a remote listener. You can't do want you want directly from Net::SSH::Perl. Instead, read the CPAN Documentation for Net::SSH::Perl, look at the `$ssh->shell` directive and like I and other's have said, grep the information you want out of sshd's log files.	[reply] [d/l]