Re: Perl's Telnet vs. Expect Module

"I'm not worried about security" is one of the scariest phrases in the lexicon. Run your plan past your admin and see what he says about it. "I've considered the situation and security concerns have been addressed" is a far better response. Keep in mind that you'll be sending your password unencrypted, and it will have to be listed as plain text in your program, accessible to anyone who cares to look. Imagine what the weird intern might do with that information, especially when his internship is over.

Think about what your program will be used for and what servers it will run on. Can you use rsh or rcp instead of telnet? Also, you're not doing whatever you're doing as root are you? Don't if you can avoid it. If possible, require that the password be passed in as an argument at invocation. It's far better than putting the root password to a cluster of servers as plain text in a script that may get passed around like a fattie at Snoop Dogg's house.

Even if you're working on an isolated LAN, you have to consider what happens if someone gains access to the LAN. It's far better to have a second (or third) line of defense than to have one password give access to the whole system.

-Logan
"What do I want? I'm an American. I want more."

Comment on Re: Perl's Telnet vs. Expect Module

Replies are listed 'Best First'.
Re: Re: Perl's Telnet vs. Expect Module by gnork (Scribe) on Dec 03, 2003 at 11:55 UTC
I would take a closer look at Expect.pm. I use it frequently and it saves you a lot of time not fiddling around with Net::Telnet. Additionally, Expect.pm has a lot more functionality you will find very usefull. cat /dev/world \| perl -e "(/(^.*? \?) 42\!/) && (print $1))" errors->(c)	[reply]
Re: Re: Re: Perl's Telnet vs. Expect Module by TASdvlper (Monk) on Dec 03, 2003 at 15:59 UTC
It sounds like Expect is the way to go. Below is what I want to do, does Expect still make sense ? I was to "push" a set of scripts to a remote system, execute them, collect logs and move then back to my server, then clean up the remote server. So, script executed remotely is not interactive, but I need to do other actions pre/post executing the script. btw - what is /dev/world ? I don't see it on my Linux/Unix boxes.	[reply]
Re: Re: Re: Re: Perl's Telnet vs. Expect Module by gnork (Scribe) on Dec 03, 2003 at 16:54 UTC
If you cant see /dev/world, have a look at the Character Devices Section of the linux kernel configuration. Check (X) Emulate World (You will need to display experimental drivers for that) If it is checked, do a 'insmod world' at the commandline. ;o) cat /dev/world \| perl -e "(/(^.*?\?) 42\!/) && (print $1))" errors->(c)	[reply]
Re: Re: Re: Re: Re: Perl's Telnet vs. Expect Module by TASdvlper (Monk) on Dec 03, 2003 at 18:55 UTC
Re: Re: Re: Perl's Telnet vs. Expect Module by TASdvlper (Monk) on Dec 04, 2003 at 00:24 UTC
Can you elaborate on some of the functionality that you find useful ??? I still trying to get a grasp on what's better, Telnet or Expect.	[reply]
Re: Re: Re: Re: Perl's Telnet vs. Expect Module by logan (Curate) on Dec 05, 2003 at 04:03 UTC
Try here. It's the POD from CPAN's page for Expect.pm. It'll tell you everything you need to know. -Logan "What do I want? I'm an American. I want more."	[reply]