Heh, been there, done that :)

I don't know what Netscreen gear you are working with. I am using 5XTs from a couple of years ago, running ScreenOS 3.x. To cut a long story short, I suspect that their ssh implementation is slightly out of spec. Either that, or Net::SSH is (insofar as it doesn't deal correctly with a slightly non-orthodox ssh implementation, but it's a grey area). I spoke with btrott at the time about it, but I wasn't able to pinpoint the fault on one side of the fence or the other, or moreover how patch Net::SSH to deal with it.

After battling for a while, I gave up and used Expect. My Netscreens are connected with el-cheapo ADSL lines (albeit with fixed IP addresses). From time to time the line goes down, or something else happens, and the Netscreen re-establishes the PPPoE session. When this occurs, it fetches the IP addresses of the provider's DNS servers, and obligingly offers this to the DHCP clients on the trusted interface. Which means that all of my internal hosts are unknown.

I have to inspect each router periodically, check the addresses of the DNS servers it offers to its DHCP clients, and if they're not mine, I push my own. (I believe this flaw is corrected in more recent editions of ScreenOS). Anyway, to push a setting to a router, my code looks something like this:

    for my $site( @fix ) {
        my $ssh=Expect->spawn( "/usr/bin/ssh $user\@$site" )
            or die "could not create ssh Expect object: $!\n";

        $ssh->expect( TIMEOUT," password: ")
            or die "Never got password prompt from $site: $!\n";
        print $ssh "password\n");

        my @cmds = (
            'set dhcp server option dns1 10.0.0.1',
            'set dhcp server option dns2 10.0.0.2',
            'save',
            'exit',
        );

        for my $cmd( @cmds ) {
            $ssh->expect( TIMEOUT, "$site>" )
              or die "Never got command prompt from $site: $!\ndid not
+ send [$cmd]\n";
            print $ssh "$cmd\n";
        }

        sleep 1;
        $ssh->soft_close();
    }

[download]

- another intruder with the mooring of the heat of the Perl

In reply to Re: Net SSH Module problem with Netscreen (you might have to use Expect) by grinder
in thread Net SSH Module problem with Netscreen by iloveperl

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.