The_Jesus has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to create a internal webpage that will use Net::SSH::Perl to open an ssh session. What is the best way once I initiate a connection to keep it open so that I can pass input back and forth from the webpage? So i geuss my question is how do I keep my initial call of my cgi script accessible from to recieve input and output results??? Thanks in advance.

Replies are listed 'Best First'.
Re: Perl CGI SSH
by matija (Priest) on May 02, 2004 at 05:39 UTC
    CGI is a connectionless protocol. SSH is NOT.

    In my opinion, you'd have to create a separate process to keep the ssh connection open, then connect to it from the CGI each time the CGI is called with new information from the web client.

    Naturally, you'll have to count with the possibility of having more than one ssh connection open at the same time, so you'll have to have a way to connect to correct ssh "connector".

    I strongly suggest you use CGI::Session to keep the identifying value only on your server, and NOT visible to the user - if the user can see it, they can usualy change it, and that would be a big security risk.

    For some ideas on how to communicate between the CGI and the SSH connector, read perlipc

[reply]
      Even using CGI::Session the "identifying value" is *still* stored on the users computer. They can always modify it.
[reply]
        Yes, they can.

        But in a well written session module, the identifying value is sufficiently random and from a sufficiently large pool, that they would have to try for a very, very long time before they hit another valid session.

        If you give your sessions consecutive identifying values, then of course you are just asking for trouble...

[reply]
      I like that idea of using the CGI::Session module. I have been trying to do a similar thing using cookies and have had a lot of trouble keeping them secure. Sessions seem to be the way to go. Joe
[reply]
Re: Perl CGI SSH
by bart (Canon) on May 02, 2004 at 09:37 UTC
    You can keep it open, if you launch a permanently running script from your opening page, as a separate process, with built-in webserver, and which handles both the web interface and the SSH connection, for one session.

    You can see two versions of this type of script in merlyn's excellent columns, using Chatbot::Eliza as an example of a stateful conversation. You can find them under the title Doctor is IN, see the columns 23 and 24.

[reply]
Re: Perl CGI SSH
by Plankton (Vicar) on May 02, 2004 at 06:06 UTC
    Why do you need to "keep it open"? Just issue your ssh command and read the output ... someone wants to execute a second command via ssh just call ssh again ... you don't need to keep the connection open.

    Plankton: 1% Evil, 99% Hot Gas.
[reply]
      That's definitely a good idea, and I think that only bad part about it would be overhead. Depending on your situation, re-opening SSH connections may not be an acceptable amount of load for the server.

      On the other hand, closing the SSH connection would make your job a lot easier, as you wouldn't have to worry about sessions at all. It's definitely at least worth looking in to, coding your app without sessions would be a simple matter and would be a good development step in coding your app with sessions.

[reply]

Back to Seekers of Perl Wisdom