SSH connection refusal kills CGI

Dranzaz has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to setup a FORM fed CGI script to test Cisco Terminal servers for specific standards. One set of standards it to test if Telnet is blocked and SSH enabled.

Below is what I currently have:

    #Begin telnet access test and display results
    $telnet = Net::Telnet->new(Timeout => 10, Errmode => "return");
    if ($telnet->open($tsip)) {
        $| = 1;
        print '<TD align=center bgcolor=#ff0000>Granted</TD>';
        $| = 0;
        $tstelnettest = 1;
    }
    else {
        $| = 1;
        print '<TD align=center bgcolor=#00ff00>Denied</TD>';
        $| = 0;
        $tstelnettest = 0;
    }
    $telnet->close;
    #Begin SSH access test and display results
    if ($ssh = Net::SSH::Perl->new("$tsip")) {
        print '<TD align=center bgcolor=#00FF00>Granted</TD>';
        $tssshtest = 1;
    }
    else {
        print '<TD align=center bgcolor=#FF0000>Denied</TD>';
        $tssshtest = 0;
    }
[download]

The Telnet test works just fine. However the SSH test dies. Here are the server log entries:

Thu Nov 24 12:55:36 2005 error client x.x.x.x Use of uninitialized value in concatenation (.) or string at /usr/lib/perl5/site_perl/5.8.0/Net/SSH/Perl.pm line 107., referer: http://www.?????.net/index.php?module=htmlpages&func=display&pid=7 Thu Nov 24 12:55:36 2005 error client x.x.x.x Can't connect to 24.52.242.6, port 22: Connection refused at /usr/lib/perl5/site_perl/5.8.0/Net/SSH/Perl.pm line 204., referer: http://www.?????.net/index.php?module=htmlpages&func=display&pid=7

At this point the CGI dies and all other desired testing stops. Is there any way to force the SSH attempt to "return" like the Telnet attempt?

Any assistance would be greatly appreciated. Thanks in advance.

Comment on SSH connection refusal kills CGI Download Code

Replies are listed 'Best First'.
Re: SSH connection refusal kills CGI by idsfa (Vicar) on Nov 24, 2005 at 20:17 UTC
I'm afraid that if you read the source, you'll see: `connect($sock, sockaddr_in($rport, $raddr)) or die "Can't connect to $ssh->{host}, port $rport: $!";` [download] So the author has decided this is a fatal error. The traditional solution is to wrap the request in an `eval` to catch the exception: `eval { my $ssh = Net::SSH::Perl->new($tsip) } if ( $@ ) { # Error } else { # Success }` [download] P.S. `use strict; use warnings;` The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon	[reply] [d/l] [select]
Re^2: SSH connection refusal kills CGI by Dranzaz (Sexton) on Nov 25, 2005 at 15:53 UTC
Thanks, that is what I needed. My updated version resembles: `if ($@) { if ($@ =~ /Connection refused/) { print "<TD align=center bgcolor=#FF0000>Denied199</TD>"; $tssshtest = 2; } } else { if ($ssh = Net::SSH::Perl->new($tsip, protocol=>1)) { $ssh -> login ($username, $password); print "<TD align=center bgcolor=#00FF00>Granted</TD>"; $tssshtest = 1; } else { print "<TD align=center bgcolor=#FF0000>Denied</TD>"; $tssshtest = 0; } }` [download] All is better now. Many praises.	[reply] [d/l]