How do I send a password to a command I start with Perl's Expect.pm

$exp->send("string\n");

Of course, you haven't started any commands with Expect, so that's a very odd question to ask.

I'm not allowed to install another module(politics/not rights).

So if I post my code here, you can use it, but if I post on it on CPAN, you can't? That doesn't make any sense. Perhaps you could clarify why you think you can't install a module.

• Because you don't have permission? You don't need special permissions.
• Because you don't want to install it in the system directory? You don't have to install it in the system directory.
• Because you're allergic to the .pm file extension? Rename the .pm files to .pl files.
• Because you're allergic to the CPAN? Have someone copy the module from CPAN for you.
• Because the code isn't in your version control system? Put it in your version control system.
• Because your out of disk space? Get more disk space.

If it's any of the above, address the issue and install Net::SSH::Expect. If not, then maybe it's one of the following:

• Because you can't use external code? Then we can't help you.

These lists are far from exhaustive. If your situation doesn't match, let me know what the situation is.

*) I don't have root permission, off course it needs privilege permission beyond a simple user.
*) This server don't have access to internet so (cpanm,local::lib,perlbrew) and installing Net::SSH::Expect isn't possible.

off course it needs privilege permission beyond a simple user.

Simple users can install modules. Like I said, you don't need special permissions to install a module. You can install modules into any directory.

This server don't have access to internet

Whatever means you use to place your script on the server can also be used to place the script known as the Net::SSH::Expect module.

It would be far better to take a different approach to handling your passwords!

First of all, you never want a script to be able to log-on to anything as root.

while (1) { print "never! "; }

Secondly, if you need to maintain consistent passwords across a large number of systems, “the right way to do it” (IMHO...) is to use LDAP authentication.   Instead of consulting a local password-file, your system issues a secure LDAP query to a central server.   (Yes, I am drawing a simplified picture.)   Now you can manage all of your authentication and authorization tasks, across systems of all types, from one central location.   Most major subsystems are already aware of it.   Apache, for example, provides mod_ldap.   I really don’t think that I am wrong to say, “this is how it’s done in the real world; go thou and do likewise.”

(Incidentally, Microsoft calls the same technology Active Directory.™)

Linux systems have a very nice facility known as PAM (Pluggable Authentication Modules) which provides a very flexible interface foundation.   There are drop-in authentication modules which consult LDAP.

(Please note also that there are competing technologies, such as Kerberos, which perform a comparable function.   The essential idea for our purposes is the same.)

Thanks for reminder, my script login as root using ssh keys so I don't think is an issue.


My problem here is very simple actually if only the affected system(HP-UX) will support it. I just simple need to change/update the password of the user, so I did is login the system as root via Net::SSH::Perl, and execute 'passwd username' after that the system will prompt for new password for that user thus my problem arise, how to supply/key-in the password on the prompt, the same reason I try to use Expect.pm but as I don't how to use it then came this seek for help.

False. You don't want your root authentication to be dependent on some sort of remote authentication, nor do want it to be based on trust. The first you loose access to the system should your LDAP/Kerberos/Active Directory be down. The second because getting root on a trusted machine gives you root on all machines. Since your root is not LDAP/etc. you will want a script to automate the root password change eventually.

Make one system be the authoritative source of the passwd file, and then have the other systems pull the file from there via cronjob. A certain place I worked did this for many thousands of machines with 99-point-many-nines-percent success. Every once in a while a particular machine would fail the pull; the retry next hour usually fixed it without any intervention.

Neither rsync nor scp will require the installation of anyting except for authorized keys so the password file can be copied without requiring the root password.

We have a number of systems(redhat,hp-ux,aix,solaris) and for different customer we are using different centralize authentication system(MS-AD for redhat, YES we use MS, SunOne LDAP for our solaris) this system in question is HP-UX and they don't have a uniform user contents on /etc/passwd.

Please don't tell me you use the same IDs and passwords at different customers. That's not at all safe. Does anyone other than yourselves have root (or admin privileges) on these machines? Consider the ramifications. Hacked copy of login, anyone?

To be more direct: sharing passwords across customers could lead to a situation where one customer acquires access to a password belonging to the logins used by your company, giving them access to machines at your other customers, using an ID belong to your company. That would be a bad thing indeed. They might do anything; they could certainly masquerade as the user they got access to; if you use the same passwords internally too, then they could have access to YOUR machines. Consider getting a password manager for the machines at your company and using different passwords for every customer. Shared passwords used this way will sooner or later get you bitten.