xomo has asked for the wisdom of the Perl Monks concerning the following question:

Hi, Here's my problem. I have two boxes and one router. Box-1: Where script will run and it cannot access router. Box-2: Which can access the router via telnet. -------- ---------- ------- | Box 1 | ---> Box 2 | --> Router| ------- ---------- -------- What I want to do is SSH Box2 from Box1 and create some tunnel so that I can access Router through telnet... I cannot run any script on Box2.. so I have no idea how to proceed...I know all the stuff but the thing of tunneling is not getting into my mind as how to approach...

Replies are listed 'Best First'.
Re: SSH Tunneling
by JavaFan (Canon) on Apr 28, 2011 at 19:07 UTC 
    $ ssh -NL 60023:router:23 you@box2
... log in ...
$ telnet localhost 60023
... do your telnet stuff ...

    [download]
    For details, see the ssh manual page. But what has this to do with Perl?
[reply]
[d/l]
      The perl script will run on the Box-1 and will interact with router. so for the user of Box-1 ..the hop box-2 will be transparent. Thanks
[reply]
        Exactly.
[reply]
Re: SSH Tunneling
by Tanktalus (Canon) on Apr 29, 2011 at 03:12 UTC

    In the context of ssh, "tunnelling" has a very specific meaning. I suspect it's not the meaning you're using.

    Personally, I avoid telnet as much as possible - it's both insecure (though likely not an issue in your case, I can't be sure) and annoying, compared to ssh. With ssh, I can tell it to run a single command, so it connects, runs the command, and exits, and so it behaves pretty much like running the command locally, at least from the perspective of using open to pipe from it, or IPC::Open3 to read its stdout and stderr (which is actually how I do it). Because you can't avoid the remote shell parsing the command, it is still a little bit annoying, but not like running telnet where you have to interact with a fully interactive shell, worrying about things like prompts (which can be vastly different depending on who you're running as) and pseudo-terminals (pty). With ssh, I run only one command, and I know it's finished because the subprocess exited. With telnet, it's much more annoying.

    Ok, so that little rant out of the way, what I think you want is to use Expect with a command of 'ssh', '-e', 'telnet router'. I believe Expect can set up the full pty, which simplifies things for you, and then you can interact with the shell on the router just as if it were local. Note that I'm assuming passwordless ssh, though you probably can feed in the password via Expect, too.

[reply]
[d/l]
      1- SSH is password protective 2- If I use Expect and then Telnet then I have to deal with lot of prompts and If I correct here I will not be able to use Net::Telnet::Cisco module. Thanks..
[reply]
Re: SSH Tunneling
by davido (Cardinal) on Apr 28, 2011 at 18:54 UTC

    If this is a linux system can't you just mount a directory from the remote (box 1) filesystem on your on box-2 filesystem, and give the directory rx permission on box2? That's more of an OS/Networking question though.

    Update: I apologize for misreading your question. I thought you were asking about how to locally run a file that exists on a different machine on the same LAN, in which case that would have been a pretty good answer. ;) Given that you were asking a different question than what my eyes saw, I provided a poor answer, in good faith.

    Ahem... move on, nothing to see here.


    Dave

[reply]

Back to Seekers of Perl Wisdom