I'm trying to write a perl script which copies a directory with files from other machine to current machine.
I can use the scp command in shell but it requires a password. Also I don't have the following modules insatlled on my work area (and unfortunately I cant install them):
Net::OpenSSH
Net::SSH::Perl
Net::SCP
Net:: FTP
I do have installed Net::SSH
My mission is to copy the files from other machine to current machine. The main problem is that it requires a password to use scp on shell. Is there any elegant way to solve this problem?
The elegant way is to use public key authentication.
If you really need password authentication, well, besides the ones you listed there are other modules which would allow you to automate it. Check if you have available Net::SSH2, Expect or IO::Pty.
You may also be able to use use some ssh/scp client accepting the password from the command line or from an environment variable* as plink, pscp or lftp.
Another possibility is using the utility sshpass.
(* Note that passing passwords in the command line or in environment variables is a very insecure practice!)
Related
I am currently pen-testing with a Kali software installed machine and a Windows 8 installed Machine.
I am trying to gain access with a psexec_command attack with Metasploit.
Is there maybe a way that I could brute force the credentials for the psexec?
Yes you use a wordlist or generator against -p parameter of psexec.exe after getting a username with wmic.exe or another tool. I don't know of a way to get users in Linux I'm sure there is a tool though. With Linux you can probably do a bruteforce tool in bash using pipes or something.
I am trying to automate an application deployment as part of this I need to upload a file to a server. I have created a minimal user and configured chroot for the SFTP server but I can't work out how to upload a file non interactive.
At present I am doing scp myfile buildUser#myserver.com:newBuilds/
I tried sftp buildUser#myserver.com myfile (newBuilds is the chroot dir) but this didn't upload anything but it did connect.
The reason for favouring this aproach and NOT using scp is that its a lot more difficult to restrict scp access (from the information I have learned).
If you are using OpenSSH server, chrooting works for both SCP and SFTP.
For instructions see:
https://www.techrepublic.com/article/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/
So I believe your question is irrelevant.
Anyway, sftp (assuming OpenSSH) is not really designed for command-line-only upload. You typically use -b switch to specify batch file with put command.
sftp buildUser#myserver.com -b batchfile
With batchfile containing:
put /local/path /remote/path
If you really need command-line-only upload, see:
Single line sftp from terminal or
Using sftp like scp
So basically, you can use various forms of input redirection like:
sftp buildUser#myserver.com <<< 'put /local/path /remote/path'
Or simply use scp, instead of sftp. Most servers support both. And actually OpenSSH scp supports SFTP protocol since 8.7.
Since OpenSSH 9.0 is even uses SFTP by default. In 8.7 through 8.9, the SFTP has to be selected via -s parameter. See my answer to already mentioned Single line sftp from terminal.
You can pass inline commands to SFTP like this:
sftp -o PasswordAuthentication=no user#host <<END
lcd /path/to/local/dir
cd /path/to/remote/dir
put file
END
I resolved this issue by approaching it from a different side. I tried configuring chroot for sftp but could not get this to work. My solution was to use rssh and only allow scp. This works for me because the user I am trying to restrict is known and authenticated user.
I have a perl script that should execute on the log files in the remote server from my local desktop. Could some one suggest me best approach.
I used Net::SFTP but there is a problem with installing SFTP package from CPAN. Is there any good package available in Perl to do this functionality?
Can you tell me whether the following steps are fine?
Open SFTP connection with remote server
execute the perl at remote location from the established connection..
Any sample code for this?
If you mean that the Perl script is on the remote unix server and you want to invoke the Perl script from your local machine, then you can ssh into the remote unix server and then once you are connected, call your perl script using perl yourscript.pl.
If you mean that the Perl script is on your local machine and you are dealing with log files on the remote server, then it would be more efficient to have the Perl script located on the remote server that stores the logs, and invoke it in the way described in the above paragraph.
I'm not clear exactly what you are trying to achieve but if you just want to execute a Perl script on a remote server you may want to look at software specifically built for remote server management.
Tak is one such piece of software but it's quite new and a bit lacking in documentation.
Rex is a more mature, it would seem, piece of software for remote server management.
Both of these should allow you to run commands locally that perform actions remotely on your servers. I wouldn't have thought you'd need to do anything with SFTP and would think you could do it all with those or hand-rolling something with commands over SSH.
Instead of Net::SFTP, try using Net::SFTP::Foreign or, if you want to run commands on the remote host via SSH, Net::SSH2 or Net::OpenSSH .
I use to navigate my remote servers with ssh. Sometimes i would like to download a file to open in my computer.
But the only way i know how to do it is to open a new command line window and use scp from local to remote.
is there a way to do this directly from the ssh server?
like a command that know my current ip so can set up everything automatically?
(wonderful would also be to do the upload in such a way...)
There is no easy way to do it - I used ssh & scp many years the way you just described. But, you may configure ssh & scp in such a way that they don't require password each time, which is very comfortable! For this, you need:
generate keys by ssh-keygen - they can be also passphrase (= password) protected
copy the keys to remote machine to ~/.ssh/authorized_keys
And then, each time you start a session, you run ssh-agent and ssh-add. You just enter the password once. And then you can just run scp/ssh many times, from scripts, etc., without the need to enter the password each time!
I don't remember the exact way how to configure all this, but have a look at manpages of all those useful tools! Many things can be automatized by placing them into ~/.bash_profile or ~/.bashrc files.
I found this while trying to answer your question for myself:
https://askubuntu.com/a/13586/137980
Just install zssh and use Ctrl-# to go into file transfer mode.
I was wondering if anyone has tried using teamcity's command line builder to perform ssh remote login.
Right now, I would like to automate some testing on a QNX neutrino OS which is currently unsupported by teamcity. As a work around, I setup a ssh server on the target qnx machine so i could ssh and sftp the executables in.
Firstly, the source are compiled on Windows XP using qnx's compiler (based on g++). Followed by sftp-ing the executables into qnx neutrino.
Next, using ssh, script the login to remotely start the test apps and send the results back to the remote agent for publishing.
The batch script I created works well standalone, however, after hooking it up on the remote agent, it fails to login ssh and hangs indefinitely at the following command:
ssh -l "./.sh"
Notes:
I have added the remote agent's RSA public key in the QNX .ssh/authorized keys file, automatic login is working.
Is there a need to add the teamcity server's RSA public key in too?
Anyone has any idea on this problem?
I had a few weird problems with key-based SSH logins on QNX related to file permissions for the keys in .ssh. and permissions of parent folders (/home/username and /root).
Add
LogLevel DEBUG3
to /etc/openssh/sshd_config, make sure syslog is configured and is logging sshd output, restart sshd and try again - it will most likely complain about something.
Also, ssh -l "./.sh" makes no sense - -l is used to specify the user name, something is off there.