Posts Tagged ‘OpenSSH’

As a network engineer, I’ve discovered that one of the many great things about Apple’s OSX (possibly the best thing)  is that it is built on UNIX.  This means that many of the tools that come with standard UNIX distributions are included in OSX.  This, in turn, means that engineers don’t need to go buy additional tools for everyday tasks.  One of those tools is an SSL client.  OSX comes with OpenSSH already installed.  Many engineers probably know this, but they may be put off by the manual aspect of working with OpenSSH.  You have to know the IP address of the host you want to manage and type in the SSH command and all the credentials.  This is not necessary with clients like Putty, Secure CRT or TeraTerm.  Sessions can be created and saved along with credentials, making your management sessions only a mouse click away.  I’m here to tell you that you can do all of this from the terminal without having to reach for the mouse or touchpad.

You may already know that you can create a simple shell script that will launch OpenSSH and connect to a host just by executing the script.  This is done by:

1. Creating a file with a .sh suffix using either touch, or vi or your favorite text editing tool as follows: vi remote host.sh.

2. In your script, type the command you want to execute: ssh <username>@<ip_address>

3. Change the permissions on the script to make it executable: sudo chmod +x remotehost.sh

4. Execute the script using a ./, as in: ./remotehost.sh

And that’s it.  Now, if you want to automate the login process, you need only take advantage of the expect feature.  Expect is a powerful tool that can be used in a number of ways.  In this case, we will use it to launch the SSH client, tell it to expect a prompt, and how to respond to that prompt:

expect -c ‘spawn ssh <username>@<ip_address> ; expect password ; send “<your_password>\n” ; interact’ 

Voila, you’re done.  If you’re hyper organized, create a Sessions folder with as many sub-folders as you like and organize your scripts in any way you like.  You can launch your script from the terminal no matter where you are in the directory structure.  Just use the ./ and add the path to your scripts.  I’m sure there is a shortcut that will allow you to cut out the full path somehow, but I haven’t got to that yet.

So don’t go out and buy SecureCRT for Mac, and skip the freeware.  Just use the command above, or any variant that works for you, and save yourself the money and a few mouse clicks.  Leave a comment and let me know if you found this useful.

UPDATE: If you would like to log the output from your terminal session to a file, you need only append the following to your script:

| tee -a /<path>/<filename>

This will create a file and log the output automatically.  The -a will tell tee to append future text, so you will always have a running log.  I use the path that leads to the connection script and I give the file the same name as the script, with the exception of using a .log or .txt suffix.

I’m working on adding a timestamp so that I will know what changes were made when.  As soon as I figure out how to do that, I’ll post it here.


Read Full Post »

%d bloggers like this: