wisem2540 Posted September 8, 2014 Share Posted September 8, 2014 Whenever I try to SSH into a Cisco Controller, which I believe is using TACACS, I get a "LOGINAS" prompt, before I get the traditional username/password prompt. It seems that even using -l and -pw, it still does not allow me past this prompt. I am hoping someone here has some ideas. I am trying to use autoit to execute and automated login and capture some data Link to comment Share on other sites More sharing options...
Kovacic Posted September 8, 2014 Share Posted September 8, 2014 Do you have some code for us to look at, or are you just looking for methodology? C0d3 is P0etry( ͡° ͜ʖ ͡°) Link to comment Share on other sites More sharing options...
ViciousXUSMC Posted September 8, 2014 Share Posted September 8, 2014 (edited) When you attempt a manual connection without script you have the same issue correct? Not sure how you want to automate it without knowing a way to do it normally first. Can you not just use ControlSend to the first window to enter the needed information and proceed to the next login prompt? Screenshots or more information would be helpful. I know on Cisco devices you can have multiple layers of security. For example on ours we have login enabled on the port first (Telnet) and once you have port access you must log in again to get to privileged mode. Edited September 8, 2014 by ViciousXUSMC Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 Yes that is correct. Same issue. The LOGINAS prompt is nothing. You can simply press enter to move on. The problem is, I want this script to run and export some data for me every 15mins. I can send screenshots if you want, but I dont think I can use Controlsend because, if I run as a scheduled task, I would have no way to guarantee someone is always logged into the console, correct? Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 Do you have some code for us to look at, or are you just looking for methodology? Kovacic, I cant even get the login piece to work because of this LOGINAS prompt. I was just hoping someone has seen it before. I have a post on the Cisco forums as well. Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 I have look at this example >thread that uses PLINK to access to connect to a iMac through SSH. This may give you some ideas. You will have to add code to deal with the LOGINAS prompt. Also, do the know the user name to use for the LOGINAS prompt? Adam Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 At the LoginAS prompt, I can simply press ENTER to dismiss it. The problem is still rgar plink does not actually function, I believe because of this. if I use Plink.exe -ssh -l username -pw password, it does not allow me to connect. I have used this method in other scripts to work with SSH, so I know it works. But plink, or putty does not seem to have provisions for dealing with a "secondary prompt" Also, Remember that I cannot just simply send an enter command, because, in theory, the window will not be visible. Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 What do you get when you enter the following a the command prompt with PLINK? Put your server name for the hostname. plink -ssh hostname Adam Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 I get the LOGIN AS prompt I described before. If I press enter, or enter anything and press enter, I get the actual username prompt Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 What is the exact text returned with previous command that I gave you? This will help me update the _PlinkConnect function to work with this system. Adam Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 Is this enough information? See how when I try to pass the username; it assumes I mean it for the LOGIN AS field. Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 Few more questions. When you hit the enter key after the "logon as:" prompt, what text do you get? I do not see a screen shot of that. The second screen shot looks like you are logged into the actual controller, due to the "Cisco Controller" prompt. Did you try entering the same user name and password at this prompt. What is the model number for this controller? Maybe I can find the docs on how to log into using ssh. Just to let you know what I'm trying to do with updating the function. I'm trying to have the function read the text so it knows what commands to send back to the process to login. Adam Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 (edited) Adam, I understand what you are trying to do, and I will help any way I can. In our environment, we do not use the LOGINAS prompt. I could literally enter anything. When I hit the enter key, I get what you see in the second screenshot. Its just using my -l switch for the login prompt, when it should be waiting. Make sense? I can manally login fine. That is not the issue. The model of the controller is an 8510 Ive attached a screenshot showing what happens if I just press enter. I imagine for completion sake, youll need a param to specify this in case someone actually wants to use it. Hope this helps Edited September 9, 2014 by wisem2540 Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 (edited) Thanks for the additional info. I ask for the model as I like to look at the docs directly, when I can. I think I have it. Give this example script a try. expandcollapse popup#include <Constants.au3> Global $iPIDPlink = _PlinkConnectCiscoController("10.56.10.2", "chip", "mypassword") _PlinkSend($iPIDPlink, "show time") ;Example controller command. Global $sPlinkReturn = _PlinkRead($iPIDPlink) ConsoleWrite($sPlinkReturn & @LF) _PlinkExit($iPIDPlink) ; #FUNCTION# ==================================================================================================================== ; Name ..........: _PlinkConnectCiscoController ; Description ...: Use Plink to connect to a remote server using SSH. ; Syntax ........: _PlinkConnectCiscoController($sHostName, $sUserName, $sPassword) ; Parameters ....: $sHostName - A string of the host server name or IP Address. ; $sUserName - A string of the SSH User Name. ; $sPassword - A string of the SSH Password. ; Return values .: Success - $iPID - the PID of the Plink session. ; Failure - 0, sets @error to: ; |1 - Plink.exe not found in @ScriptDir. ; |2 - Error running Plink.exe. ; Author ........: spudw2k ; Modified ......: Adam Lawrence (AdamUL) ; Remarks .......: ; Related .......: _PlinkExit ; Link ..........: http://www.autoitscript.com/forum/topic/130536-interacting-with-a-remote-computer-via-ssh/page__p__910252#entry910252 ; Example .......: No ; =============================================================================================================================== Func _PlinkConnectCiscoController($sHostName, $sUserName, $sPassword) Local $sEXE = @ScriptDir & "\plink.exe" ;~ $sEXE = "plink.exe" If Not FileExists($sEXE) Then Return SetError(1, 0, 0) ;~ $iPID = Run('"' & $sEXE & '" -ssh -pw ' & $sPassword & " " & $sUserName & "@" & $sHostName, @ScriptDir, @SW_HIDE, 0x1 + 0x8) ;Run SSH.EXE Local $iPID = Run('"' & $sEXE & '" -ssh ' & $sHostName, @ScriptDir, @SW_HIDE, $STDIN_CHILD + $STDERR_MERGED) ;Run SSH.EXE If Not $iPID Then Return SetError(2, 0, 0) Local $sReturn = _PlinkRead($iPID) If StringInStr($sReturn, "login as:") Then _PlinkSend($iPID, @CR) EndIf $sReturn = _PlinkRead($iPID) ;Check for Login Success - Prompt If StringInstr($sReturn, "Store key in cache? (y/n)") Then _PlinkSend($iPID, "y" & @CR) ;Store key in registry. ;~ _PlinkSend($iPID, "n" & @CR) ;Do not store key in registry. $sReturn = _PlinkRead($iPID) EndIf If StringInstr($sReturn, "Access denied") Or StringInstr($sReturn, "FATAL") Or StringInstr($sReturn, "Using keyboard-interactive authentication") _ Or StringInstr($sReturn, "Unable to open connection") Or Not ProcessExists($iPID) Then Return SetError( 3, 0, 0) If StringInStr($sReturn, "User:") Then _PlinkSend($iPID, $sUserName & @CR) EndIf $sReturn = _PlinkRead($iPID) If StringInStr($sReturn, "Password:") Then _PlinkSend($iPID, $sPassword & @CR) EndIf Return $iPID EndFunc ; #FUNCTION# ==================================================================================================================== ; Name ..........: _PlinkRead ; Description ...: Read text data returned from the connected server. ; Syntax ........: _PlinkRead($iPID) ; Parameters ....: $iPID - PID returned from _PlinkConnect. ; Return values .: Success - String returned from StdOutRead of Plink. ; Failure - -1, sets @error to: ; |1 - Invaild Plink PID. ; Author ........: spudw2k ; Modified ......: Adam Lawrence (AdamUL) ; Remarks .......: ; Related .......: _PlinkSend ; Link ..........: http://www.autoitscript.com/forum/topic/130536-interacting-with-a-remote-computer-via-ssh/page__p__910252#entry910252 ; Example .......: No ; =============================================================================================================================== Func _PlinkRead($iPID) If Not $iPID Then Return SetError(1, 0, -1) Local $sDataA Local $sDataB Do $sDataB = $sDataA Sleep(100) $sDataA &= StdOutRead($iPID) If @error Then ExitLoop Until $sDataB = $sDataA And $sDataA And $sDataB Return $sDataA EndFunc ; #FUNCTION# ==================================================================================================================== ; Name ..........: _PlinkSend ; Description ...: Send text data to the connected server. ; Syntax ........: _PlinkSend($iPID, $sCmd) ; Parameters ....: $iPID - PID returned from _PlinkConnect. ; $sCmd - A string of the command to send. ; Return values .: Success - 1 ; Failure - 0, sets @error to: ; |StdinWrite @error code. ; Author ........: spudw2k ; Modified ......: Adam Lawrence (AdamUL) ; Remarks .......: ; Related .......: _PlinkRead ; Link ..........: http://www.autoitscript.com/forum/topic/130536-interacting-with-a-remote-computer-via-ssh/page__p__910252#entry910252 ; Example .......: No ; =============================================================================================================================== Func _PlinkSend($iPID, $sCmd) Local $iChars = StdinWrite($iPID,$sCmd) Return SetError(@error, 0, $iChars) EndFunc ; #FUNCTION# ==================================================================================================================== ; Name ..........: _PlinkExit ; Description ...: End a Plink session. ; Syntax ........: _PlinkExit($iPID) ; Parameters ....: $iPID - PID returned from _PlinkConnect. ; Return values .: Success - 1 ; Failure - 0, sets @error to: ; |ProcessClose @error code. ; Author ........: spudw2k ; Modified ......: Adam Lawrence (AdamUL) ; Remarks .......: ; Related .......: _PlinkConnect ; Link ..........: http://www.autoitscript.com/forum/topic/130536-interacting-with-a-remote-computer-via-ssh/page__p__910252#entry910252 ; Example .......: No ; =============================================================================================================================== Func _PlinkExit($iPID) Local $iClosed = ProcessClose($iPID) Return SetError(@error, 0, $iClosed) EndFuncAdam Edited June 15, 2015 by AdamUL Error in Code Link to comment Share on other sites More sharing options...
wisem2540 Posted September 9, 2014 Author Share Posted September 9, 2014 Adam, I know this must be almost impossible because you are working blind. Maybe we can set somehting up where I can give you remote access? In any event, This is still not working Local $sEXE = @ScriptDir & "plink.exe" you were missing a here so I added that. I changed the show flag for plink to SHOW so I could watch it. Unfortunately it just hangs. After 10mins, I closed it. I put in a msgbox for Sreturn, and it returns blank Something must still be off... Link to comment Share on other sites More sharing options...
AdamUL Posted September 9, 2014 Share Posted September 9, 2014 What is showing in the console when it hangs? Also, do you have the ssh key for the controller stored in the registry under your profile. I figured that I wouldn't run the first time, since I couldn't' test it directly. Adam Link to comment Share on other sites More sharing options...
wisem2540 Posted September 25, 2014 Author Share Posted September 25, 2014 Adam, I apologize for the delay in getting back to you, I have been on vacation. Perhaps we could setup a teamviewer session and I can show you more directly what happens? Link to comment Share on other sites More sharing options...
SatishMohanan Posted June 15, 2015 Share Posted June 15, 2015 Did you ever get a work around on this ? I am facing a same issue wherein am trying to connect to a Cisco WLC via plink to invoke a command for taking a backup to a TFTP. the WLC would first give me a LOGINAS.. I can hit Enter or anything after which I get the actual prompt to enter the credentials. Do let me know if you found any resolution . Link to comment Share on other sites More sharing options...
Scripthen Posted June 15, 2015 Share Posted June 15, 2015 best thing to do is to use {ENTER} or {NUMPADENTER} and have your password in the script as plain text and simply use Send(). Just encrypt the shit out of it. Link to comment Share on other sites More sharing options...
AdamUL Posted June 15, 2015 Share Posted June 15, 2015 @Scripten,I would beg to differ. Using {ENTER}, {NUMPADENTER}, Send, and automating the CMD window can be very unreliable. @SatishMohananWhat does the text prompt look like before you have to hit enter? Is it "LOGINAS", "login as:", or something different? Adam Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now