slowfib Posted September 24, 2010 Share Posted September 24, 2010 I've been working on a script on and off for a while to SSH to a Cisco ASA and run some commands, but I haven't had any luck returning data from my commands. I'm able to login to the device just fine, but they either hang after the first command or do nothing. I've had the best success with the 2nd method. I'm not sure I'm using the stream_set_blocking function correctly. Sometimes I get partial data back but can't run any commands after than, or nothing is returned at all. Here are 2 methods I've been trying to work with: // With Net_SSH2: require("lib/SSH2.php"); $ssh = new Net_SSH2($ip); if (!$ssh->login($username, $password)) { exit('Login Failed'); } $vpncmd = "?"; echo $ssh->exec($vpncmd); // With PHP built in SSH2 library $ssh = ssh2_connect($ip, 22); if (!ssh2_auth_password($ssh, $username, $password)) { exit('Login Failed'); } $vpncmd = "?"; $stream = ssh2_exec($ssh, $vpncmd) or die("error"); stream_set_blocking($stream, false); $data = ""; while ($buf = fread($stream, 4096)) { $data .= $buf; } fclose($stream); echo $data; From my Google searches, I've seen some suggestions that Cisco's IOS might have some problems after running the first command, or that SSH2 isn't supported very well (I've tried SSH1 too and had the same problem), but never any resolutions to the issue. If anyone has any suggestions, I'd really appreciate it. Or even if there is a way to display debug info on the connection status and could troubleshoot that. Or if there's even some way I can push all my commands through Putty.exe Thank you! Quote Link to comment https://forums.phpfreaks.com/topic/214260-ssh-cisco-ios/ Share on other sites More sharing options...
niwa3836 Posted January 30, 2011 Share Posted January 30, 2011 Try unpicking some of this and see if it helps....sorry not pretty...looks like you are not creating a shell? (this is for a Cisco PGW but should work with any SSH2 requirements... let me know how you get on! function PGWscripts($pgwCommandString) { // ------------------- PARAMETERS $Dontrun = 0 ; // set to 1 to avoid actually performing the script $Flush = 0 ; // Normal value is 0 for TDT use (flush kills http headers) $SSH_debug = 1 ; // Yes we want debugs! $SSH_usleep = 1000000 ; // 0.5 sec $SSH_IPaddress = "<removed>" ; // The PGW address to connect to via SSH2 // $SSH_username = "removed" ; // The PGW user // $SSH_password = "removed" ; // The PGW password baa#123 $SSH_username = "removed" ; // The PGW user $SSH_password = "removed" ; // The PGW password baa#123 // $SSH_username = "mgcusr" ; // The PGW user // $SSH_password = "cisco" ; // The PGW password baa#123 // -------------------------------------- niwaWriteLog("PGWscripts: Process Start command string [" . $pgwCommandString . "]","Diag") ; $j = 0 ; $pgwSingleCommand = explode("*",$pgwCommandString) ; while(isset($pgwSingleCommand[$j])) { if($pgwSingleCommand[$j] != NULL || $pgwSingleCommand[$j] != "") niwaWriteLog("PGWscripts: Command [".$j."] is [".$pgwSingleCommand[$j]."]","Diag") ; $j++ ; } // end of while niwaWriteLog("SSH: *** PGW connection, IP Address [" . $SSH_IPaddress . "]","Diag") ; if($Dontrun) // -------------------------------------------- DEBUG ONLY ---------------------------------- { niwaWriteLog("PGWscripts: *************** WARNING DEBUG BREAK OUT IS TURNED ON, NO COMMANDS SENT","Diag") ; return 999 ; } // -------------------------------------------- DEBUG ONLY ---------------------------------- $returncode = 0 ; if (!($resource=@ssh2_connect($SSH_IPaddress))) { // echo "[FAILED]<br />"; if($SSH_debug) niwaWriteLog("SSH: Failed IP connection","Diag") ; return(50); } //echo "[OK]<br />"; if($SSH_debug) niwaWriteLog("SSH: Connected to IP Address [" . $SSH_IPaddress . "]","Diag") ; // Authentification by login/passwd //echo "Authentification "; if($SSH_debug) niwaWriteLog("SSH: Attempt login with username [" . $SSH_username . "]","Diag") ; if (!@ssh2_auth_password($resource,$SSH_username,$SSH_password)) { // echo "[FAILED]<br />"; if($SSH_debug) niwaWriteLog("SSH: Failed to login","Diag") ; return(51); } // echo "[OK]<br />"; if($SSH_debug) niwaWriteLog("SSH: Login OK with username [" . $SSH_username . "]","Diag") ; // We need a shell // echo "Shell stdio "; if($SSH_debug) niwaWriteLog("SSH: Now require SHELL","Diag") ; if (!($stdio = @ssh2_shell($resource,"xterm"))) { // echo "[FAILED]<br />"; if($SSH_debug) niwaWriteLog("SSH: Failed to acquire XTERM SHELL","Diag") ; return(52); } // echo "[OK]<br />"; if($SSH_debug) niwaWriteLog("SSH: SHELL acquired OK","Diag") ; // mml connection // Be careful to add an '\n' at the end of the command $command = "mml\n"; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . stripN($command) . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { if($Flush) flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . stripN($line) . "]","Diag") ; } /* --------------------------------- // $command = "numan-add:fullnumbertrans:svcname=\"2E2\",numtype=\"1\",digstring=\"650000\",translatednum=\"0150000\"\n"; $command = "numan-" . $adddelete . ":fullnumbertrans:svcname=\"" . $svcname . "\",numtype=\"" . $numtype . "\",digstring=\"" . $digstring . "\",translatednum=\"". $translatednum ."\"\n"; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . $command . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . $line . "]","Diag") ; } ---------------------------- */ $j = 0 ; $pgwSingleCommand = explode("*",$pgwCommandString) ; while(isset($pgwSingleCommand[$j])) { if($pgwSingleCommand[$j] != NULL || $pgwSingleCommand[$j] != "") { niwaWriteLog("PGWscripts: Command [".$j."] is [".$pgwSingleCommand[$j]."]","Diag") ; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . $pgwSingleCommand[$j] . "]","Diag") ; fwrite($stdio,$pgwSingleCommand[$j] . "\n"); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { if($Flush) flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . stripN($line) . "]","Diag") ; } // while } // if $j++ ; } // end of while // ------------------------------- $command = "quit\n"; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . $command . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { if($Flush) flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . stripN($line) . "]","Diag") ; } // ------------------------------- $command = "exit\n"; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . $command . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { if($Flush) flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . stripN($line). "]","Diag") ; } // ------------------------------- $command = "logout\n" ; if($SSH_debug) niwaWriteLog("SSH: Sending command [" . $command . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); // Then u can fetch the stream to see what happens on stdio while($line = fgets($stdio)) { if($Flush) flush(); // echo $line."<br />"; if($SSH_debug) niwaWriteLog("SSH: Got Response [" . stripN($line). "]","Diag") ; } // ------------------------------- /* ------------cut---------------- $command = ":wq\n"; niwaWriteLog("SSH: Sending command [" . $command . "]","Diag") ; fwrite($stdio,$command); usleep($SSH_usleep); $search = "written" ; $search_preg = "/" . $search . "/i" ; while($line = fgets($stdio)) { flush(); $line=preg_replace("/^.*?\n(.*)\n[^\n]*$/","$1",$line); if (preg_match($search_preg, $line)) niwaWriteLog("SSH: Found command [" . $search . "] OK","Diag") ; niwaWriteLog("SSH: Got Response [" . $line . "]","Diag") ; } -------------------- */ // It's always cleaner to close all stream niwaWriteLog("SSH: PGW Code Finished Result [" . $returncode . "]","Diag") ; usleep($SSH_usleep); // is this needed? fclose($stdio); return $returncode ; } // End of function PGWscripts function stripN($command) { $command = str_replace("\r","",$command) ; $command = str_replace("\n","",$command) ; return($command) ; } // stripN Quote Link to comment https://forums.phpfreaks.com/topic/214260-ssh-cisco-ios/#findComment-1167283 Share on other sites More sharing options...
slowfib Posted March 4, 2011 Author Share Posted March 4, 2011 Thanks niwa3836! It's been a while since I've looked at this problem, but I'm going to try your code and see if it'll help. Also, do you think you could provide the code for your niwaWriteLog function? Thank you! Quote Link to comment https://forums.phpfreaks.com/topic/214260-ssh-cisco-ios/#findComment-1182961 Share on other sites More sharing options...
Maq Posted March 4, 2011 Share Posted March 4, 2011 Guys, in the future please use the tags. Quote Link to comment https://forums.phpfreaks.com/topic/214260-ssh-cisco-ios/#findComment-1182963 Share on other sites More sharing options...
slowfib Posted March 5, 2011 Author Share Posted March 5, 2011 niwa3836, your code works wonderfully! I've been looking for a solution like this since September! Thank you very much for your suggestion! Quote Link to comment https://forums.phpfreaks.com/topic/214260-ssh-cisco-ios/#findComment-1183088 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.