gazzer82

gazzer82

SSH Connection, unable to read any reply from host, others work fine

I am trying to read some data from a Cisco network switch (SG300-28SFP) over ssh.

Initially i couldn’t connect as the switch only support some pretty old ciphers e.t.c, but added those to the connection and i can connect. However i cannot read any replies from the device.

Initially i was trying sshex and sshkit, but am now using erlang :ssh directly to make sure it wasn’t a framework problem.

Here is my (pretty basic, and badly written), code.

  def send_command(command) do
    {:ok, ssh_pid} =
      :ssh.connect('192.168.1.254', 22,
        user: 'cisco',
        save_accepted_host: false,
        silently_accept_hosts: true,
        password: 'cisco',
        modify_algorithms: [
          prepend: [kex: [:"diffie-hellman-group1-sha1", :"diffie-hellman-group-exchange-sha1"]],
          prepend: [public_key: [:"ssh-rsa", :"ssh-dss"]]
        ]
        # ssh_msg_debug_fun: fn _, _, msg, _ -> IO.inspect(msg) end
        # user_dir: Path.expand("../../ssh", __DIR__)
      )

    IO.inspect(
      :ssh.connection_info(ssh_pid, [
        :client_version,
        :server_version,
        :user,
        :peer,
        :sockname,
        :options,
        :algorithums
      ])
    )

    {:ok, chn} = :ssh_connection.session_channel(ssh_pid, 5000)

    _success = :ssh_connection.exec(ssh_pid, chn, command, 5000)

    for _ <- 0..3 do
      receive do
        {:ssh_cm, ^ssh_pid, value} -> IO.inspect(value)
      end
    end

    :ok = :ssh.close(ssh_pid)
  end
end

If i run this, it hangs forever at the receive do loop, like this:

iex(1)> FibreTest.Cisco.send_command("up")
[
  client_version: {{2, 0}, 'SSH-2.0-Erlang/4.12.5'},
  server_version: {{2, 0}, 'SSH-2.0-OpenSSH_5.9p1.RL'},
  user: 'cisco',
  peer: {'192.168.1.254', {{192, 168, 1, 254}, 22}},
  sockname: {{192, 168, 1, 100}, 60691},
  options: [
    modify_algorithms: [
      prepend: [
        kex: [:"diffie-hellman-group1-sha1",
         :"diffie-hellman-group-exchange-sha1"],
        public_key: [],
        cipher: [client2server: [], server2client: []], 
        mac: [client2server: [], server2client: []],
        compression: [client2server: [], server2client: []]
      ],
      prepend: [
        kex: [],
        public_key: [:"ssh-rsa", :"ssh-dss"],
        cipher: [client2server: [], server2client: []],
        mac: [client2server: [], server2client: []],
        compression: [client2server: [], server2client: []]
      ]
    ],
    password: 'cisco',
    pref_public_key_algs: [:"ssh-rsa", :"ssh-dss", :"ecdsa-sha2-nistp384",
     :"ecdsa-sha2-nistp521", :"ecdsa-sha2-nistp256", :"ssh-ed25519",
     :"ssh-ed448", :"rsa-sha2-256", :"rsa-sha2-512"],
    preferred_algorithms: [
      kex: [:"diffie-hellman-group1-sha1",
       :"diffie-hellman-group-exchange-sha1", :"ecdh-sha2-nistp384",
       :"ecdh-sha2-nistp521", :"ecdh-sha2-nistp256",
       :"diffie-hellman-group-exchange-sha256",
       :"diffie-hellman-group16-sha512", :"diffie-hellman-group18-sha512",
       :"diffie-hellman-group14-sha256", :"curve25519-sha256",
       :"curve25519-sha256@libssh.org", :"curve448-sha512"],
      public_key: [:"ssh-rsa", :"ssh-dss", :"ecdsa-sha2-nistp384",
       :"ecdsa-sha2-nistp521", :"ecdsa-sha2-nistp256", :"ssh-ed25519",
       :"ssh-ed448", :"rsa-sha2-256", :"rsa-sha2-512"],
      cipher: [
        client2server: [:"chacha20-poly1305@openssh.com",
         :"aes256-gcm@openssh.com", :"aes256-ctr", :"aes192-ctr",
         :"aes128-gcm@openssh.com", :"aes128-ctr", :"aes256-cbc", :"aes192-cbc",
         :"aes128-cbc", :"3des-cbc"],
        server2client: [:"chacha20-poly1305@openssh.com",
         :"aes256-gcm@openssh.com", :"aes256-ctr", :"aes192-ctr",
         :"aes128-gcm@openssh.com", :"aes128-ctr", :"aes256-cbc", :"aes192-cbc",
         :"aes128-cbc", :"3des-cbc"]
      ],
      mac: [
        client2server: [:"hmac-sha2-256-etm@openssh.com",
         :"hmac-sha2-512-etm@openssh.com", :"hmac-sha2-256", :"hmac-sha2-512",
         :"hmac-sha1-etm@openssh.com", :"hmac-sha1"],
        server2client: [:"hmac-sha2-256-etm@openssh.com",
         :"hmac-sha2-512-etm@openssh.com", :"hmac-sha2-256", :"hmac-sha2-512",
         :"hmac-sha1-etm@openssh.com", :"hmac-sha1"]
      ],
      compression: [
        client2server: [:none, :"zlib@openssh.com", :zlib],
        server2client: [:none, :"zlib@openssh.com", :zlib]
      ]
    ],
    save_accepted_host: false,
    silently_accept_hosts: true,
    user: 'cisco'
  ]
]

If i ssh into the switch from the same machine manually, i get the expected login prompt.

Here’s my open_ssh config (which i also had to edit to enable me to connect)

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# This Include directive is not part of the default ssh_config shipped with
# OpenSSH. Options set in the included configuration files generally override
# those that follow.  The defaults only apply to options that have not been
# explicitly set.  Options that appear multiple times keep the first value set,
# unless they are a multivalue option such as IdentityFile.
Include /etc/ssh/ssh_config.d/*

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
MACs hmac-md5,hmac-sha1,hmac-sha2-256,umac-64@openssh.com
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
#   UserKnownHostsFile ~/.ssh/known_hosts.d/%k
Host *
    SendEnv LANG LC_*
HostkeyAlgorithms ssh-dss,ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group14-sha1

I have various other linux/debian servers as well as some Pi’s that i can issue commands on from elixir/erlang fine.

So, a bit stumped here and wondering if anyone had any suggestions before i resort to the serial port :frowning:

Thanks!

Most Liked

trisolaran

trisolaran

Ok, I know this probably doesn’t help you much, but I would rewrite the code into:

 :success = :ssh_connection.exec(ssh_pid, chn, command, 5000)

To make sure it stops there if that step doesn’t succeed.

Where Next?

Popular in Questions Top

sergio
In Ruby, I can go: User.find_by(email: "foobar@email.com").update(email: "hello@email.com") How can I do something similar in Elixir? ...
New
beno
I will often find my self writing things similar to: case some_value do nil -&gt; something() "" -&gt; something() _ -&gt; somethi...
New
qwerescape
Is there a way to get the call stack or stack trace at any point in the code? Not from exceptions, but an expression that returns how the...
New
gshaw
What is the idiomatic way of matching for not nil in Elixir? E.g., First way: defp halt_if_not_signed_in(conn, signed_in_account) when...
New
JeremM34
Hello, how can I check the Phoenix version ? Thanks !
New
freewebwithme
Using vs code and installed ElixirLS: support and debugger. And I got an error popped up on start up says Failed to run ‘elixir’ comma...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
joaquinalcerro
Hi there, I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
earth10
Hi, I’m just starting to build a side-project with Elixir and Phoenix and doing some basic test with Elixir alone. What strikes me is th...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Other popular topics Top

vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
Harrisonl
We have an ECS cluster with 4 services, where each task joins a single cluster, via discovery ECS discovery service. Currently when I de...
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
chrismccord
As promised, the first release candidate of Phoenix 1.3.0 is out! This release focuses on code generators with improved project structure...
New
josevalim
Hi everyone, One of the features added to Elixir early on to help integration with Erlang code was the idea of overridable function defi...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
nobody
Hi! In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir? Searched the docs for ip address and the web, no good results. Thanks!
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
hariharasudhan94
Lets say I have map like this fetching from my database %{"_id" =&gt; #BSON.ObjectId&lt;58eb1a7a9ad169198c3dXXXX&gt;, "email" =&gt; ...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement