2

I'm trying to run commands over ssh on a cisco switch and print the result to the console. I have successfully done this with a debian linux server. On the cisco switch however the execution of the command blocks the main function and it never finishes.

package main

import (
    "bytes"
    "fmt"
    "golang.org/x/crypto/ssh"
)

func main(){
    // Client configuration
    config := &ssh.ClientConfig{
        User: "admin",
        Auth: []ssh.AuthMethod{
            ssh.Password("mypassword"),
        },
    }
    //Connection
    fmt.Println("Connecting...")
    client, err := ssh.Dial("tcp", "10.0.0.1:22", config)
    if err != nil {
        panic("Failed to dial: " + err.Error())
    }
    fmt.Println("Connected...")

    //Session
    fmt.Println("Creating Session...")
    session, err := client.NewSession()
    if err != nil {
        panic("Failed to create session: " + err.Error())
    }
    fmt.Println("Session created...")
    defer session.Close()

    // Execute a single command 
    var b bytes.Buffer
    session.Stdout = &b
    fmt.Println("Running command...")
    if err := session.Run("show environment all"); err != nil {
        panic("Failed to run: " + err.Error())
    }

    fmt.Println("Command run: Output:", b.String())
}

Return (hangs at session.Run() ) :

Connecting...
Connected...
Creating Session...
Session created...
Running command...

I am fishing in the dark at the moment. Any help is appreciated! Thank you!

Edit: I know that my program hangs exactly here:

if err := <-s.errors; err != nil && copyError == nil {
        copyError = err
}

within the Wait() function of Go's x/crypto/ssh package (session.go). I am however not sure why. Seems like at this point we are waiting to get an error from the sessions errors-channel. But at this point my go skills leave me hanging...

Edit 2: When I run my code, my CISCO switch tells me the following in the log.

SWU-ACS-02#26-May-2015 19:07:50 %AAA-I-CONNECT: User CLI session for user admin over ssh , source 10.0.0.2 destination  10.0.0.1 ACCEPTED, aggregated (1)
26-May-2015 19:08:09 %AAA-I-CONNECT: User CLI session for user admin over ssh , source 10.0.0.2 destination  10.0.0.1 ACCEPTED

Edit 3: This is the output of ssh with the most verbose option (-vvv)

admin@10.0.0.1's password:
debug3: packet_send2: adding 48 (len 61 padlen 19 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to 10.0.0.1 ([10.0.0.1]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug1: Sending environment.
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env SSH_CLIENT
debug3: Ignored env SSH_TTY
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env LANGUAGE
debug3: Ignored env LS_OPTIONS
debug3: Ignored env LOGNAME
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env _
debug1: Sending command: show environment all
debug2: channel 0: request exec confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 256 rmax 128
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
John Weldon
  • 39,849
  • 11
  • 94
  • 127
Riscie
  • 3,775
  • 1
  • 24
  • 31
  • 1
    Naive question: can you successfully call `ssh admin@10.0.0.1:22 show environment all`? – kopiczko Jan 08 '16 at 15:12
  • Have you tried reading stderr too (or `s.CombinedOutput`)? Can you exec a command in this manner with openssh? (it's been a long time since I used IOS, and I can't remember if there's a way to enforce interactive only sessions)? – JimB Jan 08 '16 at 15:13
  • Hey @kopiczko. Not sure if I understand correctly. I can ssh into the switch and run the command, but that's not what you mean, right? – Riscie Jan 08 '16 at 15:19
  • @Riscie yes that is what he means – Datsik Jan 08 '16 at 15:19
  • @JimB I tried to read from stderr too, but there is also nothing which arrives. I will try openssh now... – Riscie Jan 08 '16 at 15:20
  • @Riscie simply copy&paste grey text and hit enter in your shell and tell what happened. (also enter 'mypassword' for password prompt) – kopiczko Jan 08 '16 at 15:20
  • Thank you @kopiczko I think you are right here. It does not return, just like in my code... so this seems to be related to the cisco device. Any ideas why this is the case? – Riscie Jan 08 '16 at 15:23
  • 1
    So this is the answer: the code doesn't work because you have sth broken with your ssh config. Try to search for authentication methods order or something like that. – kopiczko Jan 08 '16 at 15:24
  • 2
    run the ssh command with `-vvv` and see what it's doing when it hangs. – JimB Jan 08 '16 at 15:29
  • ok, had the -vvv at the wrong place, i have something to debug now... See the edit – Riscie Jan 08 '16 at 15:38
  • So this command works and returns: echo "show environment all" | ssh admin@10.0.0.1 -tt which means this has to do with the tty? – Riscie Jan 08 '16 at 15:57
  • Maybe look up how to enable `scp` in IOS? It's also sent as an command to exec without a shell. – JimB Jan 08 '16 at 17:55

0 Answers0