Disconnect SSH session after One Login Attempt

rleugers · #1 07-13-2010, 09:58 AM

I am using the crt.session.connect method to connect to my devices. The problem I am seeing is that when I run into a device which doesn't support my login/password, instead of failing and moving on, SecureCRT seems to hang as the device awaits another password attempt which my method doesn't seem to support.

I need to bypass this behavior either through a timeout value, or by some option which tells the SecureCRT to move on after one failure.

Any suggestions?

rtb · #2 07-13-2010, 11:18 AM

Hi rleugers,

You pose an interesting dilemma.

You could use something similar to the following to move to the next host:

Code:

crt.Session.Connect "/SSH2 /L user /PASSWORD test 192.168.0.1", False
If crt.Screen.WaitForString("Password:") Then
    MsgBox "Invalid Password"
Else
    MsgBox "Connected"
    ' ... do work
End If

Does this seem like it will meet your needs?

rleugers · #3 07-13-2010, 11:42 AM

No -- this seems to get hung on the method call -- which is the reason for my question.

It never returns from the method call in general. I have not been able to put together any tests to detect it.

Another interesting feature is that if I disconnect the session through the terminal, the script continues to run.

rtb · #4 07-13-2010, 11:55 AM

Hi rleugers,

Thanks for the update. What version of SecureCRT are you using?

Would you post the script you are using?

rleugers · #5 07-13-2010, 12:26 PM

6.5.

When I manually disconnect the hung session, I get the following message:

Password authentication failed.
Please verify that the username and password are correct.
Password:

Which is why I believe I am not getting past the method call.

rleugers · #6 07-13-2010, 12:29 PM

# $language = "PerlScript"
# $interface = "1.0"

# Enable errors
#
use Win32::OLE;
Win32::OLE->Option(Warn => 2); #This will ignore connection errors

use Net::Ping; #will be used to precheck if a host is available.

($Second, $Minute, $Hour, $DayofMonth, $Month, $Year, $WeekDay, $DayOfYear, $IsDST) = localtime(time); # Get date and time.

$RealMonth = $Month+1;
$FullYear = $Year + 1900;

# define some useful constants

$true = 1;
$false = 0;

$ReadWaitTime = 3; #Controls how long I wait for command results to be sent in SecureCRT.

#The following service account can only run show commands

$user = "net_assess";
$pass = "luv2ev5luat3";

#Object ensures we don't lose data

$crt->Screen->{'Synchronous'} = $true;

#Error log
open ( ERROROUTFILE, ">", "D:\\Perl\\Network\\ConnectErrors.$DayofMonth.$Rea lMonth.$FullYear.csv" ) ; #Error log
print ERROROUTFILE "These are errors for this run\n";

open (RESULTSFILE, ">", "D:\\Perl\\Network\\MACRESULTS.$DayofMonth.$RealMo nth.$FullYear.csv"); #This is the ultimate results file which will be processed
print RESULTSFILE "Switch Name, Switch IP, VLAN, Computer MAC Address, Interface\n"; #Print header for the results file

#Open file with store number and IP information

open (INDB, "D:\\Perl\\Network\\StoreList.csv") or die "cannot find file";
@RawStoreInfo = <INDB>;
close (INDB);

# Read the commands to be used in the CLI

open (INDB, "D:\\Perl\\Network\\IOSCMD.txt");
@COMMANDS = <INDB>;
close (INDB);

#Prep the switch and connection data

for ($i = 0; $i <= $#RawStoreInfo; $i+=1)
{
#Separate the store info from the IP info
@SplitStoreInfo = split (/\,/,$RawStoreInfo[$i]);

#Separate the IP address octets

@IPRaw = split (/\./,$SplitStoreInfo[1]);
#Make the switch IP address
$SwitchIP = "$IPRaw[0].$IPRaw[1].$IPRaw[2].242";

#Load it into a final 2d array for future use

$StoreInfo[$i,0] = "SW10".$SplitStoreInfo[0];
$StoreInfo[$i,1] = $SwitchIP;

#StoreInfo is now useable data for running the MAC Address pull commands.

$SIG{ALRM} = sub
{
$crt->Session->Disconnect();
exit -1;
};

$Pinger = new Net::Ping;

if ($Pinger -> ping($StoreInfo[$i,1])) #Check to see if device is up BEFORE we do anything else.
{
eval
{
#try SSHV2 first
$SSHV2session = $crt->Session->Connect("/SSH2 /ACCEPTHOSTKEYS /L $user /PASSWORD $pass " . $StoreInfo[$i,1]), False;
};

if (!$@) #Successful connection with SSH v2. Process curley brackets,
{
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
$crt->Screen->Send('term len 0'."\015");
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
for ($j = 0; $j <= $#COMMANDS; $j+=1)
{
$crt->Screen->Send("$COMMANDS[$j]"."\n");
$crt->Screen->WaitForString("\n", $ReadWaitTime);
$CMDResults=$crt->Screen->ReadString("SW", $ReadWaitTime);
}
$crt->Session->Disconnect();
}
else
{
if ($@)
{
eval #Try Telnet next
{
$Telnetsession = $crt->Session->Connect("/TELNET " . $StoreInfo[$i,1]);
};
if (!$@)
{
#$crt->Screen->WaitForString("^.*#\$", 1);
$crt->Screen->WaitForString("^.*#\$", 1);
$crt->Screen->Send("$user \015");
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
$crt->Screen->Send("$pass \015");
$crt->Screen->Send("term len 0\015");
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
for ($j = 0; $j <= $#COMMANDS; $j+=1)
{
$crt->Screen->Send("$COMMANDS[$j]"."\n");
$crt->Screen->WaitForString("\n", $ReadWaitTime);
$CMDResults=$crt->Screen->ReadString("SW", $ReadWaitTime);
}
$crt->Session->Disconnect();
}
}
else
{
if($@)
{
eval
{
$SSHv1session = $crt->Session->Connect("/LOG $LogFile /SSH1 /ACCEPTHOSTKEYS /L $user /PASSWORD $pass " . $StoreInfo[$i,1]);
};

if (!$@) #Successful connection with SSH v1
{
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
$crt->Screen->Send('term len 0'."\015");
$crt->Screen->WaitForString("^.*#\$", $ReadWaitTime);
for ($j = 0; $j <= $#COMMANDS; $j+=1)
{
$crt->Screen->Send("$COMMANDS[$j]"."\n");
$crt->Screen->WaitForString("\n", $ReadWaitTime);
$CMDResults=$crt->Screen->ReadString("SW", $ReadWaitTime);

}
$crt->Session->Disconnect();
}
else
{
$crt->Session->Disconnect();
#$crt->Dialog->MessageBox("I got Failure");
print ERROROUTFILE $StoreInfo[$i,0]. ", ".$StoreInfo[$i,1]. ", Device auth failed\n";
next;
}
}
}
}

@CMDResultsLines = split(/\r+\n+/, $CMDResults); #Convert the block of command results placed in a single variable into individual lines.

for ($k=0; $k<=$#CMDResultsLines; $k+=1)
{
@IndividualCMDResults = split(/\s+/, $CMDResultsLines[$k]); #Split the results lines into indivudual elements
$DELETE = shift(@IndividualCMDResults); #Shift out a blank space caused by the split of the CMDResultsLines
if ($IndividualCMDResults[3] ne "Fa0/1") #This interface is a router uplink. This MAC address set is not of any interest.
{
print RESULTSFILE "$StoreInfo[$i,0], $StoreInfo[$i,1], " . " $IndividualCMDResults[0], $IndividualCMDResults[1], $IndividualCMDResults[3]\n";
}
}
}
else
{
print ERROROUTFILE ($StoreInfo[$i,0]. ", ".$StoreInfo[$i,1]. ", Device is down\n");
}

$Pinger->close();

}
close ERROROUTFILE;
close RESULTSFILE;

Thread Tools
Show Printable Version Email this Page
Display Modes	Rate This Thread
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)