2

I am trying to SSH to a Cisco wireless controller through Go, using Go's golang.org/x/crypto/ssh library, to programmatically configure access points. The problem I'm running into is correctly parsing the controller CLI in Go. For example, this is the typical SSH login to the controller:

$ ssh <controller_ip>


(Cisco Controller)
User: username
Password:****************
(Cisco Controller) >

I am trying to figure out how to send the username and then the password after the SSH session is established in Go. So far, I am able to successfully SSH to the controller, but the program exits at the username prompt, like this:

$ go run main.go 


(Cisco Controller) 
User:

How would I go about sending the username when prompted, then repeating that for the password prompt?

No errors are being thrown or exit codes are being given, so I'm not sure why the program is exiting immediately at the username prompt. But Even if it wasn't exiting that way, I'm still unsure of how to send the username and password when the controller's CLI is expecting it.

Here is my code:

package main

import (
    "golang.org/x/crypto/ssh"
    "log"
    "io/ioutil"
    "os"
    "strings"
    "path/filepath"
    "bufio"
    "fmt"
    "errors"
    "time"
)

const (
    HOST = "host"
)

func main() {
    hostKey, err := checkHostKey(HOST)
    if err != nil {
        log.Fatal(err)
    }

    key, err := ioutil.ReadFile("/Users/user/.ssh/id_rsa")
    if err != nil {
        log.Fatalf("unable to read private key: %v", err)
    }

    // Create the Signer for this private key.
    signer, err := ssh.ParsePrivateKey(key)
    if err != nil {
        log.Fatalf("unable to parse private key: %v", err)
    }

    // Create client config
    config := &ssh.ClientConfig{
        User: "username",
        Auth: []ssh.AuthMethod{
            ssh.Password("password"),
            // Use the PublicKeys method for remote authentication.
            ssh.PublicKeys(signer),
        },
        HostKeyCallback: ssh.FixedHostKey(hostKey),
        Timeout: time.Second * 5,
    }

    // Connect to the remote server and perform the SSH handshake.
    client, err := ssh.Dial("tcp", HOST+":22", config)
    if err != nil {
        log.Fatalf("unable to connect: %v", err)
    }
    defer client.Close()
    // Create a session
    session, err := client.NewSession()
    if err != nil {
        log.Fatal("Failed to create session: ", err)
    }
    defer session.Close()

    stdin, err := session.StdinPipe()
    if err != nil {
        log.Fatal(err)
    }
    stdout, err := session.StdoutPipe()
    if err != nil {
        log.Fatal(err)
    }

    modes := ssh.TerminalModes{
        ssh.ECHO:          0,
        ssh.TTY_OP_ISPEED: 9600,
        ssh.TTY_OP_OSPEED: 9600,
    }

    if err := session.RequestPty("xterm", 0, 200, modes); err != nil {
        log.Fatal(err)
    }
    if err := session.Shell(); err != nil {
        log.Fatal(err)
    }

    buf := make([]byte, 1000)
    n, err := stdout.Read(buf) //this reads the ssh terminal welcome message
    loadStr := ""
    if err == nil {
        loadStr = string(buf[:n])
    }
    for (err == nil) && (!strings.Contains(loadStr, "(Cisco Controller)")) {
        n, err = stdout.Read(buf)
        loadStr += string(buf[:n])
    }
    fmt.Println(loadStr)

    if _, err := stdin.Write([]byte("show ap summary\r")); err != nil {
        panic("Failed to run: " + err.Error())
    }
}

func checkHostKey(host string) (ssh.PublicKey, error) {
    file, err := os.Open(filepath.Join(os.Getenv("HOME"), ".ssh", "known_hosts"))
    if err != nil {
        return nil, err
    }
    defer file.Close()

    scanner := bufio.NewScanner(file)
    var hostKey ssh.PublicKey
    for scanner.Scan() {
        fields := strings.Split(scanner.Text(), " ")
        if len(fields) != 3 {
            continue
        }
        if strings.Contains(fields[0], host) {
            hostKey, _, _, _, err = ssh.ParseAuthorizedKey(scanner.Bytes())
            if err != nil {
                return nil, errors.New(fmt.Sprintf("error parsing %q: %v", fields[2], err))
            }
            break
        }
    }

    if hostKey == nil {
        return nil, errors.New(fmt.Sprintf("no hostkey for %s", host))
    }

    return hostKey, nil
}
Improve this question
9
  • I am thinking that the user and password prompt isn't a part of ssh auth but an app auth. Try ssh user@ip:port and see if you need to type user again. Commented Jan 2, 2018 at 14:23
  • 1
    If that is the case, I think you can try stdin.Write and write your username, and password before show ap summary. I am curious that why you choose \r as a line break, and I think you should replace it with \n. Commented Jan 2, 2018 at 14:25
  • And for the output. Your fmt.Println(loadStr) printed the welcome and prompt, and after that, you send the show ap summary, and did not require any other action. It exits naturelly. Commented Jan 2, 2018 at 14:27
  • After you done with the auth part, you'll need session.Run to run a command; the std pipelines are for programs that is running, not the shell itself. Commented Jan 2, 2018 at 14:28
  • @leafbebop Doing ssh user@ip:port does not remove the username or password prompts when logging into the controller. The output looks the same as what I have above. Also, I was using the pipeline for stdout and stderr because I eventually need to be able to send multiple commands, and I was under the impression that session.Run could only be run once. Commented Jan 2, 2018 at 18:49

1 Answer 1

Reset to default
2

Finally got it working. Here is my new code inspired by this post:

package main

import (
    "golang.org/x/crypto/ssh"
    "log"
    "io/ioutil"
    "os"
    "strings"
    "path/filepath"
    "bufio"
    "fmt"
    "errors"
    "time"
)

func main() {
    client, err := authenticate("10.4.112.11", "mwalto7", "lion$Tiger$Bear$")
    if err != nil {
        log.Fatalf("unable to connect: %v", err)
    }
    defer client.Close()

    // Create a session
    session, err := client.NewSession()
    if err != nil {
        log.Fatal("Failed to create session: ", err)
    }
    defer session.Close()

    stdin, err := session.StdinPipe()
    if err != nil {
        log.Fatal(err)
    }
    session.Stdout = os.Stdout
    session.Stderr = os.Stderr

    if err := session.Shell(); err != nil {
        log.Fatal(err)
    }

    for _, cmd := range os.Args[1:] {
        stdin.Write([]byte(cmd + "\n"))
    }

    stdin.Write([]byte("logout\n"))
    stdin.Write([]byte("N\n"))

    session.Wait()
}

func authenticate(host, username, password string) (ssh.Client, error) {
    hostKey, err := checkHostKey(host)
    if err != nil {
        log.Fatal(err)
    }

    key, err := ioutil.ReadFile(filepath.Join(os.Getenv("HOME"), ".ssh", "id_rsa"))
    if err != nil {
        log.Fatalf("unable to read private key: %v", err)
    }

    // Create the Signer for this private key.
    signer, err := ssh.ParsePrivateKey(key)
    if err != nil {
        log.Fatalf("unable to parse private key: %v", err)
    }

    // Create client config
    config := &ssh.ClientConfig{
        User: username,
        Auth: []ssh.AuthMethod{
            ssh.Password(password),
            // Use the PublicKeys method for remote authentication.
            ssh.PublicKeys(signer),
        },
        HostKeyCallback: ssh.FixedHostKey(hostKey),
        Timeout: time.Second * 5,
    }

    // Connect to the remote server and perform the SSH handshake.
    client, err := ssh.Dial("tcp", host+":22", config)

    return *client, err
}

func checkHostKey(host string) (ssh.PublicKey, error) {
    file, err := os.Open(filepath.Join(os.Getenv("HOME"), ".ssh", "known_hosts"))
    if err != nil {
        return nil, err
    }
    defer file.Close()

    scanner := bufio.NewScanner(file)
    var hostKey ssh.PublicKey
    for scanner.Scan() {
        fields := strings.Split(scanner.Text(), " ")
        if len(fields) != 3 {
            continue
        }
        if strings.Contains(fields[0], host) {
            hostKey, _, _, _, err = ssh.ParseAuthorizedKey(scanner.Bytes())
            if err != nil {
                return nil, errors.New(fmt.Sprintf("error parsing %q: %v", fields[2], err))
            }
            break
        }
    }

    if hostKey == nil {
        return nil, errors.New(fmt.Sprintf("no hostkey for %s", host))
    }

    return hostKey, nil
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I need to point out that the part "fixing" the problem is binding stout to os.Stdout. You get all the stuff but you did not read it nor print it in your original code after writing to stdin.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.