[f-nsp] scripting

Nick Morrison nick at nick.on.net
Fri Jul 10 10:30:02 EDT 2009


On Fri, Jul 10, 2009 at 2:07 PM, David Ball<davidtball at gmail.com> wrote:
>  I've not tried RSA keys with a Foundry device, but if you say it
> doesn't work, would a Perl module such as Net::SSH(2) not help in this
> regard?
>
> http://search.cpan.org/dist/Net-SSH-Perl/lib/Net/SSH/Perl.pm

RSA keys work aok.  Executing remote commands (rather than a shell)
does not.  I'm still compiling the crypto parts of Net::SSH - I'll try
it out when it finishes, but I have a feeling the problem will be
similar, unless I open an interactive prompt, which I specifically do
not want to do.

The workaround, as several people have mentioned, is to use a system
like rancid, or any of the expect-based ones.  The main problem I have
with this method is a reproducable bug I've hit on SX1600 switches
with a busy management CPU, where the ssh process drops characters for
short periods of time.  If you've ever pasted a large config into a
busy SX1600, you might have seen the results of this bug.  Brocade
haven't really acknowledged my report yet.. it's been a little
frustrating!

Of course, if the software supported running ssh commands rather than
an interactive shell, this wouldn't be an issue, as the bug lives in
the interactive bit of their ssh daemon (I assume)

Can I assume that the people here who are making solid use of
expect-based systems are not having this sort of problem?  (you'd see
scripts failing sometimes (probably rarely) or with unexpected output)

Thanks for all the feedback.

Cheers,
Nick!

-- 
Nick Morrison <nick at nick.on.net>



More information about the foundry-nsp mailing list