Forum

How to send remote ...
 
Notifications
Clear all

How to send remote command

0 Posts
2 Users
0 Reactions
137 Views
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

This isn't what you probably think -- my question isn't about sending a command after login because I know I can handle that scenario with a script.

Instead, I'm looking for the Absolute Telnet 11.24 equivalent of the remote command in Putty.

The goal is to be able to create a shell instance at shell.sourceforge.net using the steps [url= https://sourceforge.net/p/forge/documentation/Shell%20Service/#access ]here[/url]. The Putty specific steps are [url= https://sourceforge.net/p/forge/documentation/Shell%20Service/#putty-client ]here[/url].

It works fine in Putty. How do I do this in Absolute Telnet?


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

Happy New Year!

Just checking in... no reply yet so I'll follow up another time.


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

How do I do the equivalent of the remote command in Putty?


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

Sorry it took me some time to get around to this. There isn't currently a way to do this, but I'm looking into what it would take to add it.


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

ok thanks, and it's good to hear from you 😀


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

Any chance this is something you'll be looking into soon?


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

Ok, I think this is done.

Shell options, including the ability to exec a command instead of starting a shell can now be done in Options/Properties/Connection/SSH2/Options.

Implemented in 11.39 RC3 and above

64/32 bit:
https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.39RC3.exe

32 bit only:
https://www.celestialsoftware.net/telnet/AbsoluteTelnet32.11.39RC3.exe


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

Example....

Sourceforge interactive shell creation:


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

32bit RC3 downloaded and installed, will test this feature today, thank you!


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

It's been working OK but I'm confused about two config variations.

shell.sourceforge.net requires the password to be entered twice, first for the initial normal ssh login, and second once the shell session has actually been queued/created/started.

I can sort of see why I have to manually type in the second password prompt (and I can probably use AT scripting to handle this one), but it is the first one that seems odd that AT can't fill it in.

Config variation #1:

[ul]"Use RSA/DSA key to login" UNCHECKED
"Use Keyboard-interactive login" CHECKED
"Use plain password to login" CHECKED[/ul]

The result for configuration #1 is that it prompts for the first password anyway.

Config variation #2:

[ul]"Use RSA/DSA key to login" UNCHECKED
"Use Keyboard-interactive login" UNCHECKED
"Use plain password to login" CHECKED[/ul]

The result for configuration #2 is, "All configured authentication methods have failed."

Maybe there is something unique about sourceforge.net, or more likely I just don't understand enough about ssh, but usually the other AT configs I have for local servers seem to allow configuration variation #2. Am I just wrong about my perception and that there is something else in the crypto negotiation that's at play and/or the server-side ssh config? Configuration #2 is what I'm currently using to test out [url= https://www.celestialsoftware.net/configuration-issues/9003-not-saving-plain-password-in-v11.35.html#9048 ]Re:Not saving plain password in v11.35 - Celestial Software User Forums[/url]

Below is a successful session using configuration #1 where I have manually entered the same password both times.

Connecting to shell.sourceforge.net:22
   attempting ip1.ip2.ip3.ip4:22...     Success!
First key exchange completed.
Negotiated Algorithms:
  Key exchange       : ecdh-sha2-nistp521
  Host Key           : ssh-ed25519
  Session encryption : aes128-ctr
  MAC                : hmac-sha2-512
  Compression        : none
Username: fictionalusername,fictionalprojectname
Keyboard-interactive login for fictionalusername,fictionalprojectname
Password: 
Authentication SUCCESS
Allocating PTY...                SUCCESS
Start X11 forwarding...          Skipped
Starting authentication agent... FAIL
Starting exec...                 SUCCESS

Requesting a new shell for "fictionalusername" and waiting for it to start.
queued... creating... starting...

could not open any host key
ssh_keysign: no reply
sign using hostkey ecdsa-sha2-nistp256 SHA256:######################################################### failed
fictionalusername@ip5.ip6.ip7.ip8's password: 
This is an interactive shell created for fictionalusername.
Use the "timeleft" command to see how much time remains before shutdown.
Use the "shutdown" command to destroy the shell before the time limit.
For path information and login help, run "sf-help".

[fictionalusername@shell-99999 ~]$ shutdown
Requesting that your shell be shut down.
This request will be processed soon.
[fictionalusername@shell-99999 ~]$ Connection to ip5.ip6.ip7.ip8 closed by remote host.
Connection to ip5.ip6.ip7.ip8 closed.

(I hope my unordered lists and link to the "not saving plain password" post appear correctly as the post preview function isn't showing anything except a progress bar. At least it's trying! 😀 Yeah, I know there is a forum software upgrade planned.)


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

The FIRST password prompt and login configuration I'll explain now in the first post. The rest later.... There is a subtle difference between 'keyboard-interactive' and 'plain password' that's not immediately obvious to the end user but completely controlled by the server.

"plain password" is just that. A old style username and password submitted to the server for authentication. It either passes or it doesn't. Period. It's part of the authentication protocol, not very flexible.

"keyboard interactive" is more flexible. It enables a mechanism in the authentication where the server submits PROMPTS and the user responds with ANSWERS via keyboard 'interactively'. The default configuration resembles 'plain password' because it'll prompt you for the PASSWORD and you respond. However, it can be extended to ask for other things, multiple questions, two-factor (see DUO), etc...

Usually both are enabled in Absolute by default and the server chooses which one to use. when keyboard-interactive only asks for password, it visually no different from plain password and hard to tell except that Absolute tells you keyboard interactive is being used. Sourceforge only allows keyboard interactive, not plain password so disabling keyboard interactive is not an option.

And..... the caveat on the client side is that 'remember password' only works with 'plain password' and not with 'keyboard interactive'. Maybe there's an enhancement pending in there somewhere.... Scan the keyboard-interactive prompts for 'password' and reply automatically.

And I'm pretty sure scripts only start AFTER the authentication is complete, so using scripts to complete the authentication is not an option


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

As for the SECOND password prompt, I'm stumped. That one's coming AFTER authentication during the creation of the shell.... I swear the first several dozen times I ran through this, I never got that prompt, now I get it every time. COuld be something wrong at sourceforge?


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

I suspect there's an issue with the ECDSA key at sourceforge. Go to Options->Properties->Connection->SSH2->host key. Disable "ECDSA" as a host key algorithm and move RSA and DSA to the top.

You should be able to create the shell now without the second password.

Or, wait till they get the key issue straightened out. I'm sure it won't take long.

Brian


   
ReplyQuote
(@taa1)
Trusted Member
Joined: 10 years ago
Posts: 46
Topic starter  

ECDSA is already disabled for my sourceforge.net connection.

[ul]ED25519
RSA
DSA

ECDSA[/ul]

Do I still need to change the positions on RSA and DSA?

I see that someone reported to sourceforge.net an issue that seems related but this level of SSH protocol knowledge is way beyond me. The sourceforge.net ticket: [url= https://sourceforge.net/p/forge/site-support/24928/ ]SourceForge Support / Site Support / #24928 Problems accessing SSH host key[/url]

A follow up on the ticket says it was addressed within the last two hours and should be fixed. Something has changed and I do not get the prompt for the second password now.

the caveat on the client side is that 'remember password' only works with 'plain password' and not with 'keyboard interactive'. Maybe there's an enhancement pending in there somewhere.... Scan the keyboard-interactive prompts for 'password' and reply automatically.

Yep, sounds like an enhancement pending to me, too. 😀


   
ReplyQuote
(@bpence)
Member Admin
Joined: 7 months ago
Posts: 1375
 

For what it's worth, sourceforge appears to have fixed that issue, so the second password prompt doesn't show up. That was less of an issue with the SSH portion of the login and more an issue with the special/limited shell they create for you after login. By that time, the login and authentication has been done and Absolute is just displaying the shell's activity.

Will let you know about the password prompt situation. Pretty sure that's not very difficult.

Brian


   
ReplyQuote
Share: