我们有一些perl脚本可以在带有telnet的hp不间断计算机上的Guardian os上执行操作。 现在,我们必须关闭telnet,并必须使用与guarduser的ssh(comforte)连接。
我们尝试连接以下perl代码,似乎一切正常,但是外壳无法保持打开状态。
public class StompBrokerRelayRegistration extends AbstractBrokerRegistration {
private String relayHost = "127.0.0.1";
private int relayPort = 61613;
private String clientLogin = "guest";
private String clientPasscode = "guest";
private String systemLogin = "guest";
private String systemPasscode = "guest";
调试日志显示:
http/web-stomp我们可以与Putty建立联系并合作。腻子设置中的exec命令为“ tacl”。使用plink,它仅在我们使用腻子会话名称时才有效。使用param和-c tacl,我们将获得与perl脚本相同的错误,没有外壳。
(信息:客户端是Windows PC)
希望有人可以帮助我们,我们已经做了很多尝试。
感谢您和最诚挚的问候
答案 0 :(得分:1)
Can you explain exactly what it is you did with telnet sessions before you had to switch to SSH? Off-hand I think you are probably ending up in OSS (the UNIX personality of NonStop) because puTTY (and probably plink) emulate an XTerm. NonStop SSH automatically puts you into OSS if the terminal type specified during SSH negotiations isn't "TN6530-8" (The NonStop Guardian terminal emulator).
I just tried plink (Windows 10 CMD prompt) and got this, which is expected:
C:\Users\andy\Downloads>plink -ssh -pw xxxxxxx andyw@nnn.nn.nnn.nn gtacl -c 'status *,user'
Using keyboard-interactive authentication.
Last Logon: 03 DEC 2018, 05:37
Last Unsuccessful Attempt: 03 DEC 2018, 05:31 Total Failures: 20
Process Pri PFR %WT Userid Program file Hometerm
$Z4YN B 0,119 146 001 8,1 $SYSTEM.SYS07.TACL $ZTN0.#PTB2NV5
$SSLS 0,504 148 001 8,1 $SYSTEM.SSLPRXY.SSLPRXY $ZPTY.#ZWN0517
$SSFS 0,749 148 001 8,1 $SYSTEM.SSLPRXY.SSLFTPS $ZPTY.#ZWN0517
$Z2TJ 2,74 149 005 8,1 $SYSTEM.SYS07.TACL $ZPTY.#ZWN0882
$Z5MZ 2,75 149 001 8,1 $SYSTEM.SYS07.TACL $ZPTY.#ZWN0886
$Z5NR 2,254 149 004 8,1 $SYSTEM.SYS07.TACL $ZHOME
2,1019 148 001 8,1 $SYSTEM.SYS07.OSH $ZPTY.#ZWN0886
X 2,1098 148 004 8,1 /bin/ksh $ZPTY.#ZWN0886
$Z5NQ X 2,1139 149 001 8,1 /bin/gtacl $ZHOME
$Z4YN 3,9 146 001 8,1 $SYSTEM.SYS07.TACL $ZTN0.#PTB2NV5
$Z5MZ B 3,42 149 001 8,1 $SYSTEM.SYS07.TACL $ZPTY.#ZWN0886
$Z2TJ B 3,201 149 001 8,1 $SYSTEM.SYS07.TACL $ZPTY.#ZWN0882
$SSLS B 3,1014 148 001 8,1 $SYSTEM.SSLPRXY.SSLPRXY $ZPTY.#ZWN0517
$SSFS B 3,1018 148 001 8,1 $SYSTEM.SSLPRXY.SSLFTPS $ZPTY.#ZWN0517
$CAIL 3,1045 145 011 8,1 $SYSTEM.SYS07.TELSERV $ZTN0.#PTB2P0J
C:\Users\andy\Downloads>
答案 1 :(得分:0)
我看不到Perl代码要求TACL。
使用全新安装的Putty并没有对其进行任何配置,我可以使用plink进行连接:
PS C:\Program Files\PuTTY> plink d.trump@10.0.0.173 tacl
Using keyboard-interactive authentication.
Password:
Using keyboard-interactive authentication.
Last Logon: 20 DEC 2018, 01:05
Last Unsuccessful Attempt: 06 DEC 2018, 03:40 Total Failures: 33
Last Logon Failures: 0
TACL (T9205H01 - 24AUG2018), Operating System L06, Release L18.08.01
<usual TACL startup output omitted>
(Invoking $DT.WHOUSE.TACLCSTM)
Current volume is $DT.WHOUSE
$DT WHOUSE 1>
在NonStop上的SSH审核文件中,我看到:
$SSH00|20Dec18 01:05:29.67|50|10.0.3.40:56431:10.0.0.173: accepted connection from client
$SSH00|20Dec18 01:05:29.68|50|10.0.3.40:56431:10.0.0.173: client version string: SSH-2.0-PuTTY_Release_0.70
$SSH00|20Dec18 01:05:30.75|50|10.0.3.40:56431:10.0.0.173: key-exchange done and server authentication by client successful.
$SSH00|20Dec18 01:05:30.75|40|10.0.3.40:56431:10.0.0.173: SSH session established.
$SSH00|20Dec18 01:05:31.44|20|10.0.3.40:56431:10.0.0.173: gssapi-with-mic authentication failed: GSSAPI not available
$SSH00|20Dec18 01:05:36.81|40|10.0.3.40:56431:10.0.0.173: keyboard-interactive dialog successful for user 'd.trump', keyboard-interactive authentication successful
$SSH00|20Dec18 01:05:37.50|50|10.0.3.40:56431:10.0.0.173: channel exec request, launching /bin/sh -c param -c tacl
$SSH00|20Dec18 01:05:37.63|50|10.0.3.40:56431:10.0.0.173: spawned program /bin/sh successfully (pid 520093761)
$SSH00|20Dec18 01:05:37.67|50|10.0.3.40:56431:10.0.0.173: spawned program /bin/sh terminated with exit code 127
$SSH00|20Dec18 01:05:38.02|40|10.0.3.40:56431:10.0.0.173: SSH session terminated
$SSH00|20Dec18 01:06:04.79|50|10.0.3.40:56440:10.0.0.173: accepted connection from client
$SSH00|20Dec18 01:06:04.80|50|10.0.3.40:56440:10.0.0.173: client version string: SSH-2.0-PuTTY_Release_0.70
$SSH00|20Dec18 01:06:05.87|50|10.0.3.40:56440:10.0.0.173: key-exchange done and server authentication by client successful.
$SSH00|20Dec18 01:06:05.87|40|10.0.3.40:56440:10.0.0.173: SSH session established.
$SSH00|20Dec18 01:06:06.55|20|10.0.3.40:56440:10.0.0.173: gssapi-with-mic authentication failed: GSSAPI not available
$SSH00|20Dec18 01:06:10.92|40|10.0.3.40:56440:10.0.0.173: keyboard-interactive dialog successful for user 'd.trump', keyboard-interactive authentication successful
$SSH00|20Dec18 01:06:11.61|50|10.0.3.40:56440:10.0.0.173: channel request for subsystem tacl, launching \XXX.$SYSTEM.SYS03.TACL with process name '\XXX.$Z4ML'
$SSH00|20Dec18 01:06:11.67|50|10.0.3.40:56440:10.0.0.173: launched program \XXX.$SYSTEM.SYS03.TACL successfully (\XXX.$Z4ML:3750193)
在SSH日志文件中,我看到:
$SSH00|20Dec18 01:06:06|10.0.3.40:56440:10.0.0.173: d.trump@10.0.3.40 authentication failed (method gssapi-with-mic): GSSAPI not available.
$SSH00|20Dec18 01:06:10|10.0.3.40:56440:10.0.0.173: d.trump@10.0.3.40 authentication granted (method keyboard-interactive): keyboard-interactive dialog successful. System user: d.trump
$SSH00|20Dec18 01:06:11|10.0.3.40:56440:10.0.0.173: d.trump@10.0.3.40 subsystem tacl granted (process: \XXX.$Z4ML)
尝试查看SSH日志文件,比较工作正常时和不工作时的情况。请记住,如果您确实遇到问题,可以将其传递给TNSC。
答案 2 :(得分:0)
终于使Perl安装完成了我想要的工作,我认为我理解您的意思(我在输出方面看到了相同的意思),但是看起来好像什么都没有坏。如果我在登录后添加命令,它将起作用。
use Net::SSH::Perl;
use Term::ReadKey;
my $host = "x.x.x.x";
my $user = "group.user";
my $pass = "secretsanta";
my $ssh = Net::SSH::Perl->new($host, options => [
"Cipher +aes256-ctr", "MACs +hmac-sha2-256", "HostKeyAlgorithms +ssh-dss"], debug => 1);
$ssh->login($user, $pass);
print "Enter a command to execute: [ls -l] ";
chomp(my $cmd = <STDIN>);
my($out, $err) = $ssh->cmd($cmd || "ls -l");
print $out;
日志:
dev-as: Requesting service shell on channel 0.
Enter a command to execute: [ls -l] ls -la
dev-as: channel 1: new [client-session]
dev-as: Requesting channel_open for channel 1.
dev-as: Entering interactive session.
dev-as: Requesting service exec on channel 1.
dev-as: channel 1: open confirm rwindow 1048576 rmax 57344
dev-as: input_channel_request: rtype exit-status reply 0
dev-as: channel 1: rcvd eof
dev-as: channel 1: output open -> drain
dev-as: channel 1: obuf empty
dev-as: channel 1: output drain -> closed
dev-as: channel 1: close_write
dev-as: channel 1: rcvd close
dev-as: channel 1: input open -> closed
dev-as: channel 1: close_read
dev-as: channel 1: send close
dev-as: channel 1: full closed
total 388615
-rw-rw-rw- 1 GROUP.USER COMF 810000 Nov 21 23:07 test1
答案 3 :(得分:0)
我致力于解决此问题,确实在Powershell和Ubuntu中直接从命令行使用了“ ssh”命令。
ssh -t -o HostKeyAlgorithms=+ssh-dss safeguarduser@XXXX tacl
实际上,它涵盖了脚本中的所有内容,但是添加了-t选项,该选项可用于创建PTY分配请求。对于某些旧系统,这似乎是必需的。请调整您的perl脚本以同时考虑此标志,并让我们知道它是否有效。