Closed KeithBierman closed 2 years ago
On Wed, Sep 02, 2020 at 12:21:39PM -0700, Keith Bierman wrote:
ssh -o BatchMode=yes -o CheckHostIP=no -o StrictHostKeyChecking=no \ -o HashKnownHosts=no -o ConnectTimeout=16 \ idrac40 echo pong that is, it attempts to login to the idrac (which works) and execute echo which can't.
Does have "iDRAC" an eqivalent of echo
?
On Wed, Sep 2, 2020 at 11:04 PM Keith Bierman khbkhb@gmail.com wrote:
Not that I know of. ..
Many routers, switches, and various IoT devices respond to ping, but do not support anything resembling echo. They aren't meant to run programs, just execute what they are given.
Hi.
What happens if you ssh-ping -l SomeNoneExistingUser
Do you get a Reply from the iDRAC Device?
Using plain ping would render ssh-ping useless, since it looses the JumpHost facility of ssh_config which was the reason for ssh-ping in the first place.
The pong is just an extra feature to see not only if the host is reachable for the SSH client but shows also if a login succeeds. Well, in some cases like my HP Switches the pong does not work either, but at least I can test if SSH can reach the Switch over some JumpHosts.
Maybe a ssh-ping option for avoiding to log in would be sufficient ?
ssh-ping rutt@10.192.3.15 SSHPING 10.192.3.15 Reply from 10.192.3.15: ssh_seq=1 time=995 ms Reply from 10.192.3.15: ssh_seq=2 time=708 ms Reply from 10.192.3.15: ssh_seq=3 time=705 ms Reply from 10.192.3.15: ssh_seq=4 time=698 ms Reply from 10.192.3.15: ssh_seq=5 time=687 ms Reply from 10.192.3.15: ssh_seq=6 time=699 ms Reply from 10.192.3.15: ssh_seq=7 time=702 ms Reply from 10.192.3.15: ssh_seq=8 time=745 ms Reply from 10.192.3.15: ssh_seq=9 time=762 ms Reply from 10.192.3.15: ssh_seq=10 time=691 ms Reply from 10.192.3.15: ssh_seq=11 time=691 ms Reply from 10.192.3.15: ssh_seq=12 time=695 ms Reply from 10.192.3.15: ssh_seq=13 time=744 ms Reply from 10.192.3.15: ssh_seq=14 time=706 ms
So that might be a viable workaround. No doubt easier than parsing the .ssh/config
On Fri, Sep 11, 2020 at 7:26 AM Sven Wick notifications@github.com wrote:
Hi.
What happens if you ssh-ping -l SomeNoneExistingUser
Do you get a Reply from the iDRAC Device?
Using plain ping would render ssh-ping useless, since it looses the JumpHost facility of ssh_config which was the reason for ssh-ping in the first place.
The pong is just an extra feature to see not only if the host is reachable for the SSH client but shows also if a login succeeds. Well, in some cases like my HP Switches the pong does not work either, but at least I can test if SSH can reach the Switch over some JumpHosts.
Maybe an ssh-ping option for avoiding to log in would be sufficient ?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/vaporup/ssh-tools/issues/11#issuecomment-691094255, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC32RF2SOQSKD6WN3272M2LSFIQRNANCNFSM4QTS57XQ .
Perhaps just simplifying the code to -o "User=devnull" and removing the pong bits entirely ... (well, devnull might actually be a user, dunno if some weird unicode would work).
On Fri, Sep 11, 2020 at 10:22 AM Keith Bierman khbkhb@gmail.com wrote:
ssh-ping rutt@10.192.3.15 SSHPING 10.192.3.15 Reply from 10.192.3.15: ssh_seq=1 time=995 ms Reply from 10.192.3.15: ssh_seq=2 time=708 ms Reply from 10.192.3.15: ssh_seq=3 time=705 ms Reply from 10.192.3.15: ssh_seq=4 time=698 ms Reply from 10.192.3.15: ssh_seq=5 time=687 ms Reply from 10.192.3.15: ssh_seq=6 time=699 ms Reply from 10.192.3.15: ssh_seq=7 time=702 ms Reply from 10.192.3.15: ssh_seq=8 time=745 ms Reply from 10.192.3.15: ssh_seq=9 time=762 ms Reply from 10.192.3.15: ssh_seq=10 time=691 ms Reply from 10.192.3.15: ssh_seq=11 time=691 ms Reply from 10.192.3.15: ssh_seq=12 time=695 ms Reply from 10.192.3.15: ssh_seq=13 time=744 ms Reply from 10.192.3.15: ssh_seq=14 time=706 ms
So that might be a viable workaround. No doubt easier than parsing the .ssh/config
On Fri, Sep 11, 2020 at 7:26 AM Sven Wick notifications@github.com wrote:
Hi.
What happens if you ssh-ping -l SomeNoneExistingUser
Do you get a Reply from the iDRAC Device?
Using plain ping would render ssh-ping useless, since it looses the JumpHost facility of ssh_config which was the reason for ssh-ping in the first place.
The pong is just an extra feature to see not only if the host is reachable for the SSH client but shows also if a login succeeds. Well, in some cases like my HP Switches the pong does not work either, but at least I can test if SSH can reach the Switch over some JumpHosts.
Maybe an ssh-ping option for avoiding to log in would be sufficient ?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/vaporup/ssh-tools/issues/11#issuecomment-691094255, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC32RF2SOQSKD6WN3272M2LSFIQRNANCNFSM4QTS57XQ .
On Fri, Sep 11, 2020 at 06:26:46AM -0700, Sven Wick wrote:
Using plain ping would render ssh-ping useless, since it looses the JumpHost facility of ssh_config which was the reason for ssh-ping in the first place.
Please, pretty please, do keep that design decission.
at least I can test if SSH can reach the Switch over some JumpHosts.
:-)
Maybe an ssh-ping option for avoiding to log in would be sufficient ?
option "only show prompt" which doesn't execute echo command on remote system.
Please, pretty please, do keep that design decission.
No worries :-)
option "only show prompt" which doesn't execute echo command on remote system.
I thought for something similar for some time because now and then I not only want to ssh-ping a new server to check if it is reachable but additionally just log in when the first ping succeeds.
Not sure yet if after log out, ssh-ping should retry ( could be helpful by rebooting a machine )
Please checkout https://github.com/vaporup/ssh-tools/commit/45c45940036cf2d9a0205d0222d8e4891c6bbec3 if that solves the issue
Merged in #13
ssh-ping works fine between two linux boxes, but attempting to use it with Dell iDRACs (and various other IoT sorts of devices) it fails. This is because IoT level devices often do not provide a full environment, and ssh-ping expects to login and echo "pong" ... so while connectivity is available (ssh works) the ssh-ping fails.
idrac9 for example provides ping and trace route, but no echo. So
ssh -o BatchMode=yes -o CheckHostIP=no -o StrictHostKeyChecking=no -o HashKnownHosts=no -o ConnectTimeout=16 idrac40 echo pong that is, it attempts to login to the idrac (which works) and execute echo which can't.
So reworking how ssh-ping works, to extract the names from .ssh/config and actually using ping would be much more generally useful than using ssh to execute "echo pong".