Banner causes scp to fail from script but not command line.
Hi,
We have an interesting issue which is similar to the one in this thread, but that never provided a full answer. - Ohh apparently I can't post URLs till I have 5 posts, sorry.
We have a simple script that copies files from one shelf to the other. Both shelves have an ssh banner defined. When I run the script the scp to the remote shelf fails however if does not when the same command is run from the command line. When I pipe the output to a file, the error output displays the banner from the remote shelf.
Piping the error output to a file solves the problem and the scp works fine, however I don't understand why and I was wondering if anyone could explain. We have quite a few places in the code where the output is not currently piped to /dev/null (stderr) and I really want to understand the cause of the problem so that I know whether I need to correct all of them or just ones in certain formats/shells or indeed if it is a config problem?
The code I am running is as follows (I have removed any parts that could be company sensitive (e.g. <remote shelf ip> if not the actual code in this line but does work):
Code:
#!/usr/bin/ksh
VP3_REMOTE_SHELF_IP=`<remote shelf ip>`
/opt/OBSDssh/bin/ssh -n -o 'BatchMode yes' $VP3_REMOTE_SHELF_IP "rm -r -f /tmp/ms_passwd"
/opt/OBSDssh/bin/ssh -n -o 'BatchMode yes' $VP3_REMOTE_SHELF_IP "mkdir /tmp/ms_passwd"
#SCP1 - this works
/opt/OBSDssh/bin/scp -o 'BatchMode yes' /etc/shadow $VP3_REMOTE_SHELF_IP:/tmp/ms_passwd/ > /dev/null 2>&1
#SCP2 - this does not work - the error output has to be piped away as well to make it work.
/opt/OBSDssh/bin/scp -v -o 'BatchMode yes' /etc/passwd $VP3_REMOTE_SHELF_IP:/tmp/ms_passwd/ > /tmp/passwd
.....
When I run the scp with the -v option, this is the output I get (fjmfjf is the remote shelf banner - a pretty rubbish banner I'll admit, it has been like that for years though):
Code:
Executing: program /opt/OBSDssh/bin/ssh host <IP> user (unspecified), command scp -v -t /tmp/ms_passwd
OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to <remote IP> [<remote IP>] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/1
debug1: identity file /etc/ssh_host_rsa_key type 1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '<remote IP>' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:5
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
fjmfjf
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /etc/ssh_host_rsa_key
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending command: scp -v -t /tmp/ms_passwd
Sending file modes: C0644 569 passwd
Sink: C0644 569 passwd
ebug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
If anyone could through some light on why this is happening it would be greatly appreciated. From my google investigations, I think it is something to do with the banner text being incorporated into the ssh command but that's about it.
Yeah sorry that is what I mean, I'm not very good at scripting yet so get my terminology a bit mixed up.
Could you possibly explain what you mean be: "fd 2 of the batch run is messed up. Interactively, it is the tty."
---------- Post updated 08-03-11 at 12:50 PM ---------- Previous update was 08-02-11 at 11:56 PM ----------
Hi again,
One of the lovely people from work who is actually good at their job has explained your answer and that does indeed seem the most likely explanation as the file that calls this script behaves slightly oddly and doesn't have any paths set up (I think because it is one of the first things run when the system starts up).
Thanks for the help, do you know if there is a way to specify for a who file where the stderr output should be directed to in case anyone in future forgets to redirect it? If not I will just update the comment at the top of the script to inform them of the need to do so.
Yes, having a .profile or env file to run first is always a good idea, so it runs like interactive in cron or other non-interactive milieu. I used to test using "ssh localhost command args" to see how it runs without a tty or built env.
If fd 2 was closed, nobody can enjoy writing to stderr or fd 2 until it is replaced with an open fd.
Short overview of files, fd, FD, FILE*, stdin, stderr, stdout. Programs written in languages such as C wake up with already established symbols stdin, stdout, stderr: FILE*, which are inside the process with buffers, for stderr set to 0 buffer, using fd # 0, 1 and 2, respectively. A fd is just an integer offset to an array in the Kernel Process Area, of pointers to actual FD in the kernel resulting from open(), socket(), pipe(), accept(). Thus, the same FD can be under many fd # in many processes. All those processes may have FILE* buffers, so it is a danger of scrambled lines if they all write (to the internal buffer) and do not fflush() the FILE* buffer to the fd with every line (an available option). Similarly, shared input can get read into a buffer by command 1 and not be found by command 2 reading a shared fd. This is why the 'line' command was coded -- reads one line from fd and stops. Since stderr is for errors, it is not buffered, and not a good place for volume. Exit() gracefully closes all FILE*, flushing them before close(). Excess input read into buffers is discarded, since you cannot push data back into a FD, generally. (You can push 1 byte back into a FILE*, but this within one process!)
A process can even open a file and send the pointer to another process to install into that process FD* array, which some web servers do to distribute incoming TCP connections to an army of child web servers. The master just listens, accepts and sends the connection FD to a child over a local pipe or socket. Of course, you cannot send a FD off host, different kernel, so I am not sure how clusters deal with this!
In shell, the inheritance of fd is great, and the subshell is a great way to use it. All the commands in (...) inherit the same input, output and error FD unless they are piped or redirected. You can pipe and redirect the whole (...) once for all. You can concatenate the output of many commands. This is both robust and fast, since nothing is actually happening but the sharing of common FD. For instance, if you want to sort lines 2-N of a huge file, do not run all lines through any command, just do this:
Hi guys can i get banner equivalent command in linux.
I am using
Linux xcclx0619.target.com 2.6.18-308.11.1.el5xen #1 SMP Fri Jun 15 16:19:17 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux (1 Reply)
:wall:
Is there a way to prevent the banner from displaying from the remote host when using scp? I see from the man pages that the '-o' option passes args to ssh and I've tried several variations of:
scp -o "-q" file remotehost:
Anybody got this to work?
Thanks in Advance (3 Replies)
Hi,
I has the following command in the script. This command works fine if I execute on command prompt. If I run the script, this is not working as expected (deleting CR).
tr -d "\015" < ${FilePath}/${FileName} > ${FilePath}/${File_Prefix}.csv
I could not figure out whats... (6 Replies)
Hi,
I am logging in into an UNIX environment with my user id and password.
I want to display my name there , each time I login into the environment,
for which I can use the banner command.
Which file should I add the banner command to , so that I will get the desired result?
Regards,... (7 Replies)
Iam a MCA student having some doubts about
1) different disk related commands
2) Banner command
3) Different file related commands
4) set eb (where it is used) (1 Reply)
hello,
I am using banner command in my shell.I used :-
The problem is that the output is printed in 3 separate lines.I want to display it in a single line.If the size is not enough then at least 2 words should come in the same line. Can you tell me what is the option in banner that would help... (4 Replies)
hi,
When i execute banner command the output is being displayed as
banner:command not found
When ever i give yum install banner the output is
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Parsing package install arguments
Nothing to do
what... (8 Replies)
Hey all,
I want to use the banner/echo command to write messages on different console windows.
I knew that before, but I completely forget how to do it ! I just remenber that /dev/pts/# is the number of the window. and it's useful.
It would be great if someone knows how to solve my... (4 Replies)
08-02-2011
