Shell Programming and Scripting

Hi guys,

I will need some help with a to automate a challenge/response sequence when I try to SCP files from a server to another.

The scenario is like this :

After selecting in a script the option to send files via scp (case switch):

I get this output from linux term:

The authenticity of host 'healthcares8300 (10.100.255.3)' can't be established.
RSA key fingerprint is 10:2b:c9:4c:15:19:3c:cc:52:06:87:7d:4c:b6:0a:0f.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/var/home/defty/.ssh/known_hosts).

This system is restricted solely to authorized users for legitimate business
purposes only. The actual or attempted unauthorized access, use or modifications
of this system is strictly prohibited. Unauthorized users are subject to
company disciplinary procedures and or criminal and civil penalties under state,
federal or other applicable domestic and foreign laws.

The use of this system may be monitored and recorded for administrative and
security reasons. Anyone accessing this system expressly consents to such
monitoring and recording, and is advised that if it reveals possible evidence
of criminal activity, the evidence of such activity may be provided to law
enforcement officials.

All users must comply with all corporate instructions regarding the protection
of information assets.
Challenge: 000-4005 Product ID: 7000175677

Response:

The output of this response should be
~asg init 000-4005 7000175677
if this doesn´t work the script should send
~asg init 000-4005 7000175677 -K1 then if it doesnt work.
~asg init 000-4005 7000175677 -K2 then if it doesnt work.
~asg init 000-4005 7000175677 -K3 ....

Bare in mind the init is the login i am using to login to the server and this function would be part of another script that i will have to integrate.

ANY idea on how to do this?

Thanks for your support,

Fran

Put the hosts you know in your .known_hosts so it won't ask that again.

Hi corona,
Adding that will resolve the authenticity problem, but i still need my script automatically resolve the challenge/response.

when i do the SCP the linux shell keeps waiting till i resolve the challenge and like i told before the formt should be like this:

~asg init <challengue> <productid> -K1-3

Is there a way to that script could read from terminal and paste like this

Response ~asg init <challengue> <productid> -K1-3

to get response solve and continue the SCP transfer?

thanks for your suggestion

Rex

Hi Rex,

so to simplify, how do you differentiate the different responses? what do you consider as a success? is it the success of scp-ing?

From what i understand you are trying to intercept scp process in the middle between authenticating RSA keys and transfering the file. IMO, it will be easier do authenticate first, cross-reference to your challenge-response/product mapping, if all is well, then do the scp.

Hi tarj,

I will clarify the process so you can unsderstand what i am trying to automate.

When i do a SCP to transfer files from one server to another i get from linux term this:

The authenticity of host 'healthcares8300 (10.100.255.3)' can't be established.
RSA key fingerprint is 10:2b:c9:4c:15:19:3c:cc:52:06:87:7d:4c:b6:0a:0f.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/var/home/defty/.ssh/known_hosts).

This system is restricted solely to authorized users for legitimate business
purposes only. The actual or attempted unauthorized access, use or modifications
of this system is strictly prohibited. Unauthorized users are subject to
company disciplinary procedures and or criminal and civil penalties under state,
federal or other applicable domestic and foreign laws.

The use of this system may be monitored and recorded for administrative and
security reasons. Anyone accessing this system expressly consents to such
monitoring and recording, and is advised that if it reveals possible evidence
of criminal activity, the evidence of such activity may be provided to law
enforcement officials.

All users must comply with all corporate instructions regarding the protection
of information assets.
Challenge: 000-4005 Product ID: 7000175677

Response:

Here is what i am doing now is typing the "Response" MANUALLY VIA KEYBOARDS that has this format.
~asg init 000-4005 7000175677

when i enter this (~asg init 000-4005 7000175677) my server connects to EXTERNAL server that calculates the Response for me and then SCP start transferring the files.

MY GOAL is to make to a script that automatically paste for example in this case ~asg init 000-4005 7000175677 ((the generic format is (~asg init <challenge> <response>) instead of do it MANUALLY VIA THE KEYBOARD.

ALSO bare in mind that if i start another SCP transfer the challengue will change form the last one but not the product ID(is the same for a particular server).

Thans for reading & helping and let me know if you have any more doubt

Rex