1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Calling Unix scripts from DOS script

Discussion in 'Windows XP' started by jreswick, Dec 12, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi:
    Hope this is the right forum...
    We are calling our maintenance jobs on our Windows servers with Control-M. We now need to expand that to include our Unix boxes. Does anyone know of any utilities that can facilitate the calling of Unix scripts from a Windows (DOS) script? I was looking at Samba, but that seems to be for file sharing. Any ideas would be appreciated.
    Thanks, Jim.
     
  2. Sponsor

  3. Dan O

    Dan O

    Joined:
    Feb 13, 1999
    Messages:
    8,974
  4. jiml8

    jiml8 Guest

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    Install cygwin on the windows boxes. This will give you the bash shell and any unix commands you need.

    www.cygwin.com

    You can invoke a bash shell and unix script from cmd like this:

    start c:\cygwin\bin\bash.exe -l myscript

    By the way. I have done a lot of this, and I consult. ;)

    Actually I am writing this message sitting in the family room using a WinXP wireless laptop with cygwin installed, and I am using cygwin ssh to establish HTTP port forwarding to a Linux workstation that is upstairs, where there is an HTTP proxy server running. My browsing is therefore going through the Linux box, and my wireless connection is ssh-encrypted, thus securing me against anyone who might be tapping the data stream.
     
  5. Squashman

    Squashman Trusted Advisor

    Joined:
    Apr 4, 2003
    Messages:
    19,781
    I love the way you think. Have you ever looked into using iPig as well.
    http://www.iopus.com/ipig/

    I have also setup a CosmoPod account.
    http://www.cosmopod.com/
     
  6. jiml8

    jiml8 Guest

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    Pretty cool. But since my Linux box runs sshd, I can do what ipig does from wherever I happen to be. And, of course, I do. The only problem I have (it is a significant irritant, actually) is that Mozilla mail (which I use on my laptop) won't work when I am tunneling Mozilla. I have to stop tunneling Mozilla, then I can tunnel Mozilla Mail successfully.

    I do see that I could get their server and install it, though. Something to think about.

    This concept I do not like. But then, SSH tunneling VNC works perfectly well. In fact, just forwarding X Windows works perfectly well - even on Windows boxes.

    SSH is very cool.
     
  7. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi All:

    Thank you all very much for your responses. For my being neither a Windows nor a Unix guru, I have been making some progress thanks to the help from you folks and from a friend. I have gotten SSH to work from a command prompt session in Windows 2000 Server to one of our Unix Solaris boxes, and am able to login and call a script from a SSH session.

    However, the purpose of my efforts is to be able to call Unix scripts on the Solaris box from Windows with automated login. As mentioned, a friend has been helping me some, but I've finally gotten to the point where I'm totally stuck. I think that I've created the proper keys and have things set up properly, but when I call ssh from my DOS script, it seems to login but then closes the session.

    I think that my biggest problem is that I don't really understand what I'm doing, and any help would be appreciated. Below are the steps that I have taken to get where I am, as provided by my friend:


    Ok -- now the trick is to configure ssh to do a public key exchange.

    On the cygwin side -- run the following

    1. ssh-keygen -t dsa

    Take the defaults when it prompt to write to your .ssh directory etc.
    Provide a passphrase ( or not, I just hit enter )

    2. Go into the .ssh directory in your home directory and look for the file id_dsa.pub

    3. cat id_dsa.pub -- copy the contents of the file to your clipboard.

    4. ssh sacsun27

    5. Go into ~/.ssh ( if its not there, run the ssh-keygen just like you did in step 1 )

    6. In the .ssh directory, create a file called authorized_keys

    7. Paste the contents of the id_dsa.pub file from step 2

    8. Save the file

    9. chmod 755 ~/.ssh

    10. chmod 644 ~/.ssh/*

    11. exit sacsun27

    12. now try to ssh sacsun27 -- it should not ask for a password

    13. If that still doesn't work do a ssh -2 -v sacsun27 and send me the output...."



    The first thing that threw me was that I couldn't find the .ssh directory. Seems that cygwin put my home directory up on a Windows server that is used as a "user" home file space (that replaced Novel file space for users). Maybe it picked it up off of the environment variable HOMEDRIVE=P: that is set by script on login. The first step is as shown below:

    [email protected] ~
    $ ssh-keygen -t dsa
    Generating public/private dsa key pair.
    Enter file in which to save the key (/cygdrive/p/.ssh/id_dsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /cygdrive/p/.ssh/id_dsa.
    Your public key has been saved in /cygdrive/p/.ssh/id_dsa.pub.
    The key fingerprint is:
    d4:e3:f5:31:83:bc:52:18:97:6e:22:71:83:7d:d3:ba [email protected]

    [email protected] ~
    $

    On the fifth step I ssh'ed into sacsun27 as sybase. The .ssh directory did not exist in the $SYBASE directory, so I went to run the utility again but got the following errors:

    sacsun27:/opt/sybase/12.0.0>cd ~/.ssh
    ksh: /opt/sybase/12.0.0/.ssh: not found
    sacsun27:/opt/sybase/12.0.0>ssh-keygen -t dsa
    ksh: ssh-keygen: not found
    sacsun27:/opt/sybase/12.0.0>

    I did find the utility in '/usr/local/bin' and complete setting up the keys, but when I try to run it, it doesn't ask for a password, but it closes the connection directly.

    [email protected] ~
    $ ssh sacsun27 -l sybase

    [Returned my emplyer's opening legal statement indicating successful login]

    Connection closed by 10.64.91.11

    [email protected] ~
    $

    I then ran the command that my friend requested, and it asked me for a password that didn't work. I also tried calling it from a batch file to call my test script on scasun27 but it didn't work.

    [email protected] ~
    $ ssh -2 -v sacsun27
    OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Connecting to sacsun27 [10.64.91.11] port 22.
    debug1: Connection established.
    debug1: identity file /cygdrive/p/.ssh/id_rsa type -1
    debug1: identity file /cygdrive/p/.ssh/id_dsa type 2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_3.7.1p1_USF
    _pBSM_pCHROOT_pPWEXP
    debug1: match: OpenSSH_3.7.1p1_USF_pBSM_pCHROOT_pPWEXP pat OpenSSH_3.*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'sacsun27' is known and matches the RSA host key.
    debug1: Found key in /cygdrive/p/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received

    [Returned my employer's legal opening statement indicating successfull login]

    debug1: Authentications that can continue: publickey,password,keyboard-interacti
    ve
    debug1: Next authentication method: publickey
    debug1: Trying private key: /cygdrive/p/.ssh/id_rsa
    debug1: Offering public key: /cygdrive/p/.ssh/id_dsa
    debug1: Authentications that can continue: publickey,password,keyboard-interacti
    ve
    debug1: Next authentication method: keyboard-interactive
    Password:
    debug1: Authentications that can continue: publickey,password,keyboard-interacti
    ve
    Password:
    Connection closed by 10.64.91.11

    [email protected] ~
    $


    If anybody can help me get this going, I would be extremely grateful...

    Thanks,

    Jim
     
  8. jiml8

    jiml8 Guest

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    I will bet you went wrong here:

    Editors frequently will add a character or two to the file, commonly a newline at the end.

    Instead try this (from rcosvr0712, expecting to provide an appropriate password):

    scp ~/.ssh/id_dsa.pub sacsun27:.ssh/authorized_keys

    You will be prompted for a password for user JReswic on sacsun27; it is up to you to make sure that user exists and has appropriate permissions. If you can't send the key straight to the necessary location, then send it where your permissions let you, and log into the server as root, then mv it or cat it to the final location. Don't edit it.
     
  9. jiml8

    jiml8 Guest

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    By the way, it would be nice for you to check back and let us know how it turns out.
     
  10. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi:

    Thanks for taking the time to help me out.

    On the Unix box, I have an account for our group.
    On the Windows box, I am obliged to use my Windows domain account which is different.
    Must the two accounts on the two machines be the same?

    Thanks,

    Jim

    Also, I have used the -l parameter for a different login, but the same thing still happens...a disconnect. I'm going to try to follow your instructions only with the -l parameter.
     
  11. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi jiml8:

    The account on the Unix box sacsun27 is 'sybase'. I couldn't get the -l parameter to work, so I created a local 'sybase' account on RCOSVR0712 with administrator rights and proceeded to follow your directions. I just hit <Enter> for the passphrase. Was this the point at which I should have entered the sacsun27 account password? This was the only opportunity to enter a password, but my friends instructionsas posted previously suggest just hitting <Enter>. The result:

    Your group is currently "mkpasswd". This indicates that
    the /etc/passwd (and possibly /etc/group) files should be rebuilt.
    See the man pages for mkpasswd and mkgroup then, for example, run
    mkpasswd -l [-d] > /etc/passwd
    mkgroup -l [-d] > /etc/group
    Note that the -d switch is necessary for domain users.

    [email protected] ~
    $ ssh-keygen -t dsa
    Generating public/private dsa key pair.
    Enter file in which to save the key (/cygdrive/c/Documents and Settings/sybase/.
    ssh/id_dsa):
    Created directory '/cygdrive/c/Documents and Settings/sybase/.ssh'.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /cygdrive/c/Documents and Settings/sybase/
    .ssh/id_dsa.
    Your public key has been saved in /cygdrive/c/Documents and Settings/sybase/.ssh
    /id_dsa.pub.
    The key fingerprint is:
    2c:58:07:f4:65:6f:87:62:46:1b:35:52:71:0b:36:ca [email protected]

    [email protected] ~
    $ scp ~/.ssh/id_dsa.pub sacsun27:.ssh/authorized_keys
    The authenticity of host 'sacsun27 (10.64.91.11)' can't be established.
    RSA key fingerprint is 15:c2:a6:92:2b:e0:a5:e2:1c:c8:b5:ee:33:ac:5f:38.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'sacsun27,10.64.91.11' (RSA) to the list of known hos
    ts.

    [Employer's legal notice presented]

    Connection closed by 10.64.91.11
    lost connection

    [email protected] ~
    $


    I tried to connect:


    [email protected] ~
    $ ssh sacsun27

    [Employer's legal notice presented]

    Connection closed by 10.64.91.11

    [email protected] ~
    $


    Any ideas would be appreciated...

    Thanks,

    Jim
     
  12. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi jiml8:

    I may have not have successfully migrated the key. I'll investigate further.

    Jim
     
  13. jiml8

    jiml8 Guest

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    Has to be a key problem. When you did the scp you got an attempt to connect via the key rather than being prompted for a password. Hence it seems to me that your key problem is preventing you from solving your key problem.

    You need to establish the connection using a password login. Maybe to a different account; kill the keys and start over.
     
  14. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi Jiml8:

    Thanks for your reply. I'm back on this again. I'll keep you posted when I make progress.

    Jim
     
  15. jreswick

    jreswick Thread Starter

    Joined:
    Dec 12, 2005
    Messages:
    11
    Hi Jiml8:

    We got it working! We got the key over by scp and went through a bunch of other stuff and we're good. Thanks for your help!

    Another issue:

    I need to pass a return code back to the DOS script (ultimately to Control-M calling the script). I get the return code to Cygwin no problem, but am having difficulties passing back to the DOS script. I may be resigned to having a dummy file act as a flag, and then test for it in the DOS script. Any ideas?

    Also, Cygwin has been installed on a clustered machine. Cygwin is on an EMC common drive, but the two clustered boxes have internal drives for the OS. My knowledge of Windows clustering is limited, and was wondering if you had any thoughts about issues that we may encounter?

    Thanks again for all of your help,
    Jim
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/424616