How to Pass Multiple Commands to Remote Device via SSHPass [duplicate]
This question is an exact duplicate of:
How to Pipe Segment of Heredoc Output to Local File
1 answer
I'm trying to setup a method in which I can run remote tcpdumps on some of my devices, and save the file to my local machine for analysis (I don't want to save the file on the remote device and then pull it out as the remote device has very little space available).
I have setup an Ubuntu VM on my machine (bridged network) in which I've installed SSHPass and used it successfully to complete this troubleshooting task. I used a syntax as shown below from the terminal of my Ubuntu machine:
sshpass -p <password> ssh -c aes256-ctr <username>@<remote-ip> -p <remote-access-port> "tcpdump -i eth1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
Once I ran the above command, my session connected and started running a tcpdump on the remote device looking at it's DNS traffic. This captured directly to a file located on the desktop of my Ubunut VM which is exactly what I wanted.
One on of my other devices however, the main landing page from an SSH session is not the Linux shell of the device, but rather another debug shell. If I were to actually be doing the process on this other device via CLI, I would do the following:
ssh <username>@<remote-ip> -p <remote-access-port>
<password> (*at prompt for password after connection)
sh
tcpdump -i eth5.1 -s 0 -nnn -vvv port 53
As you can see from the above, I initiate a "sh" in order to be dropped into the appropriate linux shell of the device. With the above, I'm able to run my captures as needed, but the issue is that I'm not able to save the output of this in a .pcap file. In my attempts to get around this, I have tried the below in my attempts to get this working on this other device:
sshpass -p <password> ssh <username>@<remote-ip> -p <remote-access-port> "sh; tcpdump -i eth5.1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
I found on other questions on this forum that people were successful in passing multiple commands by using those command escapes such as ";". It almost seems to me like the first command is not even applying when setup in this manner. Even if I enter the following as a test to see if I've landed in the proper linux shell, it doesn't run the second command, and the prompt tells me that I'm still at the default landing page:
sshpass -p <password> ssh <username>@<remote-ip> - <remote-access-port> "sh; ifconfig"
remote tcpdump fifo sshpass
marked as duplicate by Jeff Schaller, Thomas, elbarna, Michael Homer, X Tian Feb 3 at 14:35
This question was marked as an exact duplicate of an existing question.
add a comment |
This question is an exact duplicate of:
How to Pipe Segment of Heredoc Output to Local File
1 answer
I'm trying to setup a method in which I can run remote tcpdumps on some of my devices, and save the file to my local machine for analysis (I don't want to save the file on the remote device and then pull it out as the remote device has very little space available).
I have setup an Ubuntu VM on my machine (bridged network) in which I've installed SSHPass and used it successfully to complete this troubleshooting task. I used a syntax as shown below from the terminal of my Ubuntu machine:
sshpass -p <password> ssh -c aes256-ctr <username>@<remote-ip> -p <remote-access-port> "tcpdump -i eth1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
Once I ran the above command, my session connected and started running a tcpdump on the remote device looking at it's DNS traffic. This captured directly to a file located on the desktop of my Ubunut VM which is exactly what I wanted.
One on of my other devices however, the main landing page from an SSH session is not the Linux shell of the device, but rather another debug shell. If I were to actually be doing the process on this other device via CLI, I would do the following:
ssh <username>@<remote-ip> -p <remote-access-port>
<password> (*at prompt for password after connection)
sh
tcpdump -i eth5.1 -s 0 -nnn -vvv port 53
As you can see from the above, I initiate a "sh" in order to be dropped into the appropriate linux shell of the device. With the above, I'm able to run my captures as needed, but the issue is that I'm not able to save the output of this in a .pcap file. In my attempts to get around this, I have tried the below in my attempts to get this working on this other device:
sshpass -p <password> ssh <username>@<remote-ip> -p <remote-access-port> "sh; tcpdump -i eth5.1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
I found on other questions on this forum that people were successful in passing multiple commands by using those command escapes such as ";". It almost seems to me like the first command is not even applying when setup in this manner. Even if I enter the following as a test to see if I've landed in the proper linux shell, it doesn't run the second command, and the prompt tells me that I'm still at the default landing page:
sshpass -p <password> ssh <username>@<remote-ip> - <remote-access-port> "sh; ifconfig"
remote tcpdump fifo sshpass
marked as duplicate by Jeff Schaller, Thomas, elbarna, Michael Homer, X Tian Feb 3 at 14:35
This question was marked as an exact duplicate of an existing question.
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18
add a comment |
This question is an exact duplicate of:
How to Pipe Segment of Heredoc Output to Local File
1 answer
I'm trying to setup a method in which I can run remote tcpdumps on some of my devices, and save the file to my local machine for analysis (I don't want to save the file on the remote device and then pull it out as the remote device has very little space available).
I have setup an Ubuntu VM on my machine (bridged network) in which I've installed SSHPass and used it successfully to complete this troubleshooting task. I used a syntax as shown below from the terminal of my Ubuntu machine:
sshpass -p <password> ssh -c aes256-ctr <username>@<remote-ip> -p <remote-access-port> "tcpdump -i eth1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
Once I ran the above command, my session connected and started running a tcpdump on the remote device looking at it's DNS traffic. This captured directly to a file located on the desktop of my Ubunut VM which is exactly what I wanted.
One on of my other devices however, the main landing page from an SSH session is not the Linux shell of the device, but rather another debug shell. If I were to actually be doing the process on this other device via CLI, I would do the following:
ssh <username>@<remote-ip> -p <remote-access-port>
<password> (*at prompt for password after connection)
sh
tcpdump -i eth5.1 -s 0 -nnn -vvv port 53
As you can see from the above, I initiate a "sh" in order to be dropped into the appropriate linux shell of the device. With the above, I'm able to run my captures as needed, but the issue is that I'm not able to save the output of this in a .pcap file. In my attempts to get around this, I have tried the below in my attempts to get this working on this other device:
sshpass -p <password> ssh <username>@<remote-ip> -p <remote-access-port> "sh; tcpdump -i eth5.1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
I found on other questions on this forum that people were successful in passing multiple commands by using those command escapes such as ";". It almost seems to me like the first command is not even applying when setup in this manner. Even if I enter the following as a test to see if I've landed in the proper linux shell, it doesn't run the second command, and the prompt tells me that I'm still at the default landing page:
sshpass -p <password> ssh <username>@<remote-ip> - <remote-access-port> "sh; ifconfig"
remote tcpdump fifo sshpass
This question is an exact duplicate of:
How to Pipe Segment of Heredoc Output to Local File
1 answer
I'm trying to setup a method in which I can run remote tcpdumps on some of my devices, and save the file to my local machine for analysis (I don't want to save the file on the remote device and then pull it out as the remote device has very little space available).
I have setup an Ubuntu VM on my machine (bridged network) in which I've installed SSHPass and used it successfully to complete this troubleshooting task. I used a syntax as shown below from the terminal of my Ubuntu machine:
sshpass -p <password> ssh -c aes256-ctr <username>@<remote-ip> -p <remote-access-port> "tcpdump -i eth1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
Once I ran the above command, my session connected and started running a tcpdump on the remote device looking at it's DNS traffic. This captured directly to a file located on the desktop of my Ubunut VM which is exactly what I wanted.
One on of my other devices however, the main landing page from an SSH session is not the Linux shell of the device, but rather another debug shell. If I were to actually be doing the process on this other device via CLI, I would do the following:
ssh <username>@<remote-ip> -p <remote-access-port>
<password> (*at prompt for password after connection)
sh
tcpdump -i eth5.1 -s 0 -nnn -vvv port 53
As you can see from the above, I initiate a "sh" in order to be dropped into the appropriate linux shell of the device. With the above, I'm able to run my captures as needed, but the issue is that I'm not able to save the output of this in a .pcap file. In my attempts to get around this, I have tried the below in my attempts to get this working on this other device:
sshpass -p <password> ssh <username>@<remote-ip> -p <remote-access-port> "sh; tcpdump -i eth5.1 -s 0 -nnn -vvv -w - port 53" > /home/drew/Desktop/DNS_Capture.pcap
I found on other questions on this forum that people were successful in passing multiple commands by using those command escapes such as ";". It almost seems to me like the first command is not even applying when setup in this manner. Even if I enter the following as a test to see if I've landed in the proper linux shell, it doesn't run the second command, and the prompt tells me that I'm still at the default landing page:
sshpass -p <password> ssh <username>@<remote-ip> - <remote-access-port> "sh; ifconfig"
This question is an exact duplicate of:
How to Pipe Segment of Heredoc Output to Local File
1 answer
remote tcpdump fifo sshpass
remote tcpdump fifo sshpass
edited Jan 31 at 6:03
Rui F Ribeiro
40.1k1479135
40.1k1479135
asked Jan 30 at 22:26
DrewDrew
84
84
marked as duplicate by Jeff Schaller, Thomas, elbarna, Michael Homer, X Tian Feb 3 at 14:35
This question was marked as an exact duplicate of an existing question.
marked as duplicate by Jeff Schaller, Thomas, elbarna, Michael Homer, X Tian Feb 3 at 14:35
This question was marked as an exact duplicate of an existing question.
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18
add a comment |
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18
add a comment |
1 Answer
1
active
oldest
votes
User @Jesse_b was correct in the post that they marked as Related:
Multiple commands in sshpass
I had previously looked over that post a few different times, but it turns out that I'm just terrible with my syntax in heredocs. I was able to use a heredoc in order to get both the sh
and tcpdump .....
commands to pass through in one sshpass
.
I apologize as I couldn't find a way to just mark that "Related:..." as the answer to this. If that's possible, I would love to be educated to make sure I'm not making a mess of these posts.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
User @Jesse_b was correct in the post that they marked as Related:
Multiple commands in sshpass
I had previously looked over that post a few different times, but it turns out that I'm just terrible with my syntax in heredocs. I was able to use a heredoc in order to get both the sh
and tcpdump .....
commands to pass through in one sshpass
.
I apologize as I couldn't find a way to just mark that "Related:..." as the answer to this. If that's possible, I would love to be educated to make sure I'm not making a mess of these posts.
add a comment |
User @Jesse_b was correct in the post that they marked as Related:
Multiple commands in sshpass
I had previously looked over that post a few different times, but it turns out that I'm just terrible with my syntax in heredocs. I was able to use a heredoc in order to get both the sh
and tcpdump .....
commands to pass through in one sshpass
.
I apologize as I couldn't find a way to just mark that "Related:..." as the answer to this. If that's possible, I would love to be educated to make sure I'm not making a mess of these posts.
add a comment |
User @Jesse_b was correct in the post that they marked as Related:
Multiple commands in sshpass
I had previously looked over that post a few different times, but it turns out that I'm just terrible with my syntax in heredocs. I was able to use a heredoc in order to get both the sh
and tcpdump .....
commands to pass through in one sshpass
.
I apologize as I couldn't find a way to just mark that "Related:..." as the answer to this. If that's possible, I would love to be educated to make sure I'm not making a mess of these posts.
User @Jesse_b was correct in the post that they marked as Related:
Multiple commands in sshpass
I had previously looked over that post a few different times, but it turns out that I'm just terrible with my syntax in heredocs. I was able to use a heredoc in order to get both the sh
and tcpdump .....
commands to pass through in one sshpass
.
I apologize as I couldn't find a way to just mark that "Related:..." as the answer to this. If that's possible, I would love to be educated to make sure I'm not making a mess of these posts.
answered Feb 3 at 4:15
DrewDrew
84
84
add a comment |
add a comment |
Related: unix.stackexchange.com/q/459923/237982
– Jesse_b
Jan 30 at 22:40
Yeah, I had read that related article a couple of times. I have never much worked with EOF so I just had to do some study around it. I was finally able to get at least a remote tcpdump running via the below syntax: sshpass -p <password> ssh -oKexAlgorithms=+<algorithm> -T <username>@<remote-ip> -p <remote-port> << EOF sh tcpdump -i eth5.1 -s 0 -nnn EOF This did end up getting a tcpdump going on the remote device (although the output looked a tad strange to me). Now I just need to figure out how to pipe this output to a file on my local machine.
– Drew
Feb 1 at 14:49
I was able to get this to output to a file on my local machine now, but it keeps the "> sh" line in the file, so I can't open and view the .pcap file until I manually remove this from the saved file: drew@Drew-Ubuntu:~$ sshpass -p <password> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -T <username>@<remote-ip> -p <remote-port> << EOF > /home/drew/Desktop/Example_Capture.pcap > sh > tcpdump -i eth5.1 -s 0 -nnn -vvv -w - > EOF tcpdump: listening on eth5.1, link-type EN10MB (Ethernet), capture size 65535 bytes ^Ct 2258 drew@Drew-Ubuntu:~$
– Drew
Feb 1 at 15:18