linux expect script with SSH not working

Hello all,

I’m writing a script with Expect that will run in a Linux machine, and the goal will be login to a Mikrotik and then print a PPP active connection matching the MAC address I give.
This is what I have:
#!/usr/bin/expect

set user “admin”
set password “admin”
set timeout 10

spawn ssh “$user@192.168.140.4” -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
expect "password: ";
send “$password\r”;
expect “>”;
send “ppp active print where caller-id=XX:XX:XX:XX:XX:XX”;
expect “>”;
send “quit\r”;
expect “closed.”;
interact
And the answer after I run the script:
spawn ssh admin@192.168.140.4 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
Warning: Permanently added ‘192.168.140.4’ (RSA) to the list of known hosts.
xeic@192.168.140.4’s password:


MMM MMM KKK TTTTTTTTTTT KKK
MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK

MikroTik RouterOS 6.40.8 (c) 1999-2018 http://www.mikrotik.com/

[?] Gives the list of available commands
command [?] Gives help on the command and list of arguments

[Tab] Completes the command/word. If the input is ambiguous,
a second [Tab] gives possible options

/ Move up to base level
.. Move up one level
/command Use command at the base level
[admin@CCR1072] > quit
interrupted
Connection to 192.168.140.4 closed.So it actually logins, but once inside it doesn’t send the command. Any idea what I’m doing wrong?
Thank you

You may use sshpass to do the interactive login (as opposed to ssh key or api commands).

user@ubuntu:~$ sshpass -p pass ssh -o StrictHostKeyChecking=no user@192.168.88.1 "ppp active print where called-id=XX:XX:XX:XX:XX:XX"
Flags: R - radius
 #   NAME         SERVICE CALLER-ID         ADDRESS         UPTIME   ENCODING

Using expect is clunky at best. Been there done that.

Using sshpass is an appropriate way to use expect with SSH. Again clunky, because the process is interactive and requires a human user to provide the password. Embedding passwords directly in scripts tends to cause sysadmins to suck through their teeth and is not considered a healthy security exercise.

Using SSH key pairs is much more seamless for non-interactive scripting.

The way your script is written is to use SSH to log into the device rather than execute a command. Generally for SSH the method used is like this:

ssh admin@xx.xx.xx.xx “command sequence”

Often the command sequence is enclosed in quotation marks so the shell interpreter sees the entire string as one command.

nescafe2002 has shared how that would look for your specific use case.

It’s working perfectly. Thank you so much to both of you

In my project to monitor MT devices I did use SSH to collect information from the MT.

To get information I did use.

• Syslog
• SNMP
• SSH
  But this is complicated if you have more than one device.

So I did change everything around.
Now a script on the MT do send all information I need using Syslog to a dedicated Syslog server.

Se more information here:
http://forum.mikrotik.com/t/tool-using-splunk-to-analyse-mikrotik-logs-3-3-graphing-everything/121810/1

This could easily be adopted to monitor PPP session.

Anyway, this may be wrong

send "ppp active print where caller-id=XX:XX:XX:XX:XX:XX";

I think is should be

send "/ppp active print where caller-id=XX:XX:XX:XX:XX:XX";

PS when a user logs inn to a L2TP or PPTP session MT sends out lots of logging about that to syslog.
So if that is what you like to see, no need to grab ppp active print
It looks like this in syslog:

l2tp,ppp,info,account MikroTik: userxxx-mobil logged in, 10.2.0.3
l2tp,info MikroTik: first L2TP UDP packet received from 77.xx.xx.170