Community discussions

MikroTik App
 
Viktor
just joined
Topic Author
Posts: 2
Joined: Thu Apr 28, 2011 1:37 pm

5.x ssh bug

Fri Apr 29, 2011 7:32 am

Hello.

Problem with SSH on ROS 5.0rc6, 5.0rc11, 5.1, 5.2.

I have a 2350 simple queues on my ROS Installed on x86 PC (4xCPU Intel 2.6GHz, 2GB RAM, Intel Server Board).
In my other computer I'm typing:
# ssh user@192.168.0.9 queue simple print
Printed about 2100 queues and aborted with the message: Failed to write: Broken pipe.

Please help me.
 
Viktor
just joined
Topic Author
Posts: 2
Joined: Thu Apr 28, 2011 1:37 pm

Re: 5.x ssh bug

Tue May 03, 2011 7:34 am

Help, please. I do not know how to fix it.
 
joanllopart
just joined
Posts: 10
Joined: Fri May 06, 2011 8:03 pm

Re: 5.x ssh bug

Fri May 06, 2011 9:26 pm

We are having issues with ssh too with 5.x.

We've got 100 Mikrotiks aprox in our network. We have some scritps running in linux servers that perform regular backups and maintenance tasks to Mikrotiks through ssh. Everything worked flawlessly till we upgraded some devices to 5.x(5.0 and 5.2).

It's a weird issue, if I execute from a linux terminal something like:

ssh -i id_dsa admin@10.1.2.3 "/export" > backup1.bak
ssh -i id_dsa admin@10.1.2.3 "/tools user-mana sess print where active" > act_sess.txt

it works, but when commands like this are in a script launched from cron, it doesn't works. No error displayed anywhere. Mikrotik's device log shows the connection/disconnection. If you perform any action, Eg: "/inter ether1 disable", it is executed.

Problem only appears to me when you issue some comand to Mikrotik device through a ssh scheduled in cron. The command is executed but it's stdout isn't recieved. I know, it's weird

It only occurs with 5.x. We've got those scripts runing for more than one year without any issue.
 
fewi
Forum Guru
Forum Guru
Posts: 7734
Joined: Tue Aug 11, 2009 3:19 am

Re: 5.x ssh bug

Fri May 13, 2011 7:06 pm

We are having issues with ssh too with 5.x.

We've got 100 Mikrotiks aprox in our network. We have some scritps running in linux servers that perform regular backups and maintenance tasks to Mikrotiks through ssh. Everything worked flawlessly till we upgraded some devices to 5.x(5.0 and 5.2).

It's a weird issue, if I execute from a linux terminal something like:

ssh -i id_dsa admin@10.1.2.3 "/export" > backup1.bak
ssh -i id_dsa admin@10.1.2.3 "/tools user-mana sess print where active" > act_sess.txt

it works, but when commands like this are in a script launched from cron, it doesn't works. No error displayed anywhere. Mikrotik's device log shows the connection/disconnection. If you perform any action, Eg: "/inter ether1 disable", it is executed.

Problem only appears to me when you issue some comand to Mikrotik device through a ssh scheduled in cron. The command is executed but it's stdout isn't recieved. I know, it's weird

It only occurs with 5.x. We've got those scripts runing for more than one year without any issue.
Works for me on 5.2:
sh-3.2# ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp"
# may/13/2011 08:59:01 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2# ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp" > output.txt
sh-3.2# more output.txt
# may/13/2011 08:59:07 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2#
sh-3.2# crontab -e
crontab: installing new crontab
sh-3.2# crontab -l | grep ssh
5 9 * * * ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp" > /tmp/output_cron.txt
sh-3.2# date
Fri May 13 09:00:14 PDT 2011
sh-3.2#
sh-3.2# date
Fri May 13 09:05:14 PDT 2011
sh-3.2# more output_cron.txt
# may/13/2011 09:05:11 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2#
Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.
 
exa
newbie
Posts: 37
Joined: Sat Jul 04, 2009 2:07 pm

Re: 5.x ssh bug

Fri May 20, 2011 11:33 am

Does not work for me, even with 5.2.

Observation: RouterOS is closing the SSH connection some time before it actually ends sending data. Happens only in "Single command" ssh mode, not with actual PTY allocated.

What actually happens:
ssh user@mik.ro.tik.ip '/export' |wc -c
gives around 12k less bytes it should return, also wields an error:
Write failed: Broken pipe
The export text is terminated randomly, usually in the middle of the line.

Please note that this breaks any serious mikrotik interoperability with other systems. I can provide any debugging output that would help the problem get fixed.

This is _not_ client SSH issue (I tried openssh 5.6 to 5.8_p2, paramiko, libssh and twisted-ssh, everytime the same error).

EDIT: I'm suspecting this is purely a SMP issue.
EDIT2: confirmed, it seems like non-x86 non-SMP boxes don't suffer from this.
 
itesco
just joined
Posts: 5
Joined: Tue Aug 30, 2011 3:35 pm

Re: 5.x ssh bug

Thu Oct 06, 2011 1:16 pm

We are having issues with ssh too with 5.x.

We've got 100 Mikrotiks aprox in our network. We have some scritps running in linux servers that perform regular backups and maintenance tasks to Mikrotiks through ssh. Everything worked flawlessly till we upgraded some devices to 5.x(5.0 and 5.2).

It's a weird issue, if I execute from a linux terminal something like:

ssh -i id_dsa admin@10.1.2.3 "/export" > backup1.bak
ssh -i id_dsa admin@10.1.2.3 "/tools user-mana sess print where active" > act_sess.txt

it works, but when commands like this are in a script launched from cron, it doesn't works. No error displayed anywhere. Mikrotik's device log shows the connection/disconnection. If you perform any action, Eg: "/inter ether1 disable", it is executed.

Problem only appears to me when you issue some comand to Mikrotik device through a ssh scheduled in cron. The command is executed but it's stdout isn't recieved. I know, it's weird

It only occurs with 5.x. We've got those scripts runing for more than one year without any issue.
Works for me on 5.2:
sh-3.2# ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp"
# may/13/2011 08:59:01 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2# ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp" > output.txt
sh-3.2# more output.txt
# may/13/2011 08:59:07 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2#
sh-3.2# crontab -e
crontab: installing new crontab
sh-3.2# crontab -l | grep ssh
5 9 * * * ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp" > /tmp/output_cron.txt
sh-3.2# date
Fri May 13 09:00:14 PDT 2011
sh-3.2#
sh-3.2# date
Fri May 13 09:05:14 PDT 2011
sh-3.2# more output_cron.txt
# may/13/2011 09:05:11 by RouterOS 5.2
# software id = WTPH-Z5E2
#
sh-3.2#
hello fewi.

Could you please try perform "/inter disable ether1 ; /inter enable ether1 " in your script. Perhaps I have same issue at http://forum.mikrotik.com/viewtopic.php ... ble+ether1. When i try disable ether1 all other interface works fine, but when i enable it again all running interfaces temporarily going to down. Looks like problems with ssh is related to it. And it happening if try disable/enable only ether1.

Thanks!
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 5.x ssh bug

Fri Oct 07, 2011 2:40 pm

different ssh problems has been fixed since these versions and 5.7 should be tried to see if problem persist.

also, if disabling/enabling interface through different interface yields same result, that that is not a ssh problem.
 
SerjLV
just joined
Posts: 1
Joined: Tue Oct 18, 2011 2:38 pm

Re: 5.x ssh bug

Tue Oct 18, 2011 2:52 pm

May be a problem in the unset variable TERM.
Try to run as follows:
5 9 * * * TERM=vt100 ssh -i ~/.ssh/scripts_ro_id_dsa scripts_ro@66.78.251.41 "/ip fire man exp" > /tmp/output_cron.txt

Who is online

Users browsing this forum: boyko, nithinkumar2000 and 83 guests