Idea - Create SSH Session Nodes with collecting Command Output during the session [Start | End] like [TCL/Expect]

Im trying to find the best way to help create a SSH node scenario and when inside the pseudo-terminal to then act as After the command executes capture that response from output and Wait until you expect a $ or prompt for that type of device.

Start SSHlogin ------- [ expect $]---[ run CMD1]---[view results] exit ssh etc ----- [END SSH]

I simulated a super basic flow Idea. NOTE (this shows as http-in and http-out but this is SSH Start and SSH-Finish as a mockup (not including Wait for or Expect {chars})

Screen Shot 2020-11-01 at 6.48.12 PM1978×432 74.8 KB

Scenario could be going into a linux device run 2-3 commands Based on the output of cmd2 do Different testing or more . restart services etc etc.

I thought a Cool idea stemming from @BartButenaers awesome xTerm app [node-red-contrib-xterm]

my thought is Maybe simulate the ssh-start-end but also usinng xterm to view it execute live on the right side while Testing....

So it can test and perform on screen so while building this flow then when complete or) then it is safe to run but during flow build time we can take session over and maybe properly exit device if stuck so no Stuck SSH sessions.

Hi @sudoritz,
I'm not an SSH expert, so I will need to have some extra info to be able to understand it correctly.

1. Do I understand it corectly that you want to use Node-RED as an SSH server, and you want to connect to it from an SSH client?
2. (If 1 is correct) Can you simple connect via SSH to the http-in node? Because SSH is TCP based?
3. I don't see my xterm node in your flow. Where should it be located?
4. Do you want to use my xterm node to see the commands visually that are being executed? Or do uou want to halt them until approval? Or ...
5. Whag do you mean with "simulate the ssh-start-end but also usinng xterm to view it execute live on the right side while Testing...."?
6. What does the "flow build time" mean?

Would be nice if you could add me some dummy-proof answers, because I think you have lots of experience in this domain.
Bart

1. Do I understand it corectly that you want to use Node-RED as an SSH server, and you want to connect to it from an SSH client?

My idea is use node-red SSH node to different hosts and run commands --- ssh admin@10.10.10.10 [logged in] run cmd {df -h} Gather that output {service show mysqld} gather.... then exit ssh session. (mid-session we could change depending output of cmd)

2. (If 1 is correct) Can you simple connect via SSH to the http-in node? Because SSH is TCP based?

No sorry i was Just using the http-in node as a Reference to build out SSH-START and SSH-Compete (i never built a node so im trying to figure out how i could) but SSH start node will have Left And Right side connects. and SSH complete will only have Left side thus need a ssh_start node. (the flow wont work without a start and an end.

3. I don't see my xterm node in your flow. Where should it be located?

xterm would be used on the right side to help build the ssh automation setup. View it live when passing. (its not needed but would help inject and test before a working ssh automation.) im just not sure how STDIN from each command output would get gathered in the msg.payload from the latest command and How can we add Expect the bottom line to show $ or _ or > on the line or last character.

4. Do you want to use my xterm node to see the commands visually that are being executed? Or do uou want to halt them until approval? Or ...

Possible 2 fold (IF its faiing we can jump into the [stuck] session persay and proper exit that session)

5. Whag do you mean with "simulate the ssh-start-end but also usinng xterm to view it execute live on the right side while Testing...." ?

this could be Separate but this could help withh when building this out (say API call or Inject button is pressed) xterm (terminal window) could show it logging in a device doing commands and then exiting device. Where the Node-red ssh start has both left/right coulld show it moving through the nodes (if status shows)

6. What does the "flow build time" mean?

While we are building out the flow and making sure it would work without manual input. use xterm as a way to see that session move through its Flow of steps.

the app doesnt have to use xterm (but i thought it could be a really helpful view while building each command/step through (mabye we can program start injects at different areas in case to troubleshoot.)

SSH device examples.

ssh admin@10.0.0.1

{show interface ge1/2}
{show bgp sum}
{show  ip route  10.11.11.3}
{exit}

ssh session exit

Scenario 2

[Function node extract results]

ssh root@10.0.5.2

{service mysqld status} 
{service mysqld restart}
{service mysqld status}
{df -h}
{free}
{exit}

Scenario 3

from API payload we can get an additional alarm issue and gather issue but PASS parameters to commands like show sub sesion ip {msg.payload.cmd}

ssh admin@10.10.10.10
{show sub sess ip 10.22.22.11 }
[stay in ssh session gather input and make different command based on First command result)
{clear sub session id 10.22.11}
OR
{exit}

So while working in developing / building out use xTerm to visually see the commands pass.

Screen Shot 2020-11-02 at 12.42.20 PM2588×912 396 KB

From picture (start ssh) run command it Visualy show as its runnning on the right side using xTerm.

If command takes 5 seconds to run. Maybe the command[function like] has a post-process Wait for matching character or message on last line but also capture. this could save 2 nodes to 1 node like command node like Value to send {param1} {param2} but then post process then can store into msg.payload.cmdxx.result and take tht postProcess result and d wait for # character to therefore go and run cmd 2 OR even through a switch IF output cmd 1 = good then proceed this way OR IF output = bad then do additional .

im thinking to use xterm as a automation helper but maybe dont need it for SSH nodes to work.

I Found a few nodes but most of them send setup a ssh connection Send a command and close the session right away.

You can use BASH Here syntax to run multiple commands over SSH, something like:

ssh me@myserver1.example.com << EOF
 date
 hostname
 cat /etc/resolv.conf
EOF

Alternatively, you can pipe a BASH script to be run on the remote end:

$ cat remote-commands.bash | ssh me@myserver1.example.com

Not quite what you might be after but certainly a way to run more complex things remotely.

I agree though that some nodes to open and close an SSH session and a node to send commands and receive output would be a really nice thing to have & would let you control things via Node-RED rather than a BASH script.

There would seem to be some potential modules on npmjs that might form the basis for something useful?

And some potentially useful info here:

Ya we could definitely do that and use expect / TCL for ssh and run a exec/ expect scripts we could just
execute/run.

Im thinking for the community. how awesome to be able control at a per command flow and build flow and use the power of node-red for its awesomeness while in the SSH session and to make decisions based on command output.

Hey @sudoritz,

Although I find your idea intriging, I don't think it is possible.
Will try to explain how the xterm (node) works.

Suppose two users are running a flow editor session, to interact with a Node-RED server:

image698×532 108 KB

1. User 1 enters a character (to enter a command), which will be send via an ajax call to the Node-RED server.
2. That character will be send to the (linux/windows/...) process which is reserved for that flow editor session (by the xterm node).
3. That character will be send back to the xterm node.
4. That character will be send (via websocket channel) back to the flow editor, where you will see it appear. Some notes:
   • So the character has done an entire roundtrip to the OS process and back to the browser, before you see it appear!!
   • As soon as an entire command has been entered, the process will also send the output (i.e. the result of the command) to the flow editor (via steps 4 and 5).
   • The xterm node will see to which flow editor session the characters (input/output) belong, to make sure that multiple users can work simultaneously in separate sessions (without the content being mixed): see steps 5 to 8.

However what you want to do:
a) Inject a message to the Node-RED server
b) That message travels on the Node-RED server between the nodes.
c) You connect via an ssh node to a remote process to send a command (step 9)
d) Then you get a result from that session (step 10)
e) And then you send that result to my node (step 11).
f) Suppose my xterm node would have an input, it would receive characters. But it has no idea which node originally has triggered the inject button. So it won't know where to send the characters, which means that both flow editors would show the characters.

And when you enter characters in the xterm terminal, then - suppose my xterm node should have an output - those characters should be send to the output, and wired again to the ssh node. But you wouldn't see your own letters appear, since I get no data back from the next node in the flow.

I hope you see that the xterm concept doesn't really fit your idea...

Ohhhhh wow Thanks for the deeeeeeeeeeep dive hehe.

So using xterm we wouldnt be able to triage since we dont have something like a pseudo -pid to attach to.

So if i were to go back and not use xterm for live output but use the debug node to view cmd data to build regex/function parsing.

if i were to try and code ssh/cmd Nodes could i have a start_ssh---[cmd1]----[cmd2]----end_ssh.

would that work on maybe the same concept as xterm where you need a pseudo terminal session-id and it creates its ssh session but control stdin/stdout.

i saw this

but not sure if a node maybe in this scenario in-out so maybe not even work in a ssh-start-end node

but i would think it would be a easier way to control the session id

I think that some of the Node.js modules I shared will let you do that in Node.js and so should be readily incorporated into nodes.

i saw this one

so im trying to study on how to create the nodes to add some LOVE to the community.

so for this setup i think I found a npm to add to help create nodes with. spectcl

. (so hopefully i can somehow install it with dependencies)

im not sure yet trying to figure it out now... But if I were to create nodes. and look at some githubs

Spawn_node = session.spawn -- (setup the session)
Expect_node = session.expect -- (expect match)
send_node = session.send -- send CMD\r
expect+send_[1]node = {maybe build the expect AND Send in the same node with timeout options ) could save some screen re-estate space in flow connections but have like 2 areas in the function like code area

example snippet from the NPM spectcl

var Spectcl = require('../lib/spectcl')
var session = new Spectcl({timeout: 5000})

session.spawn('echo', ['hello'])
session.expect([
        '>', function(match, matched, cb){
            session.send('exit\r')
            console.log('output was:\n%s',session.expect_out.buffer)
            cb()
    },
], 
});

session.spawn('node --interactive') (not sure on that)
session.spawn('echo hello', [], {}, {noPty:true}) (setup noPty ? option)

|

• [is this buffer out the command ouput to msg.payload after]

session.expect_out.buffer

here's a screenshot of a mockup i'm thinking of building.

node-red-mockup-TCL2116×908 152 KB

Yes of course.
Suppose you use NPM "package" named Spectcl,
Then you need to add it as a dependency to the package.json file of your project:

    "dependencies": {
       "spectcl": "^0.6.3"
    }, 

The ^ means that all other minor versions (0.x.x) are also ok to be downloaded, but not major versions (1.x.x) because those might contain breaking changes. So if the spectcl package would be updated next week, people just need to update your node-red node and automatically get the update of the spectcl library

But if I were you, I would start using for a similar package because this one hasn't been updated the last 4 years!! And if you would be able to implement your stuff with NodeJs modules (e.g. don't know if you can use a child_process ???), but that would even better because then it works without having to install extra dependencies...