Forum Discussion

Cynthia_18735's avatar
Cynthia_18735
Icon for Nimbostratus rankNimbostratus
Mar 07, 2008

SSH no longer works with Perl script after upgrading BigIP's to newer hardware/software

I have an iControl script, that I also do connection to using SSH. I can logon via Putty using SSH to the LTM; however, using the following code results in a permission denied error. This same script worked on BigIP Models 1000 & 2400 running Version 9.1.2. However, we have recently replaced these with 6400's running 9.3.0 and the scripts no longer worked.

 

 

Anyone have any idea on what has changed and what needs to be updated to make this work?

 

 

use Net::SSH::W32Perl;

 

 

Open SSH connection to host

 

print "Logging into '$host' via SSH\n";

 

 

$ssh = Net::SSH::W32Perl->new($host);

 

$ssh->login('userid', 'password') or die("Could not log in - $!");

 

 

exit 0;

 

dev
devops
iControl

4 Replies

Sort By
  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Mar 07, 2008
    are your ssh versions compatible? It may be that your script is querying at v1 and 9.3 is listening for v2, or vice versa.
  • Cynthia_18735's avatar
    Cynthia_18735
    Icon for Nimbostratus rankNimbostratus
    Mar 07, 2008
    I have the following perl version on my windows server that is running the script:

     

     

    E:\Perl\lib>perl -v

     

     

    This is perl, v5.6.1 built for MSWin32-x86-multi-thread

     

     

    Looks like Perl on the BigIP is at the following level:

     

     

    This is perl, v5.8.0 built for i386-linux-thread-multi

     

     

    How do you know if SSH is incompatible of running at a different version. Sorry, I'm not very saavy in this particular area.
  • DennisJann's avatar
    DennisJann
    Icon for Nimbostratus rankNimbostratus
    Mar 08, 2008
    Do you have Remote Authentication enabled? I had a similar problem after upgrading our LTMs from 9.1.x to 9.3.1.

     

     

    We use RADIUS for Remote Authentication for adminstrator access via ssh and https, but had created a local account for use by a Perl management script using one of the Linux commands. The local Unix account no longer worked after upgrading to 9.3, so we had to create a RADIUS account for the management script, and add it to the LTM using the f5adduser command.
  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Mar 10, 2008
    check Protocol setting in /config/ssh/sshd_config. You can set protocol to be version 1 (Protocol 1), version 2 (Protocol 2), or both (Protocol 2,1). It looks like the windows version of Net::SSH is only version 2, so as long as the F5 is accepting version 2, you should be ok on this front. You'll also need to check to see if your perl host is in the allow list in /etc/hosts.allow.