Using expect with a JunOS device.

I’ll add more as I go along, but the first annoying thing was that there was no ‘central’ repository of configs.  Now call me old fashioned, but I liked the old days when telnet was scriptable and I could go and talk to my Cisco stuff.. but here we are in 2014, and I suppose I should break down and use that ‘expect’ package I’ve heard so much about.

So I have this Linux host that I want to talk to all these hosts.  The first problem is that it being a new host it hasn’t talked to anything so it doesn’t know the private keys.  Annoying.  The other thing is that some commands like to initiate a pager, which takes time to slap the space bar.  It’s much better to have the computer do it.

#!/usr/local/bin/expect —
set MYUSER “my_user_id”
set MYPASS “my_password”
set HOST [lindex $argv 0];
if {$argc!=1} {
puts “Usage is scritpname  <ip address>\r”
exit 1
}

puts “Connecting to $HOST\r”

spawn ssh $HOST -l $MYUSER
# Deal with hosts we’ve never talked to before
# or just login
#
expect {
“continue connecting (yes/no)?”
{send “yes\r”
expect “password:”
send “$MYPASS\r”
}
# We’ve been here before
“password:”
{send “$MYPASS\r”}
}
# Some commands run from configure, some don’t.
# It may be easier to just enter configure mode
expect “> ”
send “configure\r”
expect “# ”
#
# Pick a command to run
send “run show arp no-resolve\r”
#send “save terminal\r”
#send “run show lldp neighbors\r”
#
# Deal with paging. I don’t want to make any
# changes at *ALL* to the device, so instead
# I deal with the pager
#
expect {
“more” {send ” “; exp_continue}
“# ” {send “exit\r”}
}
# We are done, get out of here!
#
expect “>”
send “exit\r”

So in this shell example I’ve set it up to recognize that it’s never established before.  I know it’s messy that it has the password 2x I guess I could do variable substitution if I was more scripty but right now I just want to get some basic things in/out of the routers all the time, such as port status, MAC’s and I want it like yesterday.

The important part of the ‘more’ bypass is the exp_continue keyword.  Which took a lot of googling around because everyone “expects more”.  It’s kind of annoying when your keywords are common English words.

And as you can see, this is a good enough base for doing some more complicated things.  Of course I wouldn’t roll changes out automatically, but for the adventurous there you go.  It wouldn’t take much to adapt this for Cisco stuff, as the CLI operates more or less the same.

The real fun begins with parsing all this stuff.

2 thoughts on “Using expect with a JunOS device.

  1. You can avoid SSH prompting about hosts you’ve never connected to before by passing ‘-o StrictHostKeyChecking=no’ on the ‘ssh’ command-line. Of course, there are security implications, but then there are security implications when you just script around the prompt anyway 🙂 Be sure to read the ssh_config man page to understand exactly what it means!

    • When you have a couple hundred+ devices you tend to stop caring.. such is progress I guess.

      Although this reminds me it probably won’t handle changing ssh alerts.

Leave a Reply