Accessing Cisco device using Perl

[Business_Woman]

Hello,

I'm trying to write a Perl script for retrieving certain interface statistics from my router ,Cisco 1841.

#!/usr/bin/perl
use Net::SSH2;
use warnings;
use strict;


my $host = "my hostname";
my $user = "my username";
my $password = "My Password";

my $ssh = Net::SSH2->new();

        if(!$ssh->connect($host)){
                print("Connection Failed\n");
                exit(1);
        }

        if(!$ssh->auth_password($user,$password)){
                print("Authentication Failed");
                exit(1);
        }

        my $channel = $ssh->channel();
        my $command = $channel->exec("sh ver") or die $_;
        my $output;
        my $len = $channel->read($output,2048);
        print "output is $output\n";

Authenticating to the device works fine and retrieving output from commands in user-exec mode also works. The problem seems to be that the device prompts for an "enable password" when entering privileged-exec mode.

I'm not experienced with Perl. Any advice on how to get around this would be much appreciated.

 

[throAU]

I'm no perl expert, but another way around this is to create an account on the cisco device(s) with privileges (e.g., level 15), and log into the router using that account. If you authenticate as a level 15 user, you don't need to use enable - you're already "enabled" for privileged commands.

 

[SirDice]

We use perl's lang/p5-Expect to handle situations like that.

 

[mix_room]

I realise this isn't what you asked, but perhaps http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol might be an idea. net-mgmt/net-snmp

Then you will not need to authenticate just in order to read some statistics.

 

[SirDice]

Certain information, like the device's serial number, can't be accessed via SNMP unfortunately. At least not reliably.