Problems connecting to FortiGate.

Get help with using the PHP Secure Communications Library.

Moderator: Nuxius

Forum rules
The purpose of this forum is to provide support for phpseclib, a pure PHP SSH / SFTP / RSA library.

Posts by new users are held in a moderation queue and are not publicly visible until the post is approved.

Problems connecting to FortiGate.

Postby thomas.raabo » Fri Nov 01, 2013 8:02 am

Here is my code.

Code: Select all
include('Net/SSH2.php');

define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX);

$ssh = new Net_SSH2('sv-i-ngfw-1');
if (!$ssh->login($r_username, $r_password)) {
      exit('Login Failed');
}
$ssh->setTimeout('1');

echo $ssh->exec("config vdom");
echo $ssh->read();
$ssh->exec("edit vdom1");
echo $ssh->read();



Here is what i try to do on the device.

sv-i-ngfw-2 # config vdom

sv-i-ngfw-2 (vdom) # edit vdom1
current vf=vdom1:1

sv-i-ngfw-2 (vdom1) #

Here is the output from the code
-bash-3.2$ php test2.php
sv-i-ngfw-2 #
sv-i-ngfw-2 (vdom) # sv-i-ngfw-2 # sv-i-ngfw-2 #
sv-i-ngfw-2 # 6540: Unknown action 0
Command fail. Return code -1
sv-i-ngfw-2 # -bash-3.2$

Here is the debug log

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:00:00:00:00:04:65:78:65:63:01:00:00:00 ........exec....
00000010 0b:63:6f:6e:66:69:67:20:76:64:6f:6d .config vdom

<- NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST (0s)
00000000 00:00:00:00:00:02:00:00 ........

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:0e:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:23:20 w-2 #

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:01:0a .........

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:15:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:28:76:64:6f:6d:29:20:23:20 w-2 (vdom) #

<- NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:00:00:00:00:0b:65:78:69:74:2d:73:74:61 ........exit-sta
00000010 74:75:73:00:00:00:00:00 tus.....

-> NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:00 ....

-> NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:00 ....

-> NET_SSH2_MSG_CHANNEL_OPEN (0s)
00000000 00:00:00:07:73:65:73:73:69:6f:6e:00:00:00:01:7f ....session.....
00000010 ff:ff:ff:00:00:40:00 .....@.

<- NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION (0s)
00000000 00:00:00:01:00:00:00:01:00:00:00:00:00:00:80:00 ................

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:01:00:00:00:07:70:74:79:2d:72:65:71:01 ........pty-req.
00000010 00:00:00:05:76:74:31:30:30:00:00:00:50:00:00:00 ....vt100...P...
00000020 18:00:00:00:00:00:00:00:00:00:00:00:01:00 ..............

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0.0005s)
00000000 00:00:00:01 ....

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:01:00:00:00:05:73:68:65:6c:6c:01 ........shell.

<- NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST (0s)
00000000 00:00:00:01:00:02:00:00 ........

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0s)
00000000 00:00:00:01 ....

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:01:00:00:00:0e:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:23:20 w-2 #

-> NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:01 ....

-> NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:01 ....

<- NET_SSH2_MSG_CHANNEL_REQUEST (0.0452s)
00000000 00:00:00:01:00:00:00:0b:65:78:69:74:2d:73:74:61 ........exit-sta
00000010 74:75:73:00:00:00:00:00 tus.....

<- NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:01 ....

-> NET_SSH2_MSG_CHANNEL_OPEN (0s)
00000000 00:00:00:07:73:65:73:73:69:6f:6e:00:00:00:00:7f ....session.....
00000010 ff:ff:ff:00:00:40:00 .....@.

<- NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION (0s)
00000000 00:00:00:00:00:00:00:00:00:00:00:00:00:00:80:00 ................

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:00:00:00:00:04:65:78:65:63:01:00:00:00 ........exec....
00000010 0b:65:64:69:74:20:76:64:6f:6d:31:20 .edit vdom1

<- NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST (0s)
00000000 00:00:00:00:00:02:00:00 ........

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:0e:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:23:20 w-2 #

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:01:0a .........

<- NET_SSH2_MSG_CHANNEL_EXTENDED_DATA (0s)
00000000 00:00:00:00:00:00:00:01:00:00:00:34:36:35:34:30 ...........46540
00000010 3a:20:55:6e:6b:6e:6f:77:6e:20:61:63:74:69:6f:6e : Unknown action
00000020 20:30:0a:43:6f:6d:6d:61:6e:64:20:66:61:69:6c:2e 0.Command fail.
00000030 20:52:65:74:75:72:6e:20:63:6f:64:65:20:2d:31:0a Return code -1.

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:00:00:00:00:0e:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:23:20 w-2 #

<- NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:00:00:00:00:0b:65:78:69:74:2d:73:74:61 ........exit-sta
00000010 74:75:73:00:00:00:00:00 tus.....

-> NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:00 ....

-> NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:00 ....

<- NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:00 ....

-> NET_SSH2_MSG_CHANNEL_OPEN (0s)
00000000 00:00:00:07:73:65:73:73:69:6f:6e:00:00:00:01:7f ....session.....
00000010 ff:ff:ff:00:00:40:00 .....@.

<- NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION (0s)
00000000 00:00:00:01:00:00:00:01:00:00:00:00:00:00:80:00 ................

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:01:00:00:00:07:70:74:79:2d:72:65:71:01 ........pty-req.
00000010 00:00:00:05:76:74:31:30:30:00:00:00:50:00:00:00 ....vt100...P...
00000020 18:00:00:00:00:00:00:00:00:00:00:00:01:00 ..............

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0.0002s)
00000000 00:00:00:01 ....

-> NET_SSH2_MSG_CHANNEL_REQUEST (0s)
00000000 00:00:00:01:00:00:00:05:73:68:65:6c:6c:01 ........shell.

<- NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST (0s)
00000000 00:00:00:01:00:02:00:00 ........

<- NET_SSH2_MSG_CHANNEL_SUCCESS (0s)
00000000 00:00:00:01 ....

<- NET_SSH2_MSG_CHANNEL_DATA (0s)
00000000 00:00:00:01:00:00:00:0e:73:76:2d:69:2d:6e:67:66 ........sv-i-ngf
00000010 77:2d:32:20:23:20 w-2 #

-> NET_SSH2_MSG_CHANNEL_EOF (0s)
00000000 00:00:00:01 ....

-> NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:01 ....

<- NET_SSH2_MSG_CHANNEL_REQUEST (0.0439s)
00000000 00:00:00:01:00:00:00:0b:65:78:69:74:2d:73:74:61 ........exit-sta
00000010 74:75:73:00:00:00:00:00 tus.....

<- NET_SSH2_MSG_CHANNEL_CLOSE (0s)
00000000 00:00:00:01 ....

"

Whats wrong with my code?
thomas.raabo
Traveler
 
Posts: 2
Joined: Fri Nov 01, 2013 7:55 am

Re: Problems connecting to FortiGate.

Postby TerraFrost » Mon Nov 04, 2013 2:28 pm

Sorry for the delay - apartment flooded this past week.

Anyway...
Code: Select all
echo $ssh->exec("config vdom");
echo $ssh->read();
$ssh->exec("edit vdom1");
echo $ssh->read();

$ssh->exec() returns the output of the command that's been passed to it.

eg. $ssh->exec('ls -la') returns a string containing the directory contents.

If you want to use $ssh->read() then you should be using $ssh->write() as well. Not $ssh->read().

Also, chances are, if you're doing $ssh->write() you'll also need to do $ssh->write("config vdom\n"). ie. normally when you log into a system and type in "ls -la" you hit enter after that. The shell doesn't just say "oh - you typed in ls -la. idk if you're done typing in the command but I'm gonna try to run it anyway". The "\n" is enter.
TerraFrost
Legendary Guard
 
Posts: 12357
Joined: Wed Dec 04, 2002 6:37 am

Re: Problems connecting to FortiGate.

Postby thomas.raabo » Tue Nov 05, 2013 9:22 pm

Hi Terry.

Thank you for the reply.

-bash-3.2$ php test2.php
1config vdom
sv-i-ngfw-2 # config vdom

sv-i-ngfw-2 (vdom) # 1edit vdom1
sv-i-ngfw-2 # edit vdom1
6540: Unknown action 0
Command fail. Return code -1

sv-i-ngfw-2 # -bash-3.2$


Could you tell mere were the two 1 characters are comming from?

the code

Code: Select all
echo $ssh->write("config vdom\n");
echo $ssh->read();
echo $ssh->write("edit vdom1\n");
echo $ssh->read();
thomas.raabo
Traveler
 
Posts: 2
Joined: Fri Nov 01, 2013 7:55 am

Re: Problems connecting to FortiGate.

Postby TerraFrost » Tue Nov 05, 2013 11:10 pm

The $ssh->write() calls shouldn't be echo'd. They simply return 1 on success and 0 on failure.
TerraFrost
Legendary Guard
 
Posts: 12357
Joined: Wed Dec 04, 2002 6:37 am


Return to phpseclib support

Who is online

Users browsing this forum: No registered users and 2 guests

cron