Skip to content
DataMiner DoJo

More results...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Search in posts
Search in pages
Log in
Menu
  • Blog
  • Questions
  • Learning
    • E-learning Courses
    • Open Classroom Training
    • Certification
      • DataMiner Fundamentals
      • DataMiner Configurator
      • DataMiner Automation
      • Scripts & Connectors Developer: HTTP Basics
      • Scripts & Connectors Developer: SNMP Basics
      • Visual Overview – Level 1
      • Verify a certificate
    • Tutorials
    • Video Library
    • Books We Like
    • >> Go to DataMiner Docs
  • Expert Center
    • Solutions & Use Cases
      • Solutions
      • Use Case Library
    • Markets & Industries
      • Media production
      • Government & defense
      • Content distribution
      • Service providers
      • Partners
      • OSS/BSS
    • DataMiner Insights
      • Security
      • Integration Studio
      • System Architecture
      • DataMiner Releases & Updates
      • DataMiner Apps
    • Agile
      • Agile Webspace
      • Everything Agile
        • The Agile Manifesto
        • Best Practices
        • Retro Recipes
      • Methodologies
        • The Scrum Framework
        • Kanban
        • Extreme Programming
      • Roles
        • The Product Owner
        • The Agile Coach
        • The Quality & UX Coach (QX)
    • DataMiner DevOps Professional Program
  • Downloads
  • More
    • Feature Suggestions
    • Climb the leaderboard!
    • Swag Shop
    • Contact
      • General Inquiries
      • DataMiner DevOps Support
      • Commercial Requests
    • Global Feedback Survey
  • PARTNERS
    • All Partners
    • Technology Partners
    • Strategic Partner Program
    • Deal Registration
  • >> Go to dataminer.services

How to send an SSH command from a protocol that requires sudo privileges?

Solved2.08K views11th July 2023protocols serial protocol SSH
4
Jochen Dewachter [SLC] [DevOps Advocate]2.16K 13th December 2022 0 Comments

I'd like to send a command from a protocol to retrieve data from a Linux server via SSH.

However that command needs sudo elevated privileges. The response I retrieve is just the text that is asking for a username/pwd.

How can I do this from a protocol, please?

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 11th July 2023

3 Answers

  • Active
  • Voted
  • Newest
  • Oldest
1
Gerwin van der Kamp [DevOps Enabler]2.91K Posted 13th December 2022 2 Comments

Can you change files on the box itself? otherwise an option can be setup passwordless sudo for that user: https://linuxhint.com/setup-sudo-no-password-linux/

or just some commands: https://askubuntu.com/questions/159007/how-do-i-run-specific-sudo-commands-without-a-password

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 11th July 2023
Gellynck Jens [SLC] commented 13th December 2022

Security wise it’s probably safest to only grant the specific commands sudo without password permission. Or if only the dmidecode command needs sudo privileges, you could consider fetching the same information from /sys/devices/virtual/dmi/id, /proc/cpuinfo or /proc/meminfo

Jochen Dewachter [SLC] [DevOps Advocate] commented 13th December 2022

I prefer not to do that, because in order to use that protocol, no user settings have to be adjusted on the machine itself…

0
Srikanth Mandava [SLC] [DevOps Member]912 Posted 15th December 2022 0 Comments

Hi Jochen

Expect is a well known tool in the Linux world to automate password prompt scenarios. I see that they also support Windows, may be you can consider integrating that in the driver development.

Thanks.

Srikanth Mandava [SLC] [DevOps Member] Answered question 15th December 2022
0
Miguel Obregon [SLC] [DevOps Catalyst]18.56K Posted 13th December 2022 1 Comment

Hi Jochen,

I created a small automation script that send a command that requires sudo privileges. I believe this can also be implemented in a connector. In this case you will need to use ShellStream to be able to get the sudo password request:

public void Run(Engine engine)
{
string sLogin = "myUser";
string sPassword = "myUserPassword";
string sudoPassword = "myRootPassword";
string sHostname = "10.11.12.13";
string sCommand = "sudo dmidecode -t system | grep Serial";
string sExpectedResponse = "";
int iPort = 22;

SshClient sshClient = new SshClient(sHostname, iPort, sLogin, sPassword);

// Establish the connection
sshClient.Connect();

IDictionary<Renci.SshNet.Common.TerminalModes, uint> modes = new Dictionary<Renci.SshNet.Common.TerminalModes, uint>();
modes.Add(Renci.SshNet.Common.TerminalModes.ECHO, 53);

// Create a shell stream
var shellStream = sshClient.CreateShellStream("xterm", 255, 50, 800, 600, 1024, modes);

// Get logged in
sExpectedResponse = shellStream.Expect(new Regex(@"[$>]"));
engine.GenerateInformation("[INFO]|Run|Output:" + sExpectedResponse);

// Send command that requires sudo privileges
shellStream.WriteLine(sCommand);

// Expect password or user prompt
sExpectedResponse = shellStream.Expect(new Regex(@"([$#>:])"));
engine.GenerateInformation("[INFO]|Run|Output:" + sExpectedResponse);

// Check to send the password
if (sExpectedResponse.Contains(":"))
{
// Send password
shellStream.WriteLine(sudoPassword);

// Expect user or root prompt
sExpectedResponse = shellStream.Expect(new Regex(@"[$#>]"));

engine.GenerateInformation("[INFO]|Run|Output:" + sExpectedResponse);
}// End if

sshClient.Disconnect();
}// End method Run

For this example, I was able to get the serial number:

The main drawback of this approach is that the response will contain extra characters that you don't need (see screenshot above). Based on this, I believe it will be difficult to extract the information that you are looking for.

I saw other options as well, see this answer in StackOverflow, but they are insecure.

Jochen Dewachter [SLC] [DevOps Advocate] Posted new comment 14th December 2022
Jochen Dewachter [SLC] [DevOps Advocate] commented 14th December 2022

For automation script, that’s ok. But for protocol that’d mean I have to put everything in QActions, that’s not ideal…

Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Promo banner DataMiner DevOps Professiona Program
DataMiner Integration Studio (DIS)
Empower Katas

Recent questions

Alarm Dashboard PDF/CSV Export 1 Answer | 0 Votes
Is the Microsoft SharePoint Connector Still Usable 0 Answers | 0 Votes
Is the Microsoft SharePoint Connector Still Usable 0 Answers | 0 Votes

Question Tags

adl2099 (115) alarm (62) Alarm Console (82) alarms (100) alarm template (83) Automation (223) automation scipt (111) Automation script (167) backup (71) Cassandra (180) Connector (108) Correlation (68) Cube (150) Dashboard (194) Dashboards (188) database (83) DataMiner Cube (57) DIS (81) DMS (71) DOM (139) driver (65) DVE (55) Elastic (83) Elasticsearch (115) elements (80) Failover (104) GQI (159) HTTP (76) IDP (74) LCA (151) low code app (166) low code apps (93) lowcodeapps (75) MySQL (53) protocol (203) QAction (83) security (88) services (51) SNMP (86) SRM (337) table (54) trending (87) upgrade (62) Visio (539) Visual Overview (345)
Privacy Policy • Terms & Conditions • Contact

© 2025 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

? Explore the Q&A DataMiner Docs

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin