1Belier 2====== 3 4What's for ? 5------------ 6Belier allows opening a shell or executing a command on a remote computer through a SSH connection. The main feature of Belier is its ability to cross several intermediate computers before realizing the job. 7 8- Belier reaches the final computer through intermediate machines. 9- You can execute commands with any account available on the remote computer. 10- It is possible to switch account on intermediate computers before accessing the final computer. 11- You can open a data tunnel through every host you cross to the final host. 12- Belier generates one script for each final computer to reach. 13 14License 15------- 16GPLv3 and more 17 18What you need before installing Belier 19-------------------------------------- 20- Python >= 2.4 21- Expect >= 5.42.1 22 23Debian : 24------------------------------- 25# apt-get install python expect 26------------------------------- 27 28Installation 29------------ 30From sources 31~~~~~~~~~~~~ 32----------------------- 33$ tar zxvf 34$ cd belier-1.1 35$ su - 36# python setup.py install 37------------------------- 38 39Easy_install 40~~~~~~~~~~~~ 41--------------------- 42# easy_install belier 43--------------------- 44 45Source code 46----------- 47 48---------------------------------------- 49$ git clone git://git.ohmytux.com/belier 50---------------------------------------- 51 52Howtos 53------ 54Information file syntax 55~~~~~~~~~~~~~~~~~~~~~~~ 56------------------------------------------------- 57[user@]host[:port] [pass|user [pass]] [-c|-t|-ot] 58------------------------------------------------- 59 60Open a remote shell as root 61~~~~~~~~~~~~~~~~~~~~~~~~~~~ 62 63We first write a file which defines information to access the final computer : 64------------------------------- 65admin@host Ic4r3 root jkw!po12; 66------------------------------- 67 68Belier generates the script : 69--------------------- 70$ bel --entree=ordres 71$ ls 72ordres host.sh 73---------------- 74 75Execution of the script (only the script is executed here, the other lines are self-generated) : 76------------------------------- 77user@localhost:~$ ./host.sh 78spawn ssh host 79admin@host's password: 80admin@host:~$ su - root 81Password: 82root@host:~# 83------------ 84 85Let's be more verbose about this example : 86 87. We write a file with the mandatory information to connect the remote computer. The first field is composed by a login followed by '@' and the hostname (could be an ip address). You can omit the login and in this case, the actual login of your shell session will be used. 88. The second field is a password to access the remote computer. It could be omitted if you exchanged ssh keys between the both computers. 89. The third field is the login you want to switch to after beeing connected to the remote computer. It could be omitted if you don't need to switch. 90. The fourth and last field is the required password for the user switching. Could be omitted too. 91. You generate the connection script. You could use standard input but in our example we use --entree option to pinpoint the information file. 92. You launch the script and you reach the final computer. 93 94Open a remote shell with several intermediate computers 95~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 96 97We first write a file which defines information to access the final host: 98---------------------------- 99middlehost1 admin azer0;lp!Z 100admin@middlehost2 101admin@lasthost root jkw!po12; 102----------------------------- 103 104Belier generates the script: 105--------------------- 106$ bel --entree=ordres 107$ ls 108ordres lasthost.sh 109-------------------- 110 111Execution of the script (only the script is executed here, the other lines are self-generated): 112------------------------------- 113user@localhost:~$ ./lasthost.sh 114spawn ssh middlehost1 115user@middlehost1's password: 116user@middlehost1:~$ su - admin 117Password: 118admin@middlehost1:~$ ssh admin@middlehost2 119admin@middlehost2:~$ ssh admin@lasthost 120admin@lasthost's password: 121admin@lasthost:~$ su - root 122Password: 123root@lasthost:~# 124---------------- 125 126Let's be more verbose about this example: 127 128. The first line of the information file defines the first intermediate computer to reach. On this one we also define a user switch. 129. The second line defines the second intermediate computer. 130. The third line defines the final computer. On this computer we switch to root. 131. You generate the connection script. You could use standard input but in our example we use --entree option to pinpoint the information file. 132. You launch the script and you reach the final computer. 133 134Execute a command on a remote computer as root 135~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 136 137We first write a file which defines information to access the final computer : 138--------------------------- 139middlehost admin azer0;lp!Z 140admin@lasthost root !ZuP3r; -c 141df -h 142----- 143 144Belier generates the script : 145--------------------- 146$ bel --entree=ordres 147$ ls 148ordres lasthost.sh 149-------------------- 150 151 152Here is the output of the execution of the generated script : 153------------------------------- 154user@localhost:~$ ./lasthost.sh 155spawn ssh middlehost 156user@middlehost's password: 157user@middlehost:~$ su - admin 158Password: 159admin@middlehost:~$ ssh admin@lasthost 160admin@lasthost's password: 161admin@lasthost:~$ su - root 162Password: 163root@lasthost:~# df -h 164Sys. de fich. Tail. Occ. Disp. %Occ. Monté sur 165/dev/sda2 453G 61G 393G 14% / 166varrun 2,0G 112K 2,0G 1% /var/run 167varlock 2,0G 0 2,0G 0% /var/lock 168udev 2,0G 48K 2,0G 1% /dev 169devshm 2,0G 24K 2,0G 1% /dev/shm 170lrm 2,0G 36M 1,9G 2% /lib/modules/2.6.24-21-generic/volatile 171root@lasthost:~# 172---------------- 173 174Let's be more verbose about this example : 175 176. The first line of the information file defines the first intermediate computer to reach. On this one we also define a user switch. 177. The second line defines the second intermediate computer. 178. The third line defines the final computer. On this computer we switch to root. 179. The fourth line defines the command we want to execute on the final computer. 180. You generate the connection script. You could use standard input but in our example we use --entree option to pinpoint the information file. 181. You launch the script and you reach the final computer. 182 183Open a tunnel for data while connecting to a host 184~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 185We want to send a big file through several hosts. Copying it through the different hosts would be painful. Bélier offers an elegant solution to solve that case by opening on your source computer a network port sending data directly on the final machine you want to work on. By default this network port has the following number : 9999. Lets take the following order file : 186------------------------ 187middlehost azer0;lp!z -t 188admin@lasthost root jkw!po12; 189----------------------------- 190 191Belier generates the script : 192--------------------- 193$ bel --entree=ordres 194$ ls 195ordres lasthost.sh 196-------------------- 197 198Let's be more verbose about this example : 199 200. That's a pretty common order file but you have at the end of the line the -t (for tunnel) option, which means you want a data tunnel to this machine. 201. That's pretty much what you need. executing this script you'll connect and open a shell on the final host, as usual. 202. But moreover, you have on your source host an open port allowing you to send data directly to the final host, using the scp command. 203 204Execution of the script (only the script is executed here, the other lines are self-generated) : 205------------------------------- 206user@localhost:~$ ./lasthost.sh 207user@middlehost's password: 208user@middlehost:~$ ssh admin@lasthost 209admin@lasthost:~$ su - root 210password: 211root@lasthost:~# 212---------------- 213And now, leave this shell alone (don't close it or you'll lose the connection) and in a new one you'll use the scp command: 214-------------------------------------------------------------- 215user@localhost:~$ scp -p 9999 my-big-file.iso root@127.0.0.1:~ 216root@127.0.0.1's password: 217toto 100% 19 0.0kb/s 00:00 218user@localhost:~$ 219----------------- 220Your file has been successfully sent through every computers you usually have to cross! And you can use every command you want through this port, e.g ftp, rsync, whatever. 221 222Open a tunnel for data with a specified port number while connecting to a host 223~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 224We want to send a big file through several hosts. Copying it through the different hosts would be painful. Bélier offers an elegant solution to solve that case by opening on your source computer a network port sending data directly on the final machine you want to work on. By default this network port has the following number : 9999. lets take the following order file : 225------------------------- 226middlehost azer0;lp!z -ot 2278888 7777 228admin@lasthost root jkw!po12; 229----------------------------- 230 231Belier generates the script : 232--------------------- 233$ bel --entree=ordres 234$ ls 235ordres lasthost.sh 236-------------------- 237 238Let's be more verbose about this example : 239 240. That's a pretty common order file but you have at the end of the line the -ot (for tunnel options) option, which means you want a data tunnel to this machine. 241. On the line following the one finishing by -ot you have to give to arguments: the local port you want to use and the remote port which is going to be opened. 242. That's pretty much what you need. Executing this script you'll connect and open a shell on the final host, as usual. 243. But moreover, you have on your source host an open port allowing you to send data directly to the final host, using the scp command. 244 245execution of the script (only the script is executed here, the other lines are self-generated) : 246------------------------------- 247user@localhost:~$ ./lasthost.sh 248user@middlehost's password: 249user@middlehost:~$ ssh admin@lasthost 250admin@lasthost:~$ su - root 251password: 252root@lasthost:~# 253---------------- 254And now, leave this shell alone (don't close it or you'll lose the connection) and in a new one you'll use the scp command: 255-------------------------------------------------------------- 256user@localhost:~$ scp -p 8888 my-big-file.iso root@127.0.0.1:~ 257root@127.0.0.1's password: 258toto 100% 19 0.0kb/s 00:00 259user@localhost:~$ 260----------------- 261Your file has been successfully sent through every computer you usually have to cross! And you can use every command you want through the port you want to use, e.g ftp, rsync, whatever. 262 263Useful to know with passwords in Belier 264~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 265If one of your passwords in the information file has a space in it, you need to wrap your password between quotation marks (character ") : 266----------------------------- 267admin@serveur "My Passw0rd " 268----------------------------- 269If one of your passwords in the information file has a quotation mark in it, you need to put a backslash before (character \) : 270------------------------------- 271admin@serveur "My \"Pass word " 272------------------------------- 273 274Code quality 275------------ 276 277Since the version 0.4, Belier has been tested (functional tests and regression tests). The code is parsed with Pylint. I also use a fuzzer called Fusil written by Victor Stinner. If you find a bug, please contact me. 278 279Help / bugreports / feature requests 280------------------------------------ 281 282- Users list - please suscribe to link:https://lists.sourceforge.net/mailman/listinfo/belier-users[the users mailing list]. 283- Developers list - please suscribe to link:https://lists.sourceforge.net/mailman/listinfo/belier-devel[the developers mailing list]. 284 285mailto:please-use-chaica@ohmytux.com['Carl Chenet aka Chaica'] 286