Friday, January 29, 2010

 

Synapse Based SSH Client


Many times, I needed a way to let my Delphi/FPC applications to connect to an SSH server, execute some commands, and get its results. Now I'm publishing a simple class based on Synapse's TTelnetSend class to do exactly what I needed.

Required ingredients

First of all, you'll need to grab a copy of the latest version of Synapse, now, to connect to an SSH server, the connection must be established by using the SSL protocol, and Synapse allows that kind of connections with plugins that allow filtering the data through OpenSSL, CryptLib and StreamSecII. Here, I'll use CryptLib, so you'll have to get this compiled version of cl32.dll for Windows, if you need the library compiled for Linux search for it in your repository (or use Google).

Now, configure the search paths of your compiler to find both, Synapse source and cryptlib.pas, the wrapper for cl32.dll.

Introducing TSSHClient class

This is a simple class to let you connect to an SSH server in an Object Oriented way, its internal parts where found in the Synapse's newsgroups, tested and arranged in a class.


unit sshclient;

interface

uses
tlntsend, ssl_openssl, ssl_openssl_lib, ssl_cryptlib;

type
TSSHClient = class
private
FTelnetSend: TTelnetSend;
public
constructor Create(AHost, APort, AUser, APass: string);
destructor Destroy; override;
procedure SendCommand(ACommand: string);
procedure LogOut;
function ReceiveData: string;
function LogIn: Boolean;
end;

implementation

{ TSSHClient }

constructor TSSHClient.Create(AHost, APort, AUser, APass: string);
begin
FTelnetSend := TTelnetSend.Create;
FTelnetSend.TargetHost := AHost;
FTelnetSend.TargetPort := APort;
FTelnetSend.UserName := AUser;
FTelnetSend.Password := APass;
end;

destructor TSSHClient.Destroy;
begin
FTelnetSend.Free;
inherited;
end;

function TSSHClient.LogIn: Boolean;
begin
Result := FTelnetSend.SSHLogin;
end;

procedure TSSHClient.LogOut;
begin
FTelnetSend.Logout;
end;

function TSSHClient.ReceiveData: string;
var
lPos: Integer;
begin
Result := '';
lPos := 1;
while FTelnetSend.Sock.CanRead(1000) or (FTelnetSend.Sock.WaitingData>0) do
begin
FTelnetSend.Sock.RecvPacket(1000);
Result := Result + Copy(FTelnetSend.SessionLog, lPos, Length(FTelnetSend.SessionLog));
lPos := Length(FTelnetSend.SessionLog)+1;
end;
end;

procedure TSSHClient.SendCommand(ACommand: string);
begin
FTelnetSend.Send(ACommand + #13);
end;

end.


A sample application

This is an example of how to execute an "df -h" command in an external SSH server, inspirated by a question in StackOverflow.

The example just connects to a server, execute the command and capture its output, just that.


program TestSSHClient;

{$APPTYPE CONSOLE}

uses
sshclient;

var
lSSh: TSSHClient;
begin
lSSh := TSSHClient.Create('[TARGET_HOST_OR_IP_ADDRESS]', '[PORT]', '[USER]', '[PASSWORD]');
if lSSh.LogIn then
begin
Writeln('Connected!.');
(* Get welcome message *)
Writeln(lSSh.ReceiveData);
(* Send command *)
lSSh.SendCommand('df -h');
(* Receive results *)
Writeln(lSSh.ReceiveData);
lSSh.LogOut;
Writeln('Logged out.');
end
else
Writeln('Can''t connect.');
lSSh.Free;
end.


Replace the words between '[' and ']' by the real ones and test it.

See you on my next post.
Comments:
Can't get it to work. Putty connects OK but this code, with the same login parameters, comes up with "Can't connect" (after quite a long time). Using Delphi 5, if that's a clue ...

Regards,
Dag Hovden
 
I don't know. The example was created with Delphi 7 and was tested with two of my SSH servers.

I'm sure you can find more help in the Synapse mailing list, and please, send them as much details about your Putty configuration info as you can, for example, if your target server works with SSH v.1 or v2.
 
ola que tal
sou rod, moro em foz do iguaçu, pr, e gostei muito do seu artigo sobre ssh.
gostaria de saber como proceder pra utilizar a mesma classe do synapse pra utilizar scp (cópia segura).
gracias!
 
ola que tal
sou rod, moro em foz do iguaçu, pr, e gostei muito do seu artigo sobre ssh.
gostaria de saber como proceder pra utilizar a mesma classe do synapse pra utilizar scp (cópia segura).
gracias!
 
Leonardo, disculpa porque mi consulta no está relacionada con tu ejemplo, pero es que hace tiempo que busco una solución y no la encuentro.
Uso Lazarus e intento hacer un clon del Explorador de Windows para las XO. Compilo en Windows y en Linux.

El problema es que en Linux el componente ListView solo muestra iconos en el estado vsReport; si paso a vsIcon, queda en blanco , pero los items no desaparecieron, volviendo a vsReport reaparecen.

Este comportamiento sucede solo en Linux; el mismo código fuente compilado en Windows funciona bien, y el ListView muestra correctamente los iconos en cualquiera de sus estados.

Disculpa nuevamente , pero es que no encuentro solución y te agradezco cualquier pista. Hace meses pedí ayuda en el sitio de Lazarus pero no tuve suerte.
Uso Lazarus 0.9.28. Mi correo es alejandro.lavarello (arroba) gmail.com
Saludos desde Uruguay.
 
Leonardo, disculpa porque mi consulta no está relacionada con tu ejemplo, pero es que hace tiempo que busco una solución y no la encuentro.
Uso Lazarus e intento hacer un clon del Explorador de Windows para las XO. Compilo en Windows y en Linux.

El problema es que en Linux el componente ListView solo muestra iconos en el estado vsReport; si paso a vsIcon, queda en blanco , pero los items no desaparecieron, volviendo a vsReport reaparecen.

Este comportamiento sucede solo en Linux; el mismo código fuente compilado en Windows funciona bien, y el ListView muestra correctamente los iconos en cualquiera de sus estados.

Disculpa nuevamente , pero es que no encuentro solución y te agradezco cualquier pista. Hace meses pedí ayuda en el sitio de Lazarus pero no tuve suerte.
Uso Lazarus 0.9.28. Mi correo es alejandro.lavarello (arroba) gmail.com
Saludos desde Uruguay.
 
Hola Alejandro, te respondo por mail.
 
ROD, I found a way to make SCP operations with Synapse!, I'm trying to find time to publish some code examples in the Blog.
 
Thank you really much !
It helped me a lot.
+++
 
I found this really helpful - followed your instructions and it works as described on Delphi 2007.

Many thanks!
 
Thanks, it helped me in my homework!
 
Hi!

Only use ssl_cryptlib in the uses, and it will work with LT_SSHv2.
 
My testing program didn't work. Still error "Can't connect."
Here are my tools:
BDS 2006
Synapse39
CryptLib-3.2.2
CL32spy340

What's the trick to fix this?
 
Hi Leonardo, nice example.

I've got a similar approach for Lazarus/FreePascal, see http://wiki.lazarus.freepascal.org/Synapse#SSH.2FTelnet_client_sample_program

@ the others, I was told the cryptlib.dll version needs to match with your cryptlib.pas. Maybe that's the problem.
 
How can this work when the Ararat Synapse | 009.008.005 | code tels that the TCustomSSL.Connect will not work?

Here is needed code for start SSL connection.}
function Connect: boolean; virtual;

Best regards,

Steffen
 
when i compiler show error in here {$IF CRYPTLIB_VERSION >= 3400} please answer it.thx
 
Please. Set an example for Secure copy (scp) using the synapse
 
Please. Set an example for Secure copy (scp) using the synapse
 
Hola,
Tengo un servidor en linux ssh y me conecto en red local con putty sin problemas con windows 7.
Ya implemente lo que compartes en lazarus y, despues de intentar conectar, ya pone que no se puede conectar.
El protocolo del ssh es 2.
alguna idea?.

gracias
 
Hola,
Gracias por el post.
Estaba buscando la opcion de usar el ejemplo como tunel, pero no hay forma.
Estuve mirando el blcksock.pas para darme alguna idea pero no la encuentro.
Alguna manita?.
saludos y gracias
 
Hello Leonardo,

Have you a sample delphi code to perform a SCP put/get using synapse ?

Yves

 
hello leonardo i want to make this code works but it doesn't always says can't connect, if you can help me i will be very grateful, my mail is jose.marquez.blanco@gmail.com please contact me
 
hello leonardo i want to make this code works but it doesn't always says can't connect, if you can help me i will be very grateful, my mail is jose.marquez.blanco@gmail.com please contact me
 
Thanks Keith for the info.
 
Hi everybody,
just my contribute given at july 13th 2015.

I used Leonardo's class with the following configuration:

- Windows XP pro sp3 (32 bit)
- Lazarus 1.2.0 (FPC 2.6.2)
- Synapse ver. 39
- Cryptlib 3.2.2

it was not necessary to add cryptlib.pas to my project, just appended Synapse directory to searchpath list and copy cl32.dll into application dir.

Note: I tried to use Synapse 40 but it is incompatible with 1.2 version of Lazarus (I found later that they claim it is for 2.0 version).

My app use a SSH connection to a Linux server and run a bash script (it make some operations on a mysql db using "myqsl" and "mysqldump" commands).

Everything worked fine for me!
So many thanks to Leonardo for sharing his knowledge with all of us (and of course thanks to Synapse and Cryptlib developers to do the same).

Hope this note could be helpfull for someone.

Regards and greetings from Italy,
Mauro
 
Muchas Gracias Leonardo. me ayudo mucho.

Hector.
 
UPDATE to my july 13th 2015 post
I found that, after a reinstallation of Lazarus (ver. 1.2.6 - FPC 2.6.4) my app was not compiled anymore.
After many attempts I was able to compile it just by adding the directory containing cryptlib.pas
I also had to modify cryptlib.pas just adding the
{$MODE Delphi}
directive on top of the source.
After this two changes my app was recompiled again and now it runs well as before.
Regards, Mauro
 
Thanks for the update, Mauro.
 
Im trying to use with 64 bit delphi compiler without luck. I migrate the crypt lib code to accept win64 conditionals, no luck, im doing something wrong. Anybody have a updated version of crypt lib for 64 bits?

Best regards.
 
Hi Donald, please ask this in the Synapse Library mailing list, I'm sure there you'll find someone with the same problem and hopefully a solution.
 
Hello Leonardo, by a long time I'm trying to incorporate in my project a ssh client connection, but without sucess until now... your topic helped me so much, but I'm getting with some problems yet.

At the moment I'm using synapse39 (40 didn't work to me) and Cryptlib 3.2.2, the console application runs normally, but when it will connect to the server I receive a error menssage : 'Can't Connect'... When I try the same connection with Putty there isn't any error, and the connection stay ok...

Please, can anyone help me ???
 
Hi Rodrigo, I tried to compile my example using Synapse 39 and I got several errors. The 1nst was cannot link -lcl, as I'm on Ubuntu I've googled for a way to install cryptlib but I couln't find anything, so I went to https://www.cs.auckland.ac.nz/~pgut001/cryptlib/ downloaded and compiled it.

Then I started getting ssh_cryptlib.pas related errors, so I grabbed it from Synapse 40 and replaced the old version.

After doing that my program was able to compile and worked without a glitch.

Leonardo.
 
Hi Leonardo, i have an error in here {$IF CRYPTLIB_VERSION >= 3400} when a compile it. I work with RAD Studio XE3 and Synapse40.

Thanks.
 
Thank you for your answer Leonardo.
Well, I did what you said. I went to cs.auckland and did the download from the last version of cryptlib, (I didnt understand what you mean with compiled, in the folder bindings already have the .pas. So I put the last verison of Synapse (version 40) and tried to run, but I got any error with the last version of cryptib, so I use the 3.2.2 and I did an fix (Const CRYPTLIB_VERSION) and compiled with success...
So I put the login, password, user, ip and port, but I still got an error 'CANT'T Connect'

I think that I'm doing some step wrong... but I dodnt get it yet... :-(
(the libs/directorys are ok in D7, The folder of console application has the cl32.dll and sshclient.pas )

 
I would like to add my comment

I tested with Delphi XE5, with old crypt 3.2.2 and the last version 3.4.3, the program compiled without troubles, but I'm taking the same error Can't connect...

I'm trying to acess in radios, I usually to use the Putty to acess them by SSH and always it show a warning about security alert, this alert is about the rsa2.keyfingerprint key, so I just press Yes to connect and I put the login/password, but with the console application nothing happens and I got cant connect... :/

 
Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?