App-Tel
view release on metacpan or search on metacpan
COMMANDS.md view on Meta::CPAN
This is a rtr or profile directive. It's used to override a key sequence.
It takes a key or key combination and a function reference for arguments.
Syntax:
handlers => { 'key' => \&function, 'another key' => \&function2 },
I pass a reference to the $session handler as argument one.
As an example, if you wanted f5 to run a "sh ver" on cisco routers you could
do this:
handlers => { '\[15~' => sub { ${$_[0]}->send("sh ver\r"); return 1; } }
The return 1; is required if you want the session to continue after the
handler is run. So if you wanted to exit the router on f12 you could return
0;
## port
Router or profile directive to indicate what port to connect on.
## autocmds
Router or profile directive to run commands automatically when logging in.
This is an array reference so it requires the square brackets surrounding the
arguments.
Example:
'autocmds' => [ 'sh ver', 'sh ip int br' ],
## hostsearch
This is a profile or router directive.
Arguments: routername
Returns: a new routername
Usage: this is just like hostname in that it modifies the name during the
connection stage. The difference here is that it tries to connect using the
supplied name first, assuming that DNS will be available and such.
If the connection fails it calls your user supplied routine, which can,
depending on how you write it, do a database lookup, a fuzzy match on the
name, or any other modification.
In my case, some of our commercial devices use a prefix of "c-" to designate
them, but we don't always type it when we're making a connection. So we have
an alias like this:
'hostsearch' => sub { "c-$_[0]"; }
## password
If a password is blank in the config file then the script will attempt to use
a Keyring for authentication. It uses the Passwd::Keyring::Auto module for
this if it's installed. If the password isn't found it will prompt you for it
and store it in the keyring.
We also support retrieving the password from KeePass, or Password Safe if the
appropriate module is available
## Crypt::PWSafe3
### Password safe file
If you set this argument to a file then it will attempt to read the password
from password safe.
pwsafe_file => $ENV{HOME} . "pwsafe3.safe",
### Password safe entry
Setting this tells us which entry to lookup the password in the file. If
this is needed but not set we exit with a warning.
pwsafe_entry => 'my router password',
### Password safe passwd
I don't advise you to store your pwsafe password anywhere in plaintext, but
if you want to pass it to the script in an environment variable then you can
specify it here. Alternatively, you can use the system Keyring as described
below. As a last ditch method you can put the password here but anyone with
access to this file will be able to read the password.
pwsafe_passwd => $ENV{PWSAFEPASSWORD},
## File::KeePass
### keepass file
If you set this argument to a file then it will attempt to read the password
from keepass.
keepass_file => $ENV{HOME} . "/keepass.kdbx",
### keepass entry
Setting keepass entry tells it where to lookup the password in the file. If
this is needed but not set we exit with a warning.
keepass_entry => 'my router password',
### keepass passwd
I don't advise you to store your keepass password anywhere in plaintext, but
if you want to pass it to the script in an environment variable then you can
specify it here
keepass_passwd => $ENV{KEEPASSPASSWORD},
## [Pass] Password Store
This works a bit differently from KeePass and PWSafe support. It only
requires a safe file and a password.
### pass file
If you set this argument then it will attempt to get the device password out
of the gpg file. This doesn't need to be a true "pass" password store, it can
be a symmetric encrypted file if you want. It will just use the first line
from the file as the device password.
If the directory isn't absolute it assumes a password-store and uses
$HOME/.password-store/<dir> as the location. Alternatively, if you have the
PASSWORD_STORE_DIR environment variable set this will override the default and
it will look in that location for the file.
If you don't include a ".gpg" extension then one is added to the end
automatically.
Examples:
pass_file => 'router/password.gpg',
pass_file => 'router_password', # would change to $HOME/.password-store/router_password.gpg
pass_file => '/tmp/file.gpg', # would not be modified
### pass passwd
Specifies the passphrase to decrypt the file
pass_passwd => 'verysafe',
pass_passwd => $ENV{SECRET_ENVIRONMENT_VARIABLE},
pass_passwd => 'KEYRING',
## Storing safe passphrases in the keyring
If you want you can put the keepass password inside your keyring so you won't be
prompted after you've logged in. If you've done this you can specify it by
saying
keepass_passwd => 'KEYRING',
or
pwsafe_passwd => 'KEYRING',
or
pass_passwd => 'KEYRING',
### On keyring and DBUS
At least on my system, Gnome Keyring doesn't work if you ssh into your
machine. This is normal because DBUS is intended to represent one user
session (The X session running locally). Even so, it's nice to be able to
work around this and use unprompted login. Add this to your .bashrc if you
need to:
# Export $DBUS_SESSION_BUS_ADDRESS when connected via SSH to enable access
# to gnome-keyring-daemon.
export PASSWD_KEYRING_AUTO_PREFER=Gnome
if [[ -z $DBUS_SESSION_BUS_ADDRESS ]]; then
# workaround until I figure out why my machine gets the wrong information
# out of dbus session-bus
export DBUS_SESSION_BUS_ADDRESS=$(ps -ax | grep dbus-daemon | grep "\-\-address=unix" | awk '{print $8}' | sed 's/--address=//')
# if [[ -f ~/.dbus/session-bus/$(dbus-uuidgen --get)-0 ]]; then
# source ~/.dbus/session-bus/$(dbus-uuidgen --get)-0
# export DBUS_SESSION_BUS_ADDRESS
# fi
fi
## syntax
If you want to load a syntax highlight module then you can specify the prefix
here. For example, DlinkColor.pm would be loaded by
syntax => 'Dlink',
You can chain load these so you can have a default set of highlight rules for
your company and specific set of rules for Cisco routers or switches or
whatever..
## username_prompt and password_prompt
username_prompt => "nom d'utilisateur:",
password_prompt => 'mot de passe:',
You might have a system that has a prompt that isn't like one of the standard
ones used by most vendors. You might even find systems that have been
regionalized and prompt you in your native language. If this is the case you
can override the default username and password prompts.
## ena_username_prompt and ena_password_prompt
ena_username_prompt => "nom d'utilisateur:",
ena_password_prompt => 'mot de passe:',
Very similar to the normal username prompt. If your enable prompt has been
changed to something you can override it using these commands.
## pagercmd
pagercmd => 'disable clipaging',
Extreme networks and Dlink both use 'disable clipaging' while Cisco uses 'term
length 0'. Juniper uses 'set cli screen-length 0', but also might need 'set
cli complete-on-space off' to avoid annoying you while running scripts.
Some vendors don't have a command to turn off the pager. In those cases I
tried setting tty rows to 10000. Not suprisingly, the vendors that I tried it
on don't use the actual terminal size to control paging, so they still had
more prompts every 20 or so lines.
If your particular device does respect tty sizing, and you have the
Term::ReadKey module, then you can set:
pagercmd => sub { _stty_rows(10000) },
In any case, these pagercmds take effect when tel is run in a non-interactive
mode, using either the -c or -x flags to specify scripts to run.
# Host Ranges
If you have the optional NetAddr::IP module installed you can use ranges in
the 'rtr' array instead of regexes. Here are some examples:
# you can use just the trailing octet:
{ 'regex' => '172.28.0.2-28', 'profile' => 'zhone_olt' },
# or the full IPv4 address:
{ 'regex' => '192.168.13.17-192.168.32.128', 'profile' => 'zhone_olt' },
# IPv6 is supported:
{ 'regex' => 'fe80::1-fe80::256', 'profile' => 'zhone_olt' },
# CIDR is also supported:
{ 'regex' => '192.168.13.0/24', 'profile' => 'zhone_olt' },
{ 'regex' => 'fe80::/64', 'profile' => 'zhone_olt' },
# comma separation is supported if you have multiple values that will load the
# same profile:
{ 'regex' => '192.168.13.17-192.168.32.128,172.16.0.2-172.16.0.13,172.28.0.0/24', 'profile' => 'zhone_olt' },
This allows you to load profiles by lists of IPs instead of DNS based
hostnames, which can be useful if your devices are spread out and your gear
isn't organized by DNS.
# wishlist
1. scrollback buffer across multiple sessions
[Pass]: http://www.passwordstore.org/
( run in 0.579 second using v1.01-cache-2.11-cpan-6aa56a78535 )