Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

exit status of ssh?

 

 

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


chris.quenelle at oracle

Mar 17, 2011, 4:17 PM

Post #1 of 8 (9144 views)
Permalink
exit status of ssh?

The man page for ssh says that the exit status of ssh should
be the exit status of the program that it runs.

The session terminates when the command or shell on the remote machine
exits and all X11 and TCP/IP connections have been closed. The exit sta‐
tus of the remote program is returned as the exit status of ssh.
...
ssh exits with the exit status of the remote command or with 255 if an
error occurred.


But it doesn't seem to work.


% bash -c '"/bin/ls /foo"' ; echo $?
bash: /bin/ls /foo: No such file or directory
127

% ssh cryo bash -c '"/bin/ls /foo"' ; echo $?
/bin/ls: /foo: No such file or directory
0

What's up?

I see the same thing on a Linux system and a Solaris system:

% ssh -V
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005

% ssh -V
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x0090811f

Output of -v is:

% ssh -v cryo bash -c '"/bin/ls /foo"'
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /home/quenelle/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to cryo [10.133.144.28] port 22.
debug1: Connection established.
debug1: identity file /home/quenelle/.ssh/identity type -1
debug1: identity file /home/quenelle/.ssh/id_rsa type 1
debug1: identity file /home/quenelle/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'cryo' is known and matches the RSA host key.
debug1: Found key in /home/quenelle/.ssh/known_hosts:33
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/quenelle/.ssh/identity
debug1: Offering public key: /home/quenelle/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: bash -c "/bin/ls /foo"
/bin/ls: /foo: No such file or directory
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 2

Since the expected exit status is "127", and the status
that the shell sees with $? is "0", I'm not sure how the "status 2"
on the last line fits in.





_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


chris.quenelle at oracle

Mar 18, 2011, 9:52 AM

Post #2 of 8 (9012 views)
Permalink
Re: exit status of ssh? [In reply to]

On Friday March 18 9:41AM, Michael Loftis wrote:
> On Thu, Mar 17, 2011 at 5:17 PM, Chris Quenelle
> <chris.quenelle [at] oracle> wrote:
>> The man page for ssh says that the exit status of ssh should
>> be the exit status of the program that it runs.
>>
>> The session terminates when the command or shell on the remote machine
>> exits and all X11 and TCP/IP connections have been closed. The exit sta‐
>> tus of the remote program is returned as the exit status of ssh.
>> ...
>> ssh exits with the exit status of the remote command or with 255 if an
>> error occurred.
>>
>>
>> But it doesn't seem to work.
>>
>>
>> % bash -c '"/bin/ls /foo"' ; echo $?
>> bash: /bin/ls /foo: No such file or directory
>> 127
>>
>> % ssh cryo bash -c '"/bin/ls /foo"' ; echo $?
>> /bin/ls: /foo: No such file or directory
>> 0
>>
>> What's up?
> You're seeing the exit status from the bash command, which is doing
> something different possibly due to configuration (.bashrc and
> related). Skip invoking bash and try ssh cryo /bin/ls /foo and see
> what your exit code is then.

Good point. But the results are the same.
Here's the new data without bash in the mix.
This assumes that sshd doesn't spawn a shell of some kind to execute the
command.

% /bin/ls /foo; echo $?
/foo: No such file or directory
2

% ssh -v buba /bin/ls /foo; echo $?
Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x0090811f
debug1: Reading configuration data /home/quenelle/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to buba [10.133.144.239] port 22.
debug1: Connection established.
debug1: ssh_kmf_check_uri: /home/quenelle/.ssh/identity
debug1: Identity file/URI '/home/quenelle/.ssh/identity' pubkey type UNKNOWN
debug1: ssh_kmf_check_uri: /home/quenelle/.ssh/id_rsa
debug1: ssh_kmf_key_from_blob: blob length is 149.
debug1: Identity file/URI '/home/quenelle/.ssh/id_rsa' pubkey type ssh-rsa
debug1: ssh_kmf_check_uri: /home/quenelle/.ssh/id_dsa
debug1: ssh_kmf_key_from_blob: blob length is 433.
debug1: Identity file/URI '/home/quenelle/.ssh/id_dsa' pubkey type ssh-dss
debug1: Logging to host: buba
debug1: Local user: quenelle Remote user: quenelle
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: match: Sun_SSH_1.1 pat Sun_SSH_1.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA,
DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Creating a global KMF session.
debug1: My KEX proposal before adding the GSS KEX algorithm:
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible

)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: My KEX proposal I sent to the peer:
debug1: KEX proposal I received from the peer:
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Host key algorithm 'ssh-rsa' chosen for the KEX.
debug1: Peer sent proposed langtags, ctos:
en-CA,en-US,es,es-MX,fr,fr-CA,i-default
debug1: Peer sent proposed langtags, stoc:
en-CA,en-US,es,es-MX,fr,fr-CA,i-default
debug1: We proposed langtags, ctos: en-US
debug1: We proposed langtags, stoc: en-US
debug1: Negotiated lang: en-US
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: en_US.UTF-8
debug1: Remote: Negotiated messages locale: en_US.UTF-8
debug1: dh_gen_key: priv key bits set: 136/256
debug1: bits set: 1622/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: ssh_kmf_key_from_blob: blob length is 149.
debug1: ssh_kmf_key_from_blob: blob length is 149.
debug1: ssh_kmf_key_from_blob: blob length is 149.
debug1: Host 'buba' is known and matches the RSA host key.
debug1: Found key in /home/quenelle/.ssh/known_hosts:42
debug1: bits set: 1588/3191
debug1: ssh_rsa_verify: signature correct
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue:
gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No
credentials were supplied, or the credentials were unavailable or
inaccessible

)
debug1: Next authentication method: publickey
debug1: Trying private key: /home/quenelle/.ssh/identity
debug1: ssh_kmf_check_uri: /home/quenelle/.ssh/identity
debug1: Trying public key: /home/quenelle/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149 lastkey 80ab010 hint 1
debug1: ssh_kmf_key_from_blob: blob length is 149.
debug1: ssh_kmf_check_uri: /home/quenelle/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey)
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: env
debug1: Sending command: /bin/ls /foo
debug1: channel request 0: exec
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: Remote: Channel 0 set: LANG=en_US.UTF-8
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: rcvd close
debug1: channel 0: close_read
debug1: channel 0: input open -> closed
/foo: No such file or directory
debug1: channel 0: obuf empty
debug1: channel 0: close_write
debug1: channel 0: output drain -> closed
debug1: channel 0: almost dead
debug1: channel 0: gc: notify user
debug1: channel 0: gc: user detached
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 2
0




>> I see the same thing on a Linux system and a Solaris system:
>>
>> % ssh -V
>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
>>
>> % ssh -V
>> Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x0090811f
>>
>> Output of -v is:
>>
>> % ssh -v cryo bash -c '"/bin/ls /foo"'
>> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
>> debug1: Reading configuration data /home/quenelle/.ssh/config
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: Applying options for *
>> debug1: Connecting to cryo [10.133.144.28] port 22.
>> debug1: Connection established.
>> debug1: identity file /home/quenelle/.ssh/identity type -1
>> debug1: identity file /home/quenelle/.ssh/id_rsa type 1
>> debug1: identity file /home/quenelle/.ssh/id_dsa type 2
>> debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
>> debug1: match: OpenSSH_4.2 pat OpenSSH*
>> debug1: Enabling compatibility mode for protocol 2.0
>> debug1: Local version string SSH-2.0-OpenSSH_4.2
>> debug1: SSH2_MSG_KEXINIT sent
>> debug1: SSH2_MSG_KEXINIT received
>> debug1: kex: server->client aes128-cbc hmac-md5 none
>> debug1: kex: client->server aes128-cbc hmac-md5 none
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>> debug1: Host 'cryo' is known and matches the RSA host key.
>> debug1: Found key in /home/quenelle/.ssh/known_hosts:33
>> debug1: ssh_rsa_verify: signature correct
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey,keyboard-interactive
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/quenelle/.ssh/identity
>> debug1: Offering public key: /home/quenelle/.ssh/id_rsa
>> debug1: Server accepts key: pkalg ssh-rsa blen 149
>> debug1: read PEM private key done: type RSA
>> debug1: Authentication succeeded (publickey).
>> debug1: channel 0: new [client-session]
>> debug1: Entering interactive session.
>> debug1: Sending environment.
>> debug1: Sending env LANG = en_US.UTF-8
>> debug1: Sending command: bash -c "/bin/ls /foo"
>> /bin/ls: /foo: No such file or directory
>> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
>> debug1: channel 0: free: client-session, nchannels 1
>> debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.2 seconds
>> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
>> debug1: Exit status 2
>>
>> Since the expected exit status is "127", and the status
>> that the shell sees with $? is "0", I'm not sure how the "status 2"
>> on the last line fits in.
>>
>>
>>
>>
>>
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev [at] mindrot
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


peter at stuge

Mar 18, 2011, 11:20 AM

Post #3 of 8 (8984 views)
Permalink
Re: exit status of ssh? [In reply to]

Chris Quenelle wrote:
>> try ssh cryo /bin/ls /foo and see what your exit code is then.
>
> Good point. But the results are the same.

It works for me.

$ ls /foo; echo $?
ls: cannot access /foo: No such file or directory
2
$ ssh foo ls /foo; echo $?
ls: /foo: No such file or directory
2
$ ssh -v box ls /foo; echo $?
OpenSSH_5.4p1, OpenSSL 0.9.8k 25 Mar 2009
..
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0
..
debug1: Sending command: ls /foo
ls: /foo: No such file or directory
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2472, received 1920 bytes, in 0.4 seconds
Bytes per second: sent 6804.5, received 5285.0
debug1: Exit status 2
2
$


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


sfandino at yahoo

Mar 19, 2011, 12:39 AM

Post #4 of 8 (8998 views)
Permalink
Re: exit status of ssh? [In reply to]

On 03/18/2011 05:52 PM, Chris Quenelle wrote:
> On Friday March 18 9:41AM, Michael Loftis wrote:
>> On Thu, Mar 17, 2011 at 5:17 PM, Chris Quenelle
>> <chris.quenelle [at] oracle> wrote:
>>> The man page for ssh says that the exit status of ssh should
>>> be the exit status of the program that it runs.
>>>
>>> The session terminates when the command or shell on the remote machine
>>> exits and all X11 and TCP/IP connections have been closed. The exit sta‐
>>> tus of the remote program is returned as the exit status of ssh.
>>> ...
>>> ssh exits with the exit status of the remote command or with 255 if an
>>> error occurred.
>>>
>>>
>>> But it doesn't seem to work.
>>>
>>>
>>> % bash -c '"/bin/ls /foo"' ; echo $?
>>> bash: /bin/ls /foo: No such file or directory
>>> 127
>>>
>>> % ssh cryo bash -c '"/bin/ls /foo"' ; echo $?
>>> /bin/ls: /foo: No such file or directory
>>> 0

What happens when you log in cryo and run the first command there?

- Salva
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


stu at spacehopper

Mar 20, 2011, 2:06 PM

Post #5 of 8 (9154 views)
Permalink
Re: exit status of ssh? [In reply to]

On 2011-03-17, Chris Quenelle <chris.quenelle [at] oracle> wrote:
> The man page for ssh says that the exit status of ssh should
> be the exit status of the program that it runs.
>
> The session terminates when the command or shell on the remote machine
> exits and all X11 and TCP/IP connections have been closed. The exit sta???
> tus of the remote program is returned as the exit status of ssh.
> ...
> ssh exits with the exit status of the remote command or with 255 if an
> error occurred.
>
>
> But it doesn't seem to work.

What does 'type ssh' say? Some people alias it to a shell function
which resets the window title, and in some cases that function doesn't
correctly handle the exit code (/etc/ksh.kshrc in OpenBSD used to do
this, for example).


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


chris.quenelle at oracle

Mar 21, 2011, 11:47 AM

Post #6 of 8 (8979 views)
Permalink
Re: exit status of ssh? [In reply to]

On Saturday March 19 12:39AM, Salvador Fandiño wrote:
> On 03/18/2011 05:52 PM, Chris Quenelle wrote:
>> On Friday March 18 9:41AM, Michael Loftis wrote:
>>> On Thu, Mar 17, 2011 at 5:17 PM, Chris Quenelle
>>> <chris.quenelle [at] oracle> wrote:
>>>> The man page for ssh says that the exit status of ssh should
>>>> be the exit status of the program that it runs.
>>>>
>>>> The session terminates when the command or shell on the remote machine
>>>> exits and all X11 and TCP/IP connections have been closed. The exit
>>>> sta‐
>>>> tus of the remote program is returned as the exit status of ssh.
>>>> ...
>>>> ssh exits with the exit status of the remote command or with 255 if an
>>>> error occurred.
>>>>
>>>>
>>>> But it doesn't seem to work.
>>>>
>>>>
>>>> % bash -c '"/bin/ls /foo"' ; echo $?
>>>> bash: /bin/ls /foo: No such file or directory
>>>> 127
>>>>
>>>> % ssh cryo bash -c '"/bin/ls /foo"' ; echo $?
>>>> /bin/ls: /foo: No such file or directory
>>>> 0
>
> What happens when you log in cryo and run the first command there?
>
> - Salva

cryo gives the same result as on the ssh-originating host:
% ssh cryo
% bash -c '"/bin/ls /foo"' ; echo $?
bash: /bin/ls /foo: No such file or directory
127

So by reading between the lines, I assume that other
people are not seeing this kind of behavior?

That's very strange. I haven't yet gone to the trouble of setting
up a new user account with it's own scratch ~/.ssh directory
to see if it is reproducible.

I assumed this was either a bug that nobody noticed, or it was
some kind of pilot error on my part.

--chris





_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


peter at stuge

Mar 21, 2011, 11:53 AM

Post #7 of 8 (8989 views)
Permalink
Re: exit status of ssh? [In reply to]

Chris Quenelle wrote:
> cryo gives the same result as on the ssh-originating host:
> % ssh cryo
> % bash -c '"/bin/ls /foo"' ; echo $?

Note that this command is really bogus. You are asking bash to
execute the command "/bin/ls /foo" ie. the program foo, in a
subdirectory called l-s-space, in /bin.


> bash: /bin/ls /foo: No such file or directory
> 127

But regardless what the error is, I think you should be getting back
the error code.

$ bash -c '/bin/ls /foo'; echo $?
/bin/ls: cannot access /foo: No such file or directory
2
$ bash -c '"/bin/ls /foo"'; echo $?
bash: /bin/ls /foo: No such file or directory
127
$ ssh localhost '/bin/ls /foo'; echo $?
/bin/ls: cannot access /foo: No such file or directory
2
$ ssh root '"/bin/ls /foo"'; echo $?
bash: /bin/ls /foo: No such file or directory
127


> So by reading between the lines, I assume that other
> people are not seeing this kind of behavior?

As you can see above it all works as expected here.


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


chris.quenelle at oracle

Mar 21, 2011, 11:54 AM

Post #8 of 8 (8974 views)
Permalink
Re: exit status of ssh? [In reply to]

On Monday March 21 11:47AM, Chris Quenelle wrote:
>
> So by reading between the lines, I assume that other
> people are not seeing this kind of behavior?
>
> That's very strange. I haven't yet gone to the trouble of setting
> up a new user account with it's own scratch ~/.ssh directory
> to see if it is reproducible.
>
> I assumed this was either a bug that nobody noticed, or it was
> some kind of pilot error on my part.
>

Arg! It turned out to be pilot error.
I have a shell function / alias for 'ssh' which sends escape
characters to my term client. If I bypass the alias, and run
the binary directly, then the return code works as expected.

Never mind!

thanks for your patience.

--chris

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.