SSH: Send remote command to local background

Question

So I have a problem similar to how to send ssh job to background.

I have a windows c# program automated to execute tcpdump on a remote linux os using http://sshnet.codeplex.com/. I'm trying to execute tcpdump on the remote linux and leave it running after I disconnect.

I've been doing a lot of debugging using plink, but cannot seem to achieve the desired result. I've tried:

plink root@10.5.1.1 bash -c "tcpdump -i eth0 -w test.cap"

but it holds the sshclient until I ctrl+C (not going to work for automated solution). I've also tried variations of:

plink root@10.5.1.1 bash -c "tcpdump -i eth0 -w test.cap &"

but either the command is not executed at all (test.cap does not exist) or is terminated immediately (test.cap contains 1 line). During testing, I've left a ping going, so the capture should have somthing...

The previously mentioned link solves the problem with screen, but the remote linux os is not configurable and does not have screen. Any suggestions are welcome.

None of these solutions worked for me, remotely executing tcpdump on a Fedora machine. However, if the tcpdump command is encapsulated by a bash script, the script can be executed via an ssh command remotely and complete as expected. — user3529322, Apr 13 '14 at 15:46
As much as I would like to have done that, the remote machine in my case was a read-only embedded OS. — UndeadBob, Jun 06 '14 at 14:05

score 5 · Answer 1 · answered Jul 17 '12 at 18:42

5

In the latter case, your tcpdump process is probably being aborted when you disconnect. Try:

plink root@10.5.1.1 bash -c "nohup tcpdump -i eth0 -w test.cap &"

See the manpage for nohup. You may also want to consider redirecting stdout and stderr to a file or /dev/null to prevent nohup from writing output to a file:

plink root@10.5.1.1 bash -c "nohup tcpdump -i eth0 -w test.cap >/dev/null 2>&1 &"

answered Jul 17 '12 at 18:42

mrb

3,281
1
20
31

I appreciate the suggestion, but neither worked. When I run __ps -ef__ on 10.5.1.1, tcpdump is not running. Also, when I just pipe the output of the tcpdump instead of using the built in writer ('>' instead of '-w'), the file is created, but is completely empty. Maybe that helps? – UndeadBob Jul 18 '12 at 15:19
It sounds like `tcpdump` may just be resisting running in the background, so it's dying. Usually `nohup` deals with those kinds of programs. Offhand, I can't think of any other options that might work for you, sorry! – mrb Jul 18 '12 at 15:41

fahd · Accepted Answer · 2012-08-18T03:32:44.093

2

I had a similar problem while starting a remote application. This pattern worked for me on Debian servers:

ssh root@server "nohup /usr/local/bin/app -c cfg &; exit"

addition: for another test the above didn't work, ie. the command didn't start on the remote server. Adding a command that returns successfully before the exit seems to work.

ssh root@server "nohup /usr/local/bin/otherapp &; w; exit"

edited Aug 18 '12 at 03:32

answered Aug 18 '12 at 03:06

fahd

36
4

Fre Timmerman · Answer 3 · 2018-02-10T01:12:34.667

I had a similar situation: (on windows machine) i wanted to create a ms batch script to open an SSH connection to a raspberry pi and execute a local script in the background. I found that combining both Raj's and fahd's answers did the trick for me:

my ms batch script:

plink -load "raspberry Pi" -t -m startCommand.txt

the content of startCommand.txt is as follows:

nohup /home/pi/myscript >/dev/null 2>&1 &
w
exit

The ">/dev/null 2>&1 " is important! I found out (the hard way) that the RPi's SDcard kept getting full by an extremely large nohup.out file (and with a full SDcard, the RPi couldn't even login properly)

reasoning:

I used the -load to load a saved session in PuTTY (i do this because i am authenticating with public/private keys instead of passwords, but this should be the same as simply typing in the host)

then -t (as recommended by Raj)

then -m to load a list of commands in that file

without the parameter "-t" and without the "w" and "exit", my batch script would just run, not execute 'myscript' and close again.

score 0 · Answer 4 · answered Dec 28 '13 at 00:46

I had the same issue. I had a scrip in which I had nohup tcpdump .... & . I could not use ssh to run it as it dies when the ssh finished. The solution I came up with was super simple. I just added sleep 5 to the end of my script and it works just fine. It seems tcpdump needs some seconds to go to background safely before you exit even with nohup.

score 0 · Answer 5 · answered Mar 06 '14 at 01:46

0

I had the same problem, and I found that the "-t" option seems to be important to nohup. I found the nohup wasn't taking affect without the "-t" option.

ssh -t user@remote 'nohup tcpdump -i any -w /tmp/somefile &>/dev/null & sleep 2'

answered Mar 06 '14 at 01:46

Raj

1,764
2
13
14

score 0 · Answer 6 · answered Jun 05 '14 at 22:57

I think that I've nailed it, at least in IBM AIX

I'm using

ssh -tq user@host "/path/start-tcpdump.ksh"

(authentication is done by publick key). I was having inconsistent results using simple "nohup tcpdump .... &", sometimes it worked, sometimes it did not, sometimes it even blocked and I had to disconnect the session. So far, this is working ok, I can't really say WHY it is working, but it is...

This is my start-tcpip.ksh

#!/usr/bin/ksh
HOST=$(uname -n)
FILTER="port not 22"
(tcpdump -i en1 -w $HOST-en1.cap $FILTER >/dev/null 2>&1 ) &
sleep 2
(tcpdump -i en2 -w $HOST-en2.cap $FILTER >/dev/null 2>&1 ) &
sleep 2
exit 0

What is `start-tcpip.ksh`? You only mention `start-tcpdump.ksh` in your command. — dg99, Jun 05 '14 at 23:20

SSH: Send remote command to local background

6 Answers6