5

I'm using a python SSH library named "paramiko". It uses like this:

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(host, username=user_name, password=password)
chan = ssh_pool[host].get_transport().open_session()
chan.exec_command(SOME_COMMAND)

Because I need to execute some command in sudo, I need to call chan.get_pty() before exec_command to ensure there is a tty avaliable.

And I found after I called get_pty(), the stdout return from remote server using \r\n as newline instead of \n.

For example:

>>> chan = ssh.get_transport().open_session()
>>> chan.exec_command("echo hello world")
>>> chan.recv(1000)
b'hello world\n'

and after calling get_pty():

>>> chan = ssh.get_transport().open_session()
>>> chan.get_pty()
>>> chan.exec_command("echo hello world")
>>> chan.recv(1000)
b'hello world\r\n'

I have do some web searching, but cannot find anything connect to pty / tty / newline / \r\n

I'm worried about what may cause this change.

Why does paramiko returns \r\n as newline instead of \n?

lxohi
  • 350
  • 2
  • 11
  • Why are you worrying about that so much? It's just the line break of the string of the return value of the command you are running. Of course, you need to process that somehow, but either split it into a list on `\n` and replace `\r` or replace both `\r` and `\n`: http://stackoverflow.com/questions/16566268/remove-all-line-breaks-from-a-long-string-of-text – jhoepken Mar 09 '16 at 09:30
  • @JensHöpken Because I'm dealing with a bunch of server with quite different environments. I have think of just dealing with both \r\n and \n. But I'm still worried if I can't figure out what may causing this, someday some kind of unknown problem will came out. – lxohi Mar 09 '16 at 10:08

1 Answers1

5

Because that is how the newlines are translated for a (pseudo)terminal. \r is the carriage return that moves cursor to column 1, and \n is the linefeed that moves cursor down by one.

The terminal has by default the onlcr translation flag enabled. From stty man pages:

[-]onlcr

newline performs a carriage return

You can also see this flag enabled, i.e. without - in front (on the 3rd last line) in output of stty -a.

% stty -a
speed 38400 baud; rows 46; columns 79; line = 0;
intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>;
eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;
werase = ^W; lnext = ^V; flush = ^O; min = 1; time = 0;
-parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts
-ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon ixoff
-iuclc -ixany -imaxbel iutf8
opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt
echoctl echoke

You can disable this setting with stty -onlcr, however its presence shouldn't normally be a problem; if you suspect some binary data might become broken, you must not use a pty anyway.

If this is just some single command, then it does not add much to security that you send your plaintext password over SSH; if anyone haves access to your remote account now they'll not only have unlimited access to root on that computer, but they'd also know your password. It is better to let ssh to root, and let root run this 1 command with "forced commands", or edit /etc/sudoers so that no password is required for this single command from this account.

Community
  • 1
  • 1
Antti Haapala -- Слава Україні
  • 129,958
  • 22
  • 279
  • 321