Simple script that starts a service at router level

Joined
Mar 20, 2010
Messages
19
Reaction score
0
Points
1
I need to create a simple script with the following lines (as I would input them in Terminal):

ssh [email protected]
(enter password)
/etc/init.d/openvpn start

How do I go about that?
 

rman


Retired Staff
Joined
Dec 24, 2002
Messages
12,637
Reaction score
168
Points
63
Location
Los Angeles, California
Your Mac's Specs
14in MacBook Pro M1 Max 32GB 2TB
Interesting I was not aware that you could access a router via ssh. Which router are you using?
 
OP
M
Joined
Mar 20, 2010
Messages
19
Reaction score
0
Points
1
It’s a generic ISP-provided router (BT Home Hub 5), which has been reflashed with LEDE/OpenWRT.
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Your best bet is to use Expect to accomplish this. It is a good scripting language to send commands, wait for things and send additional commands and wait, and so on.

So you first send the "ssh" command and then expect "password:" or some other recognizable string and then send the password and expect "$" or whatever the prompt looks like, and then you'd send the "openvpn" command and then maybe send a "ps -e | grep openvpn" command and expect to see "openvpn" in the list confirming that it started and then you'd send "exit" to kill the SSH session and close the script.

If you are familiar with coding, translate my "pseudo" code to the actual code, if not, I'll take a whack at it when I have a moment and send it across.
 

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,596
Reaction score
1,072
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
Humor a non coder for asking the abvious question here: Is the oobjective of the code in post #1 to open a vpn at the router level? The goal being to route all traffic through a vpn without having to have separate programs on each device.
 

rman


Retired Staff
Joined
Dec 24, 2002
Messages
12,637
Reaction score
168
Points
63
Location
Los Angeles, California
Your Mac's Specs
14in MacBook Pro M1 Max 32GB 2TB
Slydude, I was wondering the same thing, since I am able to setup a vpn server via my router.
 
OP
M
Joined
Mar 20, 2010
Messages
19
Reaction score
0
Points
1
Yeah, you start the VPN at router level and all traffic will be directed through the VPN. As opposed to starting a VPN session on the computer, which only affects the machine in question. It comes really useful when you have devices not capable of initiating a VPN connection on their own, like an apple TV for instance.


Thanks for the input guys, I came up with a very basic code in the meantime:

tell application "Terminal"
activate
do script "ssh [email protected]"
delay 3
tell application "System Events"
keystroke "myPassword"
keystroke return
keystroke "/etc/init.d/openvpn start"
keystroke return
delay 1
keystroke "exit"
keystroke return
delay 1
end tell
quit application "Terminal"
end tell


It actually works very well, but not what you suggested Raz0rEdge - the biggest problem being with the password out in the open. So I use Expect to fix that, but I'm really struggling to understand how it works. How would the password not be 'in the open' with Expect?
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Miller_, that AppleScript would work and Expect would work essentially the same. However, as you've found out, both of them suffer the problem of your password being in clear text. The other thing you can do is setup SSH keys (assuming your router supports that). You can generate DSA or RSA keys and then save the public key on the router and keep the private key locally and then when you SSH, you will not be required for a password at all.

The assumption here is that the account you are logging into so that you can run the script is where you would authenticate and keep that secure.

The second option you have is to compile your AppleScript into an application. Choose File->Export and then for File Format, choose Application. This should now give you an compiled application that will "hide" your plain text password (confirm that by looking into the .app folder that is your application and using 'grep' for your password). You can now zip your script up behind a password or something to keep it safe.
 
OP
M
Joined
Mar 20, 2010
Messages
19
Reaction score
0
Points
1
Perfect, went for the easier option and got it saved as a run-only script, and blanked out the password in the original applescript file.

Strangely, it didn't run well when saved as an application. It ignored my delay commands and the whole process would bog down.
 
Joined
Oct 16, 2010
Messages
17,494
Reaction score
1,541
Points
113
Location
Brentwood Bay, BC, Canada
Your Mac's Specs
2011 27" iMac, 1TB(partitioned) SSD, 20GB, OS X 10.11.6 El Capitan
Perfect, went for the easier option and got it saved as a run-only script, and blanked out the password in the original applescript file.

Strangely, it didn't run well when saved as an application. It ignored my delay commands and the whole process would bog down.



I say congratulations to both programmers here for their combined success. It also really shows the power of what can be done with what's provided. As they say, it's just a matter of knowing how. clap.gif thumbup2.gif

Yeah right… but how about knowing how to know how???? :Smirk:

Well done I say!!!

As a good Mac programmer told me one day — if you can think it, it can be done. Yeah right, for some maybe!!! ;D



- Patrick
======
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Perfect, went for the easier option and got it saved as a run-only script, and blanked out the password in the original applescript file.

Strangely, it didn't run well when saved as an application. It ignored my delay commands and the whole process would bog down.

I find it odd that the delays didn't take effect. I wonder if the compiled app somehow makes the delay seem shorter. You might want to try extending the delays to say 5 seconds and see if that has the desired effect when compiled.

If not, I will play with some delays as well and let's see what we can come up with.
 
OP
M
Joined
Mar 20, 2010
Messages
19
Reaction score
0
Points
1
Played around with that code a bit and found that if write delay 3 line twice, it works as expected by delaying 3 when compiled as an app. It does delay 6 when run directly from the script. It doesn't make much sense, probably a bug.

Thank you very much for the props pm-r, although I can assure you I am as much of a programmer as you are. Raz0rEdge is the one with the knowhow :) I'm just muddling through with bits of code I found on various threads.
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
Excellent, glad you could figure it out. That does sound like a bug with delays. Must be some goofiness with the way the script is being compiled with how the delay gets implemented in the application. One of the thing with code compilation is that sometimes compilers get a little too smart and try to optimize delays away to get you efficiency without realizing that you put the delay in there on purpose.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top