Can I use PLink to run command on shell invoked by a command of PLink?

Question

I am trying to use PLink to run a command (show vpn-sessiondb anyconnect) on Cisco Firepower 1010 router. There is a slight problem though:

If I SSH to the device, it automatically invokes a shell to the FTD CLI. From here I can input the command (show vpn-sessiondb anyconnect) I want and get the output.

If I use PLink to remotely execute a command, however, the command (show vpn-sessiondb anyconnect) executes before the shell to the FTD CLI is called, and instead invokes the command on the FXOS shell from which the FTD CLI shell is called.

The FXOS shell has a command (connect ftd) that is used to invoke the FTD CLI from which I want to invoke my remote command (show vpn-sessiondb anyconnect). Unfortunately, if I try to execute both commands together (plink.exe -batch -ssh user@host -pw XXXXX "connect ftd;show vpn-sessiondb anyconnect") the command hangs and does not fully execute.

I presume this is because when (connect ftd) is remotely executed, the shell it invokes is interactive (much like trying remotely execute sudo su) and can't take any further input.

Is there a way to use PLink so that it can interact with shells invoked by remote commands?

Answer 1

I believe -m <file> is the only way to give plink multiple commands that it executes one at a time, like:

plink -batch -ssh user@host -pw XXXXX -m c:\test\plink.txt

Where that file looks something like this:

connect ftd
show vpn-sessiondb anyconnect

Sometimes you might need to add blank lines in case of banner or similar prompt

If you don't use -m, Putty/plink sends the commands as a single line. Using semicolons like "foo;bar" does work if the remote shell supports that syntax like bash

Answer 2

There's a difference between logging-in with Plink and typing a command and executing the command from Plink command line.

The first uses "shell" channel. While the latter uses "exec" channel. In most cases it should not make significant difference. But on your server it does.

To simulate typing a command, use input redirection instead:

echo show vpn-sessiondb anyconnect | plink -batch -ssh user@host -pw XXXXX

Using the "shell" channel can have unwanted side effects, so you might also consider using the "exec" channel by executing the connect command from commandline. But you still need to feed it's sub-command using input redirection:

echo show vpn-sessiondb anyconnect | plink -batch -ssh user@host -pw XXXXX connect ftd