Skip to content

Tag: - Shell Prompt Definition

Definition

When Osirium PAM is connecting to and running tasks on a command line device (SSH or Telnet), Osirium PAM needs to know what the devices normal shell prompt looks like. By normal we mean when the command line is 'at rest' and not in the middle of a command, that may ask questions for example.

A device may have more than one shell prompt, for example when logging in the prompt is in standard user mode, but the prompt may change when rights are elevated to privileged mode. This is often seen by the end of the prompt changing from > to #.

This tag has the following attributes:

Parameters

  • Element Text (str) : This is a regular expression defining the shell prompt.

Example: Simple Hostname Prompt

A simple shell prompt matching the hostname following by > followed by a space, would be:

1
   <shellprompt>.*&gt;\s</shellprompt>

Note

Regular expressions as text nodes in templates (as with all xml) must have the greater than character > defined by it's shortname: %gt;

The regular expression matches any characters followed by > followed by a space.

Example: Username @ Hostname Prompt

Another typical example shell prompt might be to match a username@hostname style prompt, like this:

1
   <shellprompt>^.*@.*[&gt;#]</shellprompt>

This matches:

  • Start of line
  • Any character (0 or more)
  • Then the @ symbol
  • Then any character (0 or more)
  • Then either > or #

Example: Cisco Shell Prompt

A Cisco shell prompt is a little more complex. Firstly, depending on the mode and privileged level of the user logging in, the shell prompt may end in > or #. Secondly, when Osirium PAM runs a Techout some Cisco devices output a kind of ASCII graph, which uses < and > as characters in the graph. To stop this fooling the Osirium PAM into thinking the shell prompt has been seen and the Techout command has finished early, the shell prompt RegEx must not match if there is a < before the > on the same line.

The standard Cisco shell prompt is therefore:

1
   <shellprompt>^((?![\s&lt;]).)+[#&gt;]</shellprompt>

The regular expression means:

  • From the start of the line
  • With no whitespaces or <
  • Then any characters
  • Followed by either # or >

Parent Tags

Child Tags

  • None