Creating small CLI tools is a fun way to get more familiar with a programming language. If you are coming from an infrastructure background, a CLI tool that you can use to send commands to devices/servers might be considered a neat starting point getting into Rust. This is how I started off learning Python, by writing small things that were usefull in a context that I was familiar with. Back then, I used argparse, getpass and netmiko. Starting with Rust is pretty daunting, and I have found that using similar tactic used to learn Python can also be applied when learning Rust.
In this article, I explore a tiny bit of Rust by building a CLI tool that will let you log into a router or a server and issue a command over SSH. I hope the examples here can offer you a nice running start exploring Rust.
Running a CLI command over SSH
In case you do not have Rust installed, one easy way of going about things is to grab the rust Docker container:
docker pull rust docker run --name='ru' --hostname='ru' -di rust /bin/sh docker exec -it ru bash apt-get update apt-get install vi
The Rust image is 1.22GB 😳
After this, we use cargo new to start a new project:
cargo new ssh cd ssh/ vi Cargo.toml
We put the following in our Cargo.toml:
[package]
name = "ssh_example"
version = "0.1.0"
edition = "2018"
[dependencies]
ssh2 = "0.9"
This let’s us pull in the ssh2-rs, which offers Rust bindings to libssh2, the ssh client library written in C.
Now we put in our first example script. We edit the main.rs file in the src directory:
vi src/main.rs
Then we put in the following:
use ssh2::Session;
use std::io::prelude::*;
use std::net::TcpStream;
fn main() {
let tcp = TcpStream::connect("192.168.1.1:22").unwrap();
let mut sess = Session::new().unwrap();
sess.set_tcp_stream(tcp);
sess.handshake().unwrap();
sess.userauth_password("username", "password")
.unwrap();
let mut channel = sess.channel_session().unwrap();
channel.exec("show version").unwrap();
let mut s = String::new();
channel.read_to_string(&mut s).unwrap();
println!("{}", s);
channel.wait_close().ok();
println!("{}", channel.exit_status().unwrap());
}
This will use SSH to connect to a system configured with IP address 192.168.1.1 and issue the show version command.
After putting in the file, we can use cargo run to run the code:
root@ru:/ssh# cargo run
Finished dev [unoptimized + debuginfo] target(s) in 0.83s
Running `target/debug/ssh`
Arista DCS-7050TX-64-R
Hardware version: 01.01
Serial number: KLF80800800
System MAC address: 001c.84ec.cb72
Software image version: 4.20.12M
Architecture: i386
Internal build version: 4.20.12M-11527863.42012M
Internal build ID: 3a8329a8-af7b-4a7e-ae1c-cad006c5540d
Uptime: 114 weeks, 1 days, 7 hours and 2 minutes
Total memory: 3818208 kB
Free memory: 2258276 kB
0
Collecting user input
We can add some CLI options to running this script by using structopt. First, change our Cargo.toml to the following:
[package] name = "ssh_example" version = "0.1.0" edition = "2018" [dependencies] ssh2 = "0.9" structopt = "0.3.21"
This brings in the structopt crate and let’s us define some arguments for our CLI script. In case you are familiar with Python, think argparse.
Let’s first create a script that only collects the arguments:
use structopt::StructOpt;
#[derive(Debug, StructOpt)]
#[structopt(name = "structopt example", about = "using structop")]
struct Args {
#[structopt(short = "h", long)]
host: String,
#[structopt(short = "c", long)]
command: String,
#[structopt(short = "u", long)]
username: String,
}
fn main() {
println!("Structopt example");
let args = Args::from_args();
println!(
"{:?}\nHost: {}\nCommand: {}\nUsername: {}",
args, args.host, args.command, args.username
);
}
We can run the above like so:
root@ru:/ssh# cargo run -- -h 192.168.1.50 -c 'show version' -u said
Compiling ssh_example v0.1.0 (/ssh)
Finished dev [unoptimized + debuginfo] target(s) in 1.21s
Running `target/debug/ssh_example -h 192.168.1.50 -c 'show version' -u said`
Structopt example
Args { host: "192.168.1.50", command: "show version", username: "said" }
Host: 192.168.1.50
Command: show version
Username: said
Looks good.
Though, we would also need to collect the password. For that, we include the rpassword crate by adding the following to our Cargo.toml:
rpassword = "5.0"
The rpassword crate allows us to ask users for a password without echoing it to screen. To collect the arguments as well as the password, we now have the following:
extern crate rpassword;
use rpassword::read_password;
use structopt::StructOpt;
#[derive(Debug, StructOpt)]
#[structopt(name = "structopt example", about = "using structop")]
struct Args {
#[structopt(short = "h", long)]
host: String,
#[structopt(short = "c", long)]
command: String,
#[structopt(short = "u", long)]
username: String,
}
fn main() {
println!("Enter your password: ");
let password = read_password().unwrap();
println!("The password is: '{}'", password);
println!("Structopt example");
let args = Args::from_args();
println!(
"{:?}\nHost: {}\nCommand: {}\nUsername: {}",
args, args.host, args.command, args.username
);
}
When we run this, we see the following:
root@ru:/ssh# cargo run -- -h 192.168.1.50 -c 'show version' -u said
Finished dev [unoptimized + debuginfo] target(s) in 0.05s
Running `target/debug/ssh_example -h 192.168.1.50 -c 'show version' -u said`
Enter your password:
The password is: 'mypassw0rd'
Structopt example
Args { host: "192.168.1.50", command: "show version", username: "said" }
Host: 192.168.1.50
Command: show version
Username: said
Great! Now we can move on and combine the two.
Tying things together
We create the following Cargo.toml:
[package] name = "ssh_example" version = "0.1.0" edition = "2018" [dependencies] ssh2 = "0.9" structopt = "0.3.21" rpassword = "5.0"
Then we update the SSH script:
use ssh2::Session;
use std::io::prelude::*;
use std::net::TcpStream;
extern crate rpassword;
use rpassword::read_password;
use structopt::StructOpt;
#[derive(Debug, StructOpt)]
#[structopt(name = "structopt example", about = "using structop")]
struct Args {
#[structopt(short = "h", long)]
host: String,
#[structopt(short = "c", long)]
command: String,
#[structopt(short = "u", long)]
username: String,
}
fn main() {
println!("Enter your password: ");
let password = read_password().unwrap();
let args = Args::from_args();
println!(
"Running command {} against host {}:\n",
args.command, args.host
);
let tcp = TcpStream::connect(args.host + ":22").unwrap();
let mut sess = Session::new().unwrap();
sess.set_tcp_stream(tcp);
sess.handshake().unwrap();
sess.userauth_password(&args.username, &password).unwrap();
let mut channel = sess.channel_session().unwrap();
channel.exec(&args.command).unwrap();
let mut command_output = String::new();
channel.read_to_string(&mut command_output).unwrap();
println!("{}", command_output);
channel.wait_close().ok();
println!("{}", channel.exit_status().unwrap());
}
Running the above gives us the following:
root@ru:/ssh# cargo run -- -h 192.168.1.50 -c 'show version' -u said
Finished dev [unoptimized + debuginfo] target(s) in 0.05s
Running `target/debug/ssh_example -h 192.168.1.50 -c 'show version' -u said`
Enter your password:
Running command show version against host 192.168.1.50:
Arista DCS-7050TX-64-R
Hardware version: 01.01
Serial number: KLF80800800
System MAC address: 001c.84ec.cb72
Software image version: 4.20.12M
Architecture: i386
Internal build version: 4.20.12M-11527863.42012M
Internal build ID: 3a8329a8-af7b-4a7e-ae1c-cad006c5540d
Uptime: 114 weeks, 1 days, 7 hours and 2 minutes
Total memory: 3818208 kB
Free memory: 2258276 kB
0
Instead of targeting a router, we can also play around targeting Linux servers:
root@ru:/ssh# cargo run -- -h 10.0.0.1 -c 'ls -ltr' -u said
Finished dev [unoptimized + debuginfo] target(s) in 0.05s
Running `target/debug/ssh_example -h 10.0.0.1 -c 'ls -ltr' -u said`
Enter your password:
Running command ls -ltr against host 10.0.0.1:
total 25032
-rw-r--r--. 1 said UnixUsers 25627989 May 3 11:11 Python-3.9.5.tgz
drwxr-xr-x. 16 said UnixUsers 4096 Jun 8 06:38 Python-3.9.5
0
Wrapping up
We created a small CLI tool that allows us to send a command over SSH to a server or a router. In the examples, I send a command to Linux server and an Arista switch. I did not get into all the specifics and this is not something that is ready for production. For one, I do not properly handle the Result, instead I used unwrap() everywhere. But the main point in this article was to give you a running start sending CLI commands to systems over SSH. I hope this gives you a nice starting point.