Working with paramiko
SSHClient is the main class provided by the paramkio module. It provides the basic interface you are going to want to use to instantiate server connections. The above code creates a new SSHClient object, and then calls ”connect()” to connect us to the local SSH server.
Here’s a simple example:
|
1 |
import paramiko |
|
2 |
ssh = paramiko.SSHClient() |
|
3 ssh.connect('192.168.1.2', username='vinod', password='screct') |
|
|
|
|
|
|
|
|
这样将会报如下错误: >>> ssh.connect('127.0.0.1',username='root',password='000000') Traceback (most recent call last): File "<stdin>", line 1, in ? File "/usr/lib/python2.4/site-packages/paramiko/client.py", line 311, in connect self._policy.missing_host_key(self, server_hostkey_name, server_key) File "/usr/lib/python2.4/site-packages/paramiko/client.py", line 85, in missing_host_key raise SSHException('Unknown server %s' % hostname) paramiko.SSHException: Unknown server 127.0.0.1
解决方法:
Known_host="/root/.ssh/known_hosts"<=前提,这里应该存在与127.0.0.1有关的信息。 ssh.load_system_host_keys( known_host)
|
|
|
1 |
import paramiko |
|
2 |
import os |
|
3 |
privatekeyfile = os.path.expanduser('~/.ssh/id_rsa') |
|
4 |
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile) |
|
5 |
ssh.connect('192.168.1.2', username = 'vinod', pkey = mykey) |
注意:(这里的key,用的是RSA的key,我们在用ssh-keygen -t rsa来指定它,才可以在这里用,否则将会报无法识别的RSA KEY。而且如果你的RSA Key有密码的话,你还需要
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile,password='12345678')
不过,我们可以用publickey来登录的。
解法如下:
serverHost = "127.0.0.1"
serverPort = 22
userName = "root"
keyFile = "~/.ssh/badboy"
known_host = "~/.ssh/known_hosts"
channel = paramiko.SSHClient();
channel.load_system_host_keys( known_host )
channel.connect( serverHost, serverPort,username = userName, key_filename = keyFile )
)
Running Simple Commands
Lets run some simple commands on a remote machine.
|
1 |
import paramiko |
|
2 |
ssh = paramiko.SSHClient() |
|
3 |
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) <=这样的话,就会报paramiko.SSHException: Unknown server |
|
4 |
ssh.connect('beastie', username='vinod', password='secret') |
|
5 |
stdin, stdout, stderr = ssh.exec_command('df -h') |
|
6 |
print stdout.readlines() |
|
7 |
ssh.close() |
“paramiko.AutoAddPolicy()” which will auto-accept unknown keys.
Using sudo in running commands:
|
01 |
import paramiko |
02
|
03 |
cmd = "sudo /etc/rc.d/apache2 restart" |
04
|
05 |
ssh = paramiko.SSHClient() |
|
06 |
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) |
|
07 |
ssh.connect('beastie', username='vinod', password='secret') |
|
08 |
stdin, stdout, stderr = ssh.exec_command(cmd) |
|
09 |
stdin.write('secret\n') |
|
10 |
stdin.flush() |
|
11 |
print stdout.readlines() |
|
12 |
ssh.close() |
在这个例子中,无法运行,也无法解释,希望志同道合的朋友能给个解释!
Secure File Transfer Using SFTPClient
SFTPClient is used to open an sftp session across an open ssh Transport and do remote file operations.
An SSH Transport attaches to a stream (usually a socket), negotiates an encrypted session, authenticates, and then creates stream tunnels, called Channels, across the session. Multiple channels can be multiplexed across a single session (and often are, in the case of port forwardings).
以下是用密码认证功能登录的
#!/usr/bin/env python
import paramiko
socks=('127.0.0.1',22)
testssh=paramiko.Transport(socks)
testssh.connect(username='root',password='000000')
sftptest=paramiko.SFTPClient.from_transport(testssh)
remotepath="/tmp/a.log"
localpath="/tmp/c.log"
sftptest.put(remotepath,localpath)
sftptest.close()
testssh.close()
以下是用DSA认证登录的(PubkeyAuthentication)
#!/usr/bin/env python
import paramiko
serverHost = "192.168.1.172"
serverPort = 22
userName = "root"
keyFile = "/root/.ssh/zhuzhengjun"
known_host = "/root/.ssh/known_hosts"
channel = paramiko.SSHClient();
#host_keys = channel.load_system_host_keys(known_host)
channel.set_missing_host_key_policy(paramiko.AutoAddPolicy())
channel.connect(serverHost, serverPort,username=userName, key_filename=keyFile )
testssh=paramiko.Transport((serverHost,serverPort))
mykey = paramiko.DSSKey.from_private_key_file(keyFile,password='xyxyxy')
testssh.connect(username=userName,pkey=mykey)
sftptest=paramiko.SFTPClient.from_transport(testssh)
filepath='/tmp/e.log'
localpath='/tmp/a.log'
sftptest.put(localpath,filepath)
sftptest.close()
testssh.close()
以下是用RSA Key认证登录的
#!/usr/bin/evn python
import os
import paramiko
host='127.0.0.1'
port=22
testssh=paramiko.Transport((host,port))
privatekeyfile = os.path.expanduser('~/.ssh/badboy')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile,password='000000')
username = 'root'
testssh.connect(username=username, pkey=mykey)
sftptest=paramiko.SFTPClient.from_transport(testssh)
filepath='/tmp/e.log'
localpath='/tmp/a.log'
sftptest.put(localpath,filepath)
sftptest.close()
testssh.close()
另一种方法:
在paramiko中使用用户名和密码通过sftp传输文件,不使用key文件。
import getpass
import select
import socket
import traceback
import paramiko
def putfile():
#import interactive
# setup logging
paramiko.util.log_to_file('demo.log')
username = username
hostname = hostname
port = 22
# now connect
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((hostname, port))
except Exception, e:
print '*** Connect failed: ' + str(e)
traceback.print_exc()
sys.exit(1)
t = paramiko.Transport(sock)
try:
t.start_client()
except paramiko.SSHException:
print '*** SSH negotiation failed.'
sys.exit(1)
keys = {}
# check server's host key -- this is important.
key = t.get_remote_server_key()
# get username
t.auth_password(username, password)
sftp = paramiko.SFTPClient.from_transport(t)
# dirlist on remote host
d=datetime.date.today()-datetime.timedelta(1)
sftp.put(localFile,serverFile)
sftp.close()
t.close()
使用DSA认证登录的(PubkeyAuthentication)
#!/usr/bin/env python
import socket
import paramiko
import os
username='root'
hostname='192.168.1.169'
port = 22
sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((hostname, port))
t=paramiko.Transport(sock)
t.start_client()
key=t.get_remote_server_key()
#t.auth_password(username,'000000')
privatekeyfile = os.path.expanduser('/root/.ssh/zhuzhengjun')
mykey=paramiko.DSSKey.from_private_key_file(privatekeyfile,password='061128')
t.auth_publickey(username,mykey)
sftp=paramiko.SFTPClient.from_transport(t)
sftp.put("/tmp/a.log","/tmp/h.log")
sftp.close()
t.close()
使用RSA Key验证
#!/usr/bin/env python
import socket
import paramiko
import os
username='root'
hostname='127.0.0.1'
port = 22
sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((hostname, port))
t=paramiko.Transport(sock)
t.start_client()
key=t.get_remote_server_key()
#t.auth_password(username,'000000')
privatekeyfile = os.path.expanduser('~/.ssh/badboy')
mykey=paramiko.RSAKey.from_private_key_file(privatekeyfile,password='000000')
t.auth_publickey(username,mykey)
sftp=paramiko.SFTPClient.from_transport(t)
sftp.put("/tmp/a.log","/tmp/h.log")
sftp.close()
t.close()
