• paramiko-客户端和服务器认证工具


    required:

      python+pycrypto

    1.安装pycrypto

      726  cd /opt/
      727  wget http://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.6.tar.gz
      728  tar -zxvf pycrypto-2.6.tar.gz
      729  cd pycrypto-2.6/
      730  python
      731  python setup.py build && python setup.py install
    

    runtest:

    >>> import Crypto
    >>> 

    2.

    pip install paramiko
    error: command 'gcc' failed with exit status 1
    yum install gcc libffi-devel python-devel openssl-devel
    pip install paramiko
    Installing collected packages: cffi, cryptography

    Successfully installed cffi-1.6.0 cryptography-1.3.2

    >>> import paramiko
    >>> 

      

      

    import paramiko
    import sys,os
    host=sys.argv[1]
    user='alex'
    password=''
    cmd=sys.argv[2]
    
    s=paramiko.SSHClient()
    #加载本机的host密码文件
    s.load_system_host_host_keys()
    #Set policy to use when connecting to servers without a known host key
    #第一次连接输入yes or no
    s.set_missing_host_key_policy()
    s.connect(host,22,user,password,timeout=5)
    stdin.stdout,stders.exec_command(cmd)
    cmd_result=stout.read(),stderr.read()
    for line in cmd_result:
      print line
    s.close()
    
    
    #使用key连接远程
    pkey_file=''
    key=paramiko.RSAKey.from_private_key_file(pkey_file)
    s.connect(host,port,username,pkey=key,timeout=5)
    stdin,stout,stderr=s.exec_command(cmd)
    s.close()
    
    #使用paramiko上传文件
    hostnam='localhost'
    user='alex'
    password=''
    s=paramiko.SSHClient()
    s.load_system.host_keys()
    s.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    t=paramiko.Transport((host,22))
    t.connect(username=user,password=password)
    sftp=paramiko.SFTPClient.from_transport(t)
    sftp.get('sourcefie','')
    sftp.put('destfile','sourcefie')
    s.close
    
    import base64
    from binascii import hexlify
    import getpass
    import os
    import select
    import socket
    import sys
    import time
    import traceback
    from paramiko.py3compat import input
    
    import paramiko
    try:
        import interactive
    except ImportError:
        from . import interactive
    
    
    def agent_auth(transport, username):
        """
        Attempt to authenticate to the given transport using any of the private
        keys available from an SSH agent.
        """
        
        agent = paramiko.Agent()
        agent_keys = agent.get_keys()
        if len(agent_keys) == 0:
            return
            
        for key in agent_keys:
            print('Trying ssh-agent key %s' % hexlify(key.get_fingerprint()))
            try:
                transport.auth_publickey(username, key)
                print('... success!')
                return
            except paramiko.SSHException:
                print('... nope.')
    
    
    def manual_auth(username, hostname):
        default_auth = 'p'
        auth = input('Auth by (p)assword, (r)sa key, or (d)ss key? [%s] ' % default_auth)
        if len(auth) == 0:
            auth = default_auth
    
        if auth == 'r':
            default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa')
            path = input('RSA key [%s]: ' % default_path)
            if len(path) == 0:
                path = default_path
            try:
                key = paramiko.RSAKey.from_private_key_file(path)
            except paramiko.PasswordRequiredException:
                password = getpass.getpass('RSA key password: ')
                key = paramiko.RSAKey.from_private_key_file(path, password)
            t.auth_publickey(username, key)
        elif auth == 'd':
            default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_dsa')
            path = input('DSS key [%s]: ' % default_path)
            if len(path) == 0:
                path = default_path
            try:
                key = paramiko.DSSKey.from_private_key_file(path)
            except paramiko.PasswordRequiredException:
                password = getpass.getpass('DSS key password: ')
                key = paramiko.DSSKey.from_private_key_file(path, password)
            t.auth_publickey(username, key)
        else:
            pw = getpass.getpass('Password for %s@%s: ' % (username, hostname))
            t.auth_password(username, pw)
    
    
    # setup logging
    paramiko.util.log_to_file('demo.log')
    
    username = ''
    if len(sys.argv) > 1:
        hostname = sys.argv[1]
        if hostname.find('@') >= 0:
            username, hostname = hostname.split('@')
    else:
        hostname = input('Hostname: ')
    if len(hostname) == 0:
        print('*** Hostname required.')
        sys.exit(1)
    port = 22
    if hostname.find(':') >= 0:
        hostname, portstr = hostname.split(':')
        port = int(portstr)
    
    # now connect
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.connect((hostname, port))
    except Exception as e:
        print('*** Connect failed: ' + str(e))
        traceback.print_exc()
        sys.exit(1)
    
    try:
        t = paramiko.Transport(sock)
        try:
            t.start_client()
        except paramiko.SSHException:
            print('*** SSH negotiation failed.')
            sys.exit(1)
    
        try:
            keys = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
        except IOError:
            try:
                keys = paramiko.util.load_host_keys(os.path.expanduser('~/ssh/known_hosts'))
            except IOError:
                print('*** Unable to open host keys file')
                keys = {}
    
        # check server's host key -- this is important.
        key = t.get_remote_server_key()
        if hostname not in keys:
            print('*** WARNING: Unknown host key!')
        elif key.get_name() not in keys[hostname]:
            print('*** WARNING: Unknown host key!')
        elif keys[hostname][key.get_name()] != key:
            print('*** WARNING: Host key has changed!!!')
            sys.exit(1)
        else:
            print('*** Host key OK.')
    
        # get username
        if username == '':
            default_username = getpass.getuser()
            username = input('Username [%s]: ' % default_username)
            if len(username) == 0:
                username = default_username
    
        agent_auth(t, username)
        if not t.is_authenticated():
            manual_auth(username, hostname)
        if not t.is_authenticated():
            print('*** Authentication failed. :(')
            t.close()
            sys.exit(1)
    
        chan = t.open_session()
        chan.get_pty()
        chan.invoke_shell()
        print('*** Here we go!
    ')
        interactive.interactive_shell(chan)
        chan.close()
        t.close()
    
    except Exception as e:
        print('*** Caught exception: ' + str(e.__class__) + ': ' + str(e))
        traceback.print_exc()
        try:
            t.close()
        except:
            pass
        sys.exit(1)
    

    #/paramiko-master/demos/interactive.py  

    def posix_shell(chan):
        import select
        f=open('/tmp/log.log','a+')
        
        oldtty = termios.tcgetattr(sys.stdin)
        try:
            tty.setraw(sys.stdin.fileno())
            tty.setcbreak(sys.stdin.fileno())
            chan.settimeout(0.0)
    
            while True:
                r, w, e = select.select([chan, sys.stdin], [], [])
                if chan in r:
                    try:
                        x = u(chan.recv(1024))
                        if len(x) == 0:
                            sys.stdout.write('
    *** EOF
    ')
                            break
                        sys.stdout.write(x)
                        sys.stdout.flush()
                    except socket.timeout:
                        pass
                if sys.stdin in r:
                    x = sys.stdin.read(1)
                    f.write(x) 
                    f.flush()
                    if len(x) == 0:
                        break
                    chan.send(x)
    
        finally:
            termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
            f.close() 
    

      

      

      

  • 相关阅读:
    async和await是如何实现异步编程?
    HD-ACM算法专攻系列(23)——Crixalis's Equipment
    HD-ACM算法专攻系列(22)——Max Sum
    HD-ACM算法专攻系列(21)——Wooden Sticks
    HD-ACM算法专攻系列(20)——七夕节
    HD-ACM算法专攻系列(19)——Leftmost Digit
    搭建Prometheus平台,你必须考虑的6个因素
    实用教程丨使用K3s和MySQL运行Rancher 2.4
    Kubernetes Ingress简单入门
    一文讲透Cluster API的前世、今生与未来
  • 原文地址:https://www.cnblogs.com/similarface/p/5560188.html
Copyright © 2020-2023  润新知