paramiko 使用总结(SSH 操作远端机器)

1、用户名、密码登陆方式

import paramiko
paramiko.util.log_to_file('paramiko.log')  # 记录日志文件
ssh = paramiko.SSHClient()

try:

    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    ssh.connect('139.xx.xx.xx', username='work', password='***')
    cmd = 'ls'  # 需要执行的Linux命名
    stdin, stdout, stderr = ssh.exec_command(cmd) #执行命令后的结构
    print(stdout.readlines())
    print(stdout.read().decode())

except Exception as e:
    print("%s:%s" % (e.__class__, e))
finally:
    # 关闭
    ssh.close()

2、免密登陆方式

import paramiko
ssh = paramiko.SSHClient()
SSH_PRIVATE_KEY ='/Users/xueerhuan/.ssh/id_rsa'  #本地密钥文件路径

try:
    key = paramiko.RSAKey.from_private_key_file(SSH_PRIVATE_KEY) # 无解密密码时
    #key = paramiko.RSAKey.from_private_key_file(SSH_PRIVATE_KEY, password='******')  # 有解密密码时,

    ssh.load_system_host_keys() #通过known_hosts 方式进行认证可以用这个,如果known_hosts 文件未定义还需要定义 known_hosts
    #ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())  # 通过公共方式进行认证 (不需要在known_hosts 文件中存在)

    ssh.connect(hostname='139.XX.XX.XX', port=22, username='root', pkey=key)
    stdin, stdout, stderr = ssh.exec_command("ps")
    # 获取命令结果
    result = stdout.read()
    # 打印输出
    print(result.decode())
except Exception as e:
    print("%s:%s" % (e.__class__, e))
finally:
    # 关闭
    ssh.close()

注意：生成密码的方法
A、进入本地 ssh文件夹 cd .ssh/
B、使用ssh-keygen生产本地公钥和私钥 ssh-keygen 
xueerhuan@ubuntu:~/.ssh$ ls 
id_rsa id_rsa.pub

C、将生成的id_rsa.pub文件中的内容copy到目标机的.ssh/authorized_keys中就可以了，如果没有authorized_keys，自己创建。但是要注意authorized_keys的权限一般是600

或者直接在本地使用一条命令也可以实现公钥的复制，ssh-copy-id后面接入的用户就是要支持免密登录的用户。

morra@ubuntu:~/.ssh$ ssh-copy-id "morra@192.168.1.42"
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/morra/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.42 (192.168.1.42)' can't be established.
ECDSA key fingerprint is SHA256:/ufx+/OLtdsYy7vsdk4KDu9xJsBp6zHonRAf2jjT0GI.
Are you sure you want to continue connecting (yes/no)? n^H
Please type 'yes' or 'no': yes
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'morra@192.168.1.42'"   and check to make sure that only the key(s) you wanted were added.


#去目标机器下，检查authorized_keys文件
localhost:.ssh morra$ cat authorized_keys 

3、密码上传文件

import os
import paramiko
ssh = paramiko.SSHClient()
SSH_PRIVATE_KEY ='/Users/xueerhuan/.ssh/id_rsa'  #本地密钥文件路径
key = paramiko.RSAKey.from_private_key_file(SSH_PRIVATE_KEY)
paramiko.util.log_to_file('paramiko.log')

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('139.XX.XX.XX', username='root', password='***')
t = ssh.get_transport()
sftp = paramiko.SFTPClient.from_transport(t)
d = sftp.put("mm.txt", "/home/work/.ssh/mm.txt")
print(d)

4、免密上传文件

import os
import paramiko
ssh = paramiko.SSHClient()
SSH_PRIVATE_KEY ='/Users/xueerhuan/.ssh/id_rsa'  #本地密钥文件路径
key = paramiko.RSAKey.from_private_key_file(SSH_PRIVATE_KEY)
paramiko.util.log_to_file('paramiko.log')
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname='139.XX.XX.XX', port=22, username='root', pkey=key)
t = ssh.get_transport()
sftp = paramiko.SFTPClient.from_transport(t)
d = sftp.put("mm.txt", "/home/work/.ssh/mm.txt")
print(d)