I am trying to connect to a test device on my local network using paramiko and SSH. If I specify the filename of my key and its passphrase, I can connect to the device without a problem. However, since my script is meant to run on any machine that has the key added to the ssh-agent, I am trying to find a way around that.
ssh-add -l shows me that the key is active in my ssh-agent, but if I use the get_keys() method from the paramiko.Agent-class, there's just an empty list, meaning to me that Paramiko either can't connect to the ssh-agent or doesn't have the permissions to get the keys.
From shell, I can just connect to the device with ssh root#IPADDRESS. When I try to connect to device with Paramiko without specifying the path to the key and its passphrase, I'm just getting the "Authentication failed" error.
import paramiko
import os
def createSSHClient(server, port, user):
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(server, port, username=user)
return client
ssh = createSSHClient('IPADDRESS', 22, 'root')
Checking SSH_AUTH_SOCK in os.environ gives me back False, but as far as I know, SSH on Windows doesn't quite work like on Unix/Linux.
Paramiko can talk to Windows OpenSSH ssh-agent since 2.10 only (and it was buggy in 2.10.3). Make sure you have the latest version of Paramiko.
Older versions could talk to PuTTY Pageant only.
Related
I am trying to use Paramiko to SSH into a Brocade switch and carry out remote commands. The code is as given below:
def ssh_connector(ip, userName, passWord, command):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip, username=userName, password=passWord, port=22)
stdin, stdout, stderr = ssh.exec_command(command)
print stdout.readlines()
ssh_connector(ip, userName, passWord, 'show running-config')
While trying to run the code, I encounter a strange error which is as given below.
Protocol error, doesn't start with scp!
I do not know the cause of the error or whether the SSH connection was successful. Could you please help me with this?
If the SSHClient.exec_command does not work, the first thing to test is to try (on one line):
ssh user#host command
That will use the same SSH API (the "exec" channel) as SSHClient.exec_command. If you are on Windows, you can use plink (from PuTTY packages) instead of ssh. If ssh/plink fails too, it indicates that your device does not support the SSH "exec" channel.
In your case, it seems that the "exec" channel on Brocade SSH server is implemented to support the scp command only.
As you claim to be able to "SSH" to the switch, it seems that the "shell" channel is fully working.
While it is generally not recommended to use the "shell" channel for command automation, with your server you won't have other option. Use the SSHClient.invoke_shell and write the commands to the channel (= to the shell) using the Channel.send.
channel = ssh.invoke_shell()
channel.send('ls\n')
channel.send('exit\n')
See also What is the difference between exec_command and send with invoke_shell() on Paramiko?
A similar question on C#/SSH.NET: SSH.NET is not executing command on device.
Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
I am trying to use Paramiko to SSH into a Brocade switch and carry out remote commands. The code is as given below:
def ssh_connector(ip, userName, passWord, command):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip, username=userName, password=passWord, port=22)
stdin, stdout, stderr = ssh.exec_command(command)
print stdout.readlines()
ssh_connector(ip, userName, passWord, 'show running-config')
While trying to run the code, I encounter a strange error which is as given below.
Protocol error, doesn't start with scp!
I do not know the cause of the error or whether the SSH connection was successful. Could you please help me with this?
If the SSHClient.exec_command does not work, the first thing to test is to try (on one line):
ssh user#host command
That will use the same SSH API (the "exec" channel) as SSHClient.exec_command. If you are on Windows, you can use plink (from PuTTY packages) instead of ssh. If ssh/plink fails too, it indicates that your device does not support the SSH "exec" channel.
In your case, it seems that the "exec" channel on Brocade SSH server is implemented to support the scp command only.
As you claim to be able to "SSH" to the switch, it seems that the "shell" channel is fully working.
While it is generally not recommended to use the "shell" channel for command automation, with your server you won't have other option. Use the SSHClient.invoke_shell and write the commands to the channel (= to the shell) using the Channel.send.
channel = ssh.invoke_shell()
channel.send('ls\n')
channel.send('exit\n')
See also What is the difference between exec_command and send with invoke_shell() on Paramiko?
A similar question on C#/SSH.NET: SSH.NET is not executing command on device.
Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
This is my first time using paramiko. I'm trying to establish an SSH session to a test Amazon Linux 2 instance where I've enabled password authentication, since that doesn't come enabled by default and restarted the SSH daemon on the box. I also made sure that I could connect with SSH via the normal SSH program using the username / password I put in the Python program.
When I run the Python code below, everything looks good and it waits for input and keeps the program running, but when I'm logged into the Amazon instance, I don't see the paramiko user logged in (I did a "w" and a "who" command). In fact, I have no evidence server-side that Paramiko ever connects successfully to begin with.
#!/usr/bin/env python3
import pprint
import boto3
import os
import paramiko
os.system('clear')
pp = pprint.PrettyPrinter(indent=4)
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect('X.X.X.X',username='the_username',password='the_password',port=22)
get_input = input("Preventing program from closing and keeping SSH connectiion alive...")
who shows interactive shell sessions only.
Your code only connects. It does not start a shell, let alone an interactive shell.
See List all connected SSH sessions?
I am trying something since two days googling and reading forums without any success.
I have a MySQL database hosted at Namecheap.com that I need to access from my local linux machine via a Python script for creating tables and entries.
Namecheap say"
"Remote MySQL connection is disabled on our shared servers due to security reasons, but you can easily setup SSH tunnel between your PC and our server using SSH-client (for example, Putty) with the MySQL port (3306) forwarding. After completing it you will have port 3306 on your local machine listening and forwarding to your remote server's localhost on port 3306. Thus you can connect to the remote server's MySQL database effectively as though it were running on your local box. "
And give an example using PuTTY
"Create a session in PuTTY using your server IP-address as hostname and port 21098"
The point is that I need my Python script to do this automatically without any prompting for password, etc.
Have read something about paramiko but didn't get the point as SSH is something new to me (apart of accessing my linux machine).
I can successfully login manually via command line into my hosting account after having entered password, but this is just about all because then do not know how to run then script that is on my machine.
ssh -p 21098 my_user_name#server137.web-hosting.com
Edit:
Great, something is at least happening now after having cleaned up my python directory (remaining paramiko.py file created problems).
Also made a small change on line 2 of your script (ssh = SSHClient() ->> ssh = paramiko.SSHClient())
Then did the following:
ssh -p 21098 my_username#server137.web-hosting.com
to login into the remote host, and after successful login entering my password
ssh-keygen -t rsa
created a key without pasphrase which I afterwards recuperated via ftp to save it in my local machine folder
/home/daniel/python_scripts/sshkey
back to my local machine I then run below python script
#!/usr/bin/python
import paramiko
#clean the screen
os.system('clear')
myPkey = paramiko.RSAKey.from_private_key_file('/home/daniel/python_scripts/sshkey/key')
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #if you want to auto add the host RSA key
ssh.connect('server137.web-hosting.com', 21098, 'my_username', pkey=myPkey)
sys.exit()
but this is what I got:
Traceback (most recent call last):
File "./my_vimeo.py", line 13, in <module>
ssh.connect('server137.web-hosting.com', 21098, 'my_username', pkey=myPkey)
File "/usr/local/lib/python2.7/dist-packages/paramiko/client.py", line 307, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, gss_host)
File "/usr/local/lib/python2.7/dist-packages/paramiko/client.py", line 519, in _auth
raise saved_exception
paramiko.ssh_exception.AuthenticationException: Authentication failed.
'my_username' is obviously not the one as shown....
Whatsoever, there is something that I did not understand and obviously did wrong.....
Paramiko is really what you're looking for.
Basically, it is an SSH Client (like PuTTY, for one..) that even has TTY support.
Essentially, you would use their class SSHClient and call the connect method. You can do it without a password. However, you will need a public key, which paramiko also supports in lieu of a password.
So, somewhere along the line, when you do ssh -p 21098 my_user_name#server137.web-hosting.com, what you're saying is to server137, check the public key in my hostkeys file, and please verify I can connect.
You could then use the public key instead:
import paramiko
myPkey = paramiko.RSAKey.from_private_key_file('<private_key_path_on_your_server>')
ssh = SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #if you want to auto add the host RSA key
ssh.connect('server137.web-hosting.com', 21098, 'my_user_name', pkey=myPkey
You can see how to set up your keys here: Paramiko ssh connection without password
Paramiko documentation for SSHClient here: Paramiko Client docs
I have been able to use ssh and issue command in the remote server. Now I want to scp files from the remote server but that just seems like its impossible. I'm totally new to python and Paramiko. The error is permission denied in my local directory of darn windows. The files are supposed to come from the Mac. Any other really really simple example I can use to scp files from a remote Linux machine to my local Windows machine?
import paramiko
hostname = '192.xx.1.xx'
password = 'pop123'
username = "husbad2"
port = 22
mypath='C:\\Users\\handsonexpert\\Documents'
remotepath='/Users/ihussain/testdir/file3.txt'
t = paramiko.Transport((hostname, 22))
t.connect(username=username, password=password)
sftp = paramiko.SFTPClient.from_transport(t)
sftp.put(mypath, remotepath)
To retrieve files from a remote host into a local directory:
......
localpath='C:\\Users\\handsonexpert\\Documents\\file3.txt'
remotepath='/Users/ihussain/testdir/file3.txt'
......
sftp.get(remotepath, localpath)
You're not using scp here, but SFTP (SFTPClient).
If you're set on using scp, maybe take a look at this paramiko scp client, there is an example of how to use it here.
Aside, out of general security interests and programming style, don't hard code your password and user credentials, and especially never publish them in a public forum like SO. We don't need them and you don't need to post them.