I am using Paramiko for sshing from Python script. My ssh command is listed below:
ssh -A -o strictHostKeyChecking=no <hostname>
I need same Paramiko code for Python.
In Paramiko, an equivalent of OpenSSH StrictHostKeyChecking=no is the default behaviour of MissingHostKeyPolicy, which implements missing_host_key to simply do nothing.
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy())
client.connect(hostname, ...)
Though you should not do this (and neither StrictHostKeyChecking=no). You are losing a protection against Man-in-the-middle attacks this way. For correct solution, see Paramiko "Unknown Server".
Related
I am trying to use Paramiko to SSH into a Brocade switch and carry out remote commands. The code is as given below:
def ssh_connector(ip, userName, passWord, command):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip, username=userName, password=passWord, port=22)
stdin, stdout, stderr = ssh.exec_command(command)
print stdout.readlines()
ssh_connector(ip, userName, passWord, 'show running-config')
While trying to run the code, I encounter a strange error which is as given below.
Protocol error, doesn't start with scp!
I do not know the cause of the error or whether the SSH connection was successful. Could you please help me with this?
If the SSHClient.exec_command does not work, the first thing to test is to try (on one line):
ssh user#host command
That will use the same SSH API (the "exec" channel) as SSHClient.exec_command. If you are on Windows, you can use plink (from PuTTY packages) instead of ssh. If ssh/plink fails too, it indicates that your device does not support the SSH "exec" channel.
In your case, it seems that the "exec" channel on Brocade SSH server is implemented to support the scp command only.
As you claim to be able to "SSH" to the switch, it seems that the "shell" channel is fully working.
While it is generally not recommended to use the "shell" channel for command automation, with your server you won't have other option. Use the SSHClient.invoke_shell and write the commands to the channel (= to the shell) using the Channel.send.
channel = ssh.invoke_shell()
channel.send('ls\n')
channel.send('exit\n')
See also What is the difference between exec_command and send with invoke_shell() on Paramiko?
A similar question on C#/SSH.NET: SSH.NET is not executing command on device.
Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
In my Python3 script, I am trying to use Paramiko to ssh into remote devices. I can do that just fine. The issue is that ssh dumps me into a proprietary shell. I need to add -t bash to the .connect command to dump me into a bash shell. Here is what I have that is working:
ssh_tranfer = paramiko.SSHClient()
ssh_transfer.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh.connect(hostname=device, port=22, username=username, key_filename=private_key_name)
With this I can connect just fine, but like I said, I am in the proprietary shell and can't pass it commands. I am not even sure that I can do it this way.
I define all the parameters that I am using (ie - device, username, and the private key) prior to the ssh.connect shown above.
If I was to ssh into the device directly from my computer to go straight to the bash shell, I would use:
ssh username#device.com -t bash
I would like to find a way to do this using paramiko.
Thanks for the help!
The -t + bash in ssh do two things:
Starts command bash in "exec" channel (instead of starting "shell" channel, what ssh does by default).
For that, see Python Paramiko - Run command
The -t forces an interactive session, what would be the default for "shell", but is by default disabled for "exec".
For that, pass get_pty=True to SSHClient.exec_command.
Obligatory warning: Do not use AutoAddPolicy this way – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
Can I get Paramiko code for the following ssh command?
ssh Administrator#xx.xx.xx.xx -vv -o PreferredAuthentications=password -o PubkeyAuthentication=no
Need to know how to handle fields PreferredAuthentications and PubkeyAuthentication in Paramiko.
There's no direct equivalent, as Paramiko has different logic than ssh when selecting the authentication methods. And you actually didn't tell us why are you using those directives.
If your point was to avoid using autodiscovered key files, use allow_agent=False and look_for_keys=False.
See Force password authentication (ignore keys in .ssh folder) in Paramiko in Python
I am trying to use Paramiko to SSH into a Brocade switch and carry out remote commands. The code is as given below:
def ssh_connector(ip, userName, passWord, command):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip, username=userName, password=passWord, port=22)
stdin, stdout, stderr = ssh.exec_command(command)
print stdout.readlines()
ssh_connector(ip, userName, passWord, 'show running-config')
While trying to run the code, I encounter a strange error which is as given below.
Protocol error, doesn't start with scp!
I do not know the cause of the error or whether the SSH connection was successful. Could you please help me with this?
If the SSHClient.exec_command does not work, the first thing to test is to try (on one line):
ssh user#host command
That will use the same SSH API (the "exec" channel) as SSHClient.exec_command. If you are on Windows, you can use plink (from PuTTY packages) instead of ssh. If ssh/plink fails too, it indicates that your device does not support the SSH "exec" channel.
In your case, it seems that the "exec" channel on Brocade SSH server is implemented to support the scp command only.
As you claim to be able to "SSH" to the switch, it seems that the "shell" channel is fully working.
While it is generally not recommended to use the "shell" channel for command automation, with your server you won't have other option. Use the SSHClient.invoke_shell and write the commands to the channel (= to the shell) using the Channel.send.
channel = ssh.invoke_shell()
channel.send('ls\n')
channel.send('exit\n')
See also What is the difference between exec_command and send with invoke_shell() on Paramiko?
A similar question on C#/SSH.NET: SSH.NET is not executing command on device.
Obligatory warning: Do not use AutoAddPolicy – You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
I would like to execute a command on a remote machine using telnet as,
telnet x.x.x.x command or similar
I want to include this as part of a script in Python ( subprocess ) and hence need it in one line. Or, are there any other ways to do the same?
Any help is appreciated.
Thanks.
Rather than relying on subprocess, you could try Python's built-in telnetlib instead.
A complete example that does almost exactly what you want is available as an example in the documentation: http://docs.python.org/library/telnetlib.html#telnet-example
I would personally also see if SSH is available on the target system. Not only will you be using a secure connection, but you can also set up SSH keys and use SSH's built-in support for executing a single command (e.g. ssh user#example.com ls -l).
#!/bin/sh
empty -f -i in -o out telnet foo.bar.com
empty -w -i out -o in "ogin:" "luser\n"
empty -w -i out -o in "assword:" "TopSecret\n"
empty -s -o in "who am i\n"
empty -s -o in "exit\n"
http://empty.sourceforge.net/
Maybe this solution will be useful, but as stated in there, it won't work in case you need user/password authentication.
In order to skip manual user/password authentication, setting up ssh keys is the way to go. There is a short explanation about this here: SSH to a server without password for Admin Ease