Currently I cannot import any 3rd party libraries such as paramiko which is used to handle SSH things.
I cannot handle one scenario while testing ssh connection.
Having code:
import subprocess
result = subprocess.check_output(["ssh", "user#server1", "echo", "123"])
I'm successfully retrieving output from this command because I have setup the ssh keys.
While trying connect to unknown server I receive "non-zero exit status 255" and I know how to handle this.
The problem is where I did not setup ssh keys and the server is known.
import subprocess
result = subprocess.check_output(["ssh", "user#server2", "echo", "123"])
I receive shell output:
user#server2's password:
Like I would normally try to connect through ssh without ssh key.
I've tried:
result = subprocess.check_output(["ssh", "user#server2", "echo", "123"], input=b"123")
result = subprocess.check_output(["ssh", "user#server2", "echo", "123"], stdin=b"123")
and only solution to this is make ssh command force to not ask for password
result = subprocess.check_output(["ssh", "obatchmode=yes", "user#server2", "echo", "123"])
But I would like to know how to handle subprocess.check_output/run command in such cases where I cannot configure command not to ask for password. Like this code of block:
if subprocess.check_output IS ASKING FOR INPUT:
DONT_WORRY_GO_AHEAD
Related
I'm new to Paramiko and have tried a variety of methods for doing what is a pretty basic task. At this point, all I'm trying to do is execute a command on an APC UPS. In my testing, I discovered I can successfully execute a command, as long as the length of the command is 20 characters or less.
Here is my code -
import paramiko
from paramiko_expect import SSHClientInteraction
host = "xxx.xxx.xxx.xxx" # UPS
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=host, username='e164468', password='********', banner_timeout=60)
chan = SSHClientInteraction(ssh, timeout=2, display=True)
prompt = 'apc>'
command = 'cipher -rsake disable'
chan.expect(prompt)
chan.send(command)
chan.expect(prompt)
output_raw = chan.current_output_clean
chan.close()
ssh.close()
print ("Here is your output - ")
print(output_raw)
The command I need to remotely execute is 'cipher -rsake disable'. What I get in the terminal when I run this is -
apc>cipher -rsake disablEXCESS TIME RECV_READY TIMEOUT, did you expect() before a send()
If I drop the disable parameter from the command, it works as expected. No matter what I've tried, I get this behavior whenever the command is over 20 characters.
I'm not sure how valid of a test it is but I manually ssh to the UPS and can type in whatever command I need and it works.
Any help would be greatly appreciated!
I'm trying to automate getting the status of 500 servers.
I can ssh into the server bmc console which brings up a smash clp terminal using a valid username and password and run the command: chassis --get power status and this returns on screen: The host status is on
I have done pssh to the server but in the case of the server being off I would like to pssh through the BMC console and run the same command to check if the server is available. When I use the same method for pssh on the console that I do on the server nothing happens. There is no return no error it sits there executing the script until I force it to stop.
How can I pssh to the smash clp?
My simple test script:
from pssh.clients import ParallelSSHClient
hosts = ['server-con']
username='uname'
password='password'
client = ParallelSSHClient(hosts, username, password)
output = client.run_command('chassis --get power status')
for host, host_output in output.items():
for line in host_output.stdout:
print(line)
I don't know BMC console or chassis, but from my understanding, you are trying to wrap in python ssh command to run remotely and having a problem with that.
My suggestion is to simply use subprocess and run it
output = subprocess.run("ssh foo chassis --get power status", shell=True, stdout=subprocess.PIPE)
I have a problem with a test suite. I use robot framework and python.I created a function in python which executes a console command in a remote Linux client.
def purge_default_dns(device_ip):
ssh_val = "usr1#" + device_ip
command = "ctool dns | grep -v \"grep\" | awk \'{print $2}\'"
test = check_output(["ssh", ssh_val, "-p", "6022", command])
The check_output() function connects with device_ip and executes command. If I try to connect with a fully qualified domain name (ex. my.domain.io), then I get a prompt for password (which is empty). I press enter and command executes regular. Is there any parameter that passes for example Enter when password prompt comes up?
I tried ssh -e switch , I don't want to change ssh client , I just need a generic solution.
For example using paramiko library in the code below , I can create an paramiko SSHClient , which has a parameter for password and doesn't prompt anything. While I can't use paramiko right now , I need something else with SSHLirary to go around the problem.
def send_ssh_command(device_ip , command):
hostname = device_ip
password = ""
username = "usr1"
port = 6022
try:
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
client.connect(hostname, port=port, username=username, password=password)
stdin , stdout , stderr = client.exec_command(command)
command_return_val = stdout.read()
finally:
client.close()
return command_return_val
Thank you.
To get this straight, the only solution you look for is to pass the password on the command line to the default OS ssh client, and do not/cannot install any libraries (paramiko, etc) that can help you achieve the same result through other means?
I'm asking this, because the robot framework's SSHLibrary provides this out of the box; you already have the python's solution with paramiko; and the general linux solution is to install the sshpass package, and use it to pass the value:
sshpass -p "YOUR_PASS" ssh -usr1#my.domain.io:6022
So if all of these are not an option, you are left with two alternatives - either hack something around SSH_ASKPASS - here's an article with a sample, or use expect to pass it - this one is what I'd prefer out of the two.
Here's a very good SO answer with an expect script wrapper around ssh. In your method, you will have to first create a file with its content, set an executable flag on it, and then call that file in check_output(), passing as arguments the password, 'ssh' and all its arguments.
Why You need to go with python , I am using below code in robotframework for the same:
[Arguments] ${host}=${APP_SERVER} ${username}=${APP_USERNAME} ${password}=${APP_PASSWORD}
Open Connection ${host} timeout=2m
Login ${username} ${password}
${out} ${err} ${rc}= Execute Command cd ${PATH};ctool dns | grep -v \"grep\" | awk \'{print $2}\' * return_stdout=True return_stderr=True return_rc=True
Should Be Equal ${rc} ${0}
I'm trying to write a script that will ssh into a box for me. I'm using Python and leveraging the paramiko library. I can successfully ssh on the box, but as soon as the script terminates, the ssh connection also terminates. I want to keep the connection open after the script has completed running.
Python:
self.ssh = paramiko.SSHClient()
self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.ssh.connect(host, username=self.username, password=self.password)
stdout = execute(self.ssh, 'pwd') # test command for now to verify i'm on box
print stdout
sys.exit()
Console:
$ ssh.py
[u'/home/myuser\n']
myuser#xxxx ~
$
I haven't been able to find similar examples online, so any help would be appreciated.
Try this:
import subprocess
subprocess.call(["ssh", "myuser#myserver"])
I am using this code for executing command on remote server.
import subprocess
import sys
COMMAND="ls"
ssh = subprocess.Popen(["ssh", "%s" % HOST, COMMAND],
shell=False,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
result = ssh.stdout.readlines()
if result == []:
error = ssh.stderr.readlines()
print >>sys.stderr, "ERROR: %s" % error
else:
print result
When I try to execute this script, I get prompt for password. Is there any way I could avoid it, for example, can I enter password in script somehow? Also, password should be encrypted somehow so that people who have access to the script cannot see it.
Why make it so complicated? Here's what I suggest:
1) Create a ssh config section in your ~/.ssh/config file:
Host myserver
HostName 50.50.50.12 (fill in with your server's ip)
Port xxxx (optional)
User me (your username for server)
2) If you have generated your ssh keypair do it now (with ssh-keygen). Then upload with:
$ ssh-copy-id myserver
3) Now you can use subprocess with ssh. For example, to capture output, I call:
result = subprocess.check_output(['ssh', 'myserver', 'cat', 'somefile'])
Simple, robust, and the only time a password is needed is when you copy the public key to the server.
BTW, you code will probably work just fine as well using these steps.
One way is to create a public key, put it on the server, and do ssh -i /path/to/pub/key user#host or use paramiko like this:
import paramiko
import getpass
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
p = getpass.getpass()
ssh.connect('hostname', username='user', password=p)
stdin, stdout, stderr = ssh.exec_command('ls')
print stdout.readlines()
ssh.close()
You should use pexpect or paramiko to connect to remote machine,then spawn a child ,and then run subprocess to achieve what you want.
Here's what I did when encountering this issue before:
Set up your ssh keys for access to the server.
Set up an alias for the server you're accessing. Below I'll call it remote_server.
Put the following two lines at the end of ~/.bash_profile.
eval $(ssh-agent -s)
ssh-add
Now every time you start your shell, you will be prompted for a passphrase. By entering it, you will authenticate your ssh keys and put them 'in hand' at the start of your bash session. For the remainder of your session you will be able to run commands like
ssh remote_server ls
without being prompted for a passphrase. Here ls will run on the remote server and return the results to you. Likewise your python script should run without password prompt interruption if you execute it from the shell.
You'll also be able to ssh to the server just by typing ssh remote_server without having to enter your username or password every time.
The upside to doing it this way is that you should be doing this anyway to avoid password annoyances and remembering funky server names :) Also you don't have to worry about having passwords saved anywhere in your script. The only potential downside is that if you want to share the python script with others, they'll have to do this configuring as well (which they should anyway).
You don't really need something like pexpect to handle this. SSH keys already provide a very good and secure solution to this sort of issue.
The simplest way to get the results you want would probably be to generate an ssh key and place it in the .ssh folder of your device. I believe github has a pretty good guide to doing that, if you look into it. Once you set up the keys correctly on both systems, you won't actually have to add a single line to your code. When you don't specify a password it will automatically use the key to authenticate you.
While subprocess.Popen might work for wrapping ssh access, this is not the preferred way to do so.
I recommend using paramiko.
import paramiko
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_client.connect(server, username=user,password=password)
...
ssh_client.close()
And If you want to simulate a terminal, as if a user was typing:
chan=ssh_client.invoke_shell()
def exec_cmd(cmd):
"""Gets ssh command(s), execute them, and returns the output"""
prompt='bash $' # the command line prompt in the ssh terminal
buff=''
chan.send(str(cmd)+'\n')
while not chan.recv_ready():
time.sleep(1)
while not buff.endswith(prompt):
buff+=ssh_client.chan.recv(1024)
return buff[:len(prompt)]
Example usage: exec_cmd('pwd')
If you don't know the prompt in advance, you can set it with:
chan.send('PS1="python-ssh:"\n')
You could use following.
import subprocess
import sys
COMMAND="ls"
ssh = subprocess.Popen("powershell putty.exe user#HOST -pw "password", stdout=PIPE, stdin=PIPE, stderr=STDOUT)
result = ssh.stdout.readlines()
if result == []:
error = ssh.stderr.readlines()
print >>sys.stderr, "ERROR: %s" % error
else:
print result