Python下SSH的简单实现
Python实现SSH
Linux下的ssh登录
root@ubuntu:~# ssh root@192.168.1.88
The authenticity of host '192.168.1.88 (192.168.1.88)' can't be established.
ECDSA key fingerprint is SHA256:/ufx+/OLtdsYy7vsdk4KDu9xJsBp6zHonRAf2jjT0GI.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '192.168.1.88' (ECDSA) to the list of known hosts.
Password:
Last login: Fri Dec 2 14:15:36 2016
localhost:~ root$
查看known_hosts文件
root@ubuntu:~# cat .ssh/known_hosts
|1|ohKgSMq+1NLbr37anPqNZKQxh/8=|83NZfZYMUwLGaH32oLhCW/2PsXk= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMTpJEzRyK6Bn96JT9+8IMK57ouWZspbs+oVuc7lD+aAwDB6C9Qgoy8P7cGjRaOA5ImDiBTLSQgHT+cZeGIJbI4=
Python实现ssh
import paramiko
#创建SSH对象
ssh = paramiko.SSHClient()
#把要连接的机器添加到known_hosts文件中
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
#连接服务器
ssh.connect(hostname='192.168.1.88', port=22, username='root', password='123456')
cmd = 'ps'
#cmd = 'ls -l;ifconfig' #多个命令用;隔开
stdin, stdout, stderr = ssh.exec_command(cmd)
result = stdout.read()
if not result:
result = stderr.read()
ssh.close()
print(result.decode())
Python实现sftp
import paramiko
transport = paramiko.Transport(('192.168.1.88', 22))
transport.connect(username='root', password='123456')
sftp = paramiko.SFTPClient.from_transport(transport)
sftp.put('123.py', '/tmp/test.py') # 将123.py 上传至服务器 /tmp下并改名为test.py
sftp.get('remove_path', 'local_path') # 将remove_path 下载到本地 local_path
transport.close()
传统的免密登录
生成公钥
使用ssh-keygen生产公钥和私钥
root@ubuntu:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/root/.ssh/id_rsa):
Created directory '/home/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/root/.ssh/id_rsa.
Your public key has been saved in /home/root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:8IVM56bc/2deLZcDXwVs2XDNCuTTbvvlCKmCnUxiHuw root@ubuntu
The key's randomart image is:
+---[RSA 2048]----+
| . ....o=o|
| o + ...+o+|
| . o + oo...|
| + = o. .|
| . S . .o .|
| = . . oo.+|
| + B . + o+=|
| E = . o **|
| .. o++|
+----[SHA256]-----+
#生成的公钥私钥存放在.ssh目录下,id_rsa.pub就是本机的公钥
root@ubuntu:~$ cd .ssh/
root@ubuntu:~/.ssh$ ls
id_rsa id_rsa.pub
复制公钥
最后把本机的id_rsa.pub文件中的内容copy到目标机的.ssh/authorized_keys下即可,如果没有authorized_keys,自己创建。但是要注意authorized_keys的权限一般是600
localhost:.ssh root$ ls -l authorized_keys
-rw-r--r-- 1 root staff 393 Dec 6 16:33 authorized_keys
或者直接使用一条命令也可以实现公钥的复制,ssh-copy-id后面接入的用户就是要支持免密登录的用户。
root@ubuntu:~/.ssh$ ssh-copy-id "root@192.168.1.88"
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.88 (192.168.1.88)' can't be established.
ECDSA key fingerprint is SHA256:/ufx+/OLtdsYy7vsdk4KDu9xJsBp6zHonRAf2jjT0GI.
Are you sure you want to continue connecting (yes/no)? n^H
Please type 'yes' or 'no': yes
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.1.88'" and check to make sure that only the key(s) you wanted were added.
#去目标机器下,检查authorized_keys文件
localhost:.ssh root$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDB/mkvSx1mo/l/huMiOSqQjTb3KSB+D67qDRe1VgbjeZpwtodpSNueqGMj3mGDtf8tfmfwygKHuMtkVCQuD+1trLZ/yn8dKK9JV2pM4iwmaEvSda/qbQR7lQ37lsmvGnwCloJ49h8MpsF9UsDVXnyo4kauOj+0HYlur1E5Y7dzBuuzBiKAnwS66ZVTtHpIzubfXYanyBEinClpHNr6B7DVWp0J4ubZ8k/AgFMyD8NyJmugoObD3+wry0Dk2LG/WadOaY1luooQN4m55WyfZE2w0Kzi4F7W6v8/GRnpxVKOmNUNk6/c6hr/CDWnthS1abMjI9u/bGru6X2kiyymq3wR root@ubuntu
登录测试
root@ubuntu:~/.ssh$ ssh 'root@192.168.1.88'
Last login: Tue Dec 6 16:28:07 2016 from 192.168.1.69
localhost:~ root$
登录方式注意区别
$ ssh root@192.168.1.88 #用户名密码登录
$ ssh 'root@192.168.1.88' #公钥免密登录
使用pythonssh免密实现
免密ssh
import paramiko
private_key = paramiko.RSAKey.from_private_key_file('id_rsa96') #使用目标的私钥来登录
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname='192.168.1.96',port=22,username='root',pkey=private_key)
cmd = 'ps'
stdin, stdout, stderr = ssh.exec_command(cmd)
result = stdout.read()
if not result:
result = stderr.read()
ssh.close()
print(result.decode())
免密sftp
import paramiko
private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
transport = paramiko.Transport(('hostname', 22))
transport.connect(username='wupeiqi', pkey=private_key )
sftp = paramiko.SFTPClient.from_transport(transport)
sftp.put('/tmp/location.py', '/tmp/test.py')
# 将location.py 上传至服务器 /tmp/test.py
sftp.get('remove_path', 'local_path')
# 将remove_path 下载到本地 local_path
transport.close()
案例
import paramiko
import uuid
class Haproxy(object):
def __init__(self):
self.host = '192.168.1.88'
self.port = 22
self.username = 'root'
self.pwd = '123456'
self.__k = None
def create_file(self):
file_name = str(uuid.uuid4())
with open(file_name,'w') as f:
f.write('sb')
return file_name
def run(self):
self.connect()
self.upload()
self.rename()
self.close()
def connect(self):
transport = paramiko.Transport((self.host,self.port))
transport.connect(username=self.username,password=self.pwd)
self.__transport = transport
def close(self):
self.__transport.close()
def upload(self):
# 连接,上传
file_name = self.create_file()
sftp = paramiko.SFTPClient.from_transport(self.__transport)
sftp.put(file_name, '/home/test.py') # 将location.py 上传至服务器 /tmp/test.pydef rename(self):
ssh = paramiko.SSHClient()
ssh._transport = self.__transport # 执行命令
stdin, stdout, stderr = ssh.exec_command('mv /home/test.py /home/test2.py')
result = stdout.read()
ha = Haproxy()
ha.run()
版权声明:
作者:Joe.Ye
链接:https://www.appblog.cn/index.php/2023/02/22/python-simple-implementation-of-ssh/
来源:APP全栈技术分享
文章版权归作者所有,未经允许请勿转载。
THE END
0
二维码
打赏
海报
Python下SSH的简单实现
Python实现SSH
Linux下的ssh登录
root@ubuntu:~# ssh root@192.168.1.88
The authenticity of host '192.168.1.88 (192.168.1.88)' can't be ……
文章目录
关闭
共有 0 条评论