python paramiko使用

 http://www.lag.net/paramiko/

Working with paramiko
SSHClient is the main class provided by the paramkio module. It provides the basic interface you are going to want to use to instantiate [url=]server[/url] connections. The above code creates a new SSHClient object, and then calls ”connect()” to connect us to the local SSH server.
Here’s a simple example:

1	import paramiko

 

2	ssh = paramiko.SSHClient()

Another way is to use an SSH key:

1	import paramiko

 

2

import os

 

3	privatekeyfile = os.path.expanduser('~/.ssh/id_rsa')

 

4	mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)

 

5	ssh.connect('192.168.1.2', username = 'vinod', pkey = mykey)

注意:（這裏的key，用的是RSA的key，linux下我們在用ssh-keygen -t rsa來指定它，windows下需要原始pem文件格式纔可以在這裏用，否則將會報無法識別的RSA KEY。類似如下
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAlL0Zti0UgsdpmOK1yA6WaIxrqOiWD3lz/8DBfWydI3YcBpJSv//vvH4KuduU
0Wic+lLwe9Yu7axsOCmWjIfmh35Rdj0+LNkhHtfybRGrRpZrEQ2wHrBUgMumLFVPIHEsv2zMbBkd
r2atRd4by+BS/4kBn1NaElTW8Tw5FlVUsk43dmh4q4wczMHcghsRxFXLj78LRew37iXLYfHBEKDA
n/F71rKuuTiPXLDGaCwq5o8tUa51p/TKRpm5caBI25i7pmLQUo7IY1vWShSdaif7Jq61jEU3EkJq
Jj8u9W7iYAYBPq/xw8tKE6i9EzD57ug7JDElulI2rphdIkuT9zj//wIDAQABAoIBACBGbGbgn1vF
g79+Km3v5GlpVw8+8RkIhMhRfmsF/48rWOeAJt6s3cusGg28fS13ouCa0L4+es5uJMmHFLkH4Fk0
at7aaTx4HTzBJUTPmbfmefMoYjg2kQ+loThrhpEGnewn4q/uP0fJYv4PNT7nPXtfsm9tOdVSfZW5
OLYE7C0IgQv0QLe7SkR6Vkz3Qi2gbmIaMu82pP5ugk1NA4OKIrkPJbzOEtkf3d8iblrU0baeYa6I
FWM42ChOzoITkN1jYJvudGjERa3/zRb80OEF6evz9SKHOxjy9jzgubdwQT9Crl3Zf90qv/ZGC1G3
6EmBy51xFMVEXAELd/6o8j6ENEkCgYEA0g5DGbAodqbLTp1Qf7FtE2t5WCYSzzwVNbQimLV1vOUG
tY3hVLywIpA1Kujf1dNOmTJVUuiBPPlcU/YjHMT9h33wRDc0oXmqx2++MF0aQtRy6U4iFRQJWs+v
d8J1eQ8jgEhQNZLWrqK6zue0jW6YFO2Wlz/GCOACbkp40FJysHUCgYEAtUV81BUTy07DAHfV+yIJ
kms5UGDle/lOTHzyhBmc2gRdoMm/jeGgL+ZGC0OespXaDewn8F/AP+2m+pLDfMEKYZ/VIrjICx0T
0BpxW9OPdUkuVMH5VwW6fNgsVh0jjwUZfLj0gUvSHSjsUUpomqG487uRkeklkLNANXqTi2YDYCMC
gYAC1IRc7T2uU5L7rSzve4F/uHv7DxBD0Ihsn8+zhQZgFCnh+lZl4ODypkTBHkAdzmoJsF7r7gwH
uUhgLTnN4m2UDMNW9/NylYQSidPjLO30po4hzJay+AEkQxYXI/yXM/gDe3XxMthHpBOmRALvwOS1
q3nS8d4GMpZ1y/USwXmgHQKBgDJAaTKCBVK/Kt/eWLud2/lzMBhQRE3x9vrNSI3Ga+0keLAyPaAf
hEDDHXfR7xSi5igl54yDftA6GagtN3RGL5KQtI1DnHE4Rl3Sdsp2A7cH6ogknfK569DgPKpCubDU
QRSKUX3mfwEGbzy52/XCD3vB68D/WSKcDpjEulJSnWzxAoGAB7oGwMMnwy2GSxAuPiiXOl4n5hwa
vJ15qCmKTSYx7eWCu1zCE3NYW6Pvohz+YRJqilAOt45uNK65g6w/ZbX/oh2lujDd3VU4INU4fKCS
FCkypPZFAxnG70tuo/US/4W34zOAxoALrIC0uOHyXD2P1yYcQgIkNp7VmoZ7FK/7LMs=
-----END RSA PRIVATE KEY-----



而且如果你的RSA Key有密碼的話，你還需要
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile,password='12345678')




不過，我們可以用publickey來登錄的。
解法如下:
serverHost = "127.0.0.1"
serverPort = 22
userName = "root"
keyFile = "~/.ssh/badboy"
known_host = "~/.ssh/known_hosts"
channel = paramiko.SSHClient();
channel.load_system_host_keys( known_host )
channel.connect( serverHost, serverPort,username = userName, key_filename = keyFile )
）


Running Simple Commands
Lets run some simple commands on a remote machine.

1	import paramiko
2	ssh = paramiko.SSHClient()

 

3	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())<=這樣的話，就會報paramiko.SSHException: Unknown server

 

4	ssh.connect('beastie', username='vinod', password='secret')

 

5	stdin, stdout, stderr = ssh.exec_command('df -h')

 

6	print stdout.readlines()

 

7	ssh.close()

“paramiko.AutoAddPolicy()” which will auto-accept unknown keys.

Using sudo in running commands:

01	import paramiko

02

03	cmd = "sudo /etc/rc.d/apache2 restart"

04

05	ssh = paramiko.SSHClient()

 

06	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

 

07	ssh.connect('beastie', username='vinod', password='secret')

 

08	stdin, stdout, stderr = ssh.exec_command(cmd)

 

09	stdin.write('secret\n')

 

10	stdin.flush()

 

11	print stdout.readlines()

 

12	ssh.close()

在這個例子中，無法運行，也無法解釋，希望志同道合的朋友能給個解釋!



Secure File Transfer Using SFTPClient
SFTPClient is used to open an sftp session across an open ssh Transport and do remote file operations.
An SSH Transport attaches to a stream (usually a socket), negotiates an encrypted session, authenticates, and then creates stream tunnels, called[url=]Channel[/url]s, across the session. Multiple channels can be multiplexed across a single session (and often are, in the case of port forwardings).
以下是用密碼認證功能登錄的
#!/usr/bin/env python
import paramiko
socks=('127.0.0.1',22)
testssh=paramiko.Transport(socks)
testssh.connect(username='root',password='000000')
sftptest=paramiko.SFTPClient.from_transport(testssh)
remotepath="/tmp/a.log"
localpath="/tmp/c.log"
sftptest.put(remotepath,localpath)
sftptest.close()
testssh.close()

以下是用DSA認證登錄的(PubkeyAuthentication)
#!/usr/bin/env python
import paramiko

serverHost = "192.168.1.172"
serverPort = 22
userName = "root"
keyFile = "/root/.ssh/zhuzhengjun"
known_host = "/root/.ssh/known_hosts"
channel = paramiko.SSHClient();
#host_keys = channel.load_system_host_keys(known_host)
channel.set_missing_host_key_policy(paramiko.AutoAddPolicy())
channel.connect(serverHost, serverPort,username=userName, key_filename=keyFile )
testssh=paramiko.Transport((serverHost,serverPort))
mykey = paramiko.DSSKey.from_private_key_file(keyFile,password='xyxyxy')
testssh.connect(username=userName,pkey=mykey)
sftptest=paramiko.SFTPClient.from_transport(testssh)
filepath='/tmp/e.log'
localpath='/tmp/a.log'
sftptest.put(localpath,filepath)
sftptest.close()
testssh.close()

以下是用RSA Key認證登錄的
#!/usr/bin/evn python

import os
import paramiko

host='127.0.0.1'
port=22
testssh=paramiko.Transport((host,port))
privatekeyfile = os.path.expanduser('~/.ssh/badboy')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile,password='000000')
username = 'root'
testssh.connect(username=username, pkey=mykey)
sftptest=paramiko.SFTPClient.from_transport(testssh)
filepath='/tmp/e.log'
localpath='/tmp/a.log'
sftptest.put(localpath,filepath)
sftptest.close()
testssh.close()