问题
I'm trying to write a small Python program to check whether an SSH server allows a password authentication. Here is the current plan:
import base64
import paramiko
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect('ssh.example.com', username='strongbad', password='thecheat')
stdin, stdout, stderr = client.exec_command('ls')
for line in stdout:
print('... ' + line.strip('\n'))
client.close()
The idea is to grep the output or to later put a try catch block around the connect statement.
My problem however is that some of the systems that I run the program on have access via a RSA key that is stored under ~/.ssh. And in these cases, the connect will simply succeed (which I want to avoid).
So, here is the question: Does anybody know any way to force Paramiko (or another SSH client) to use passwords?
Thanks
回答1:
The SSHClient.connect method has look_for_keys argument. Set it to False:
client.connect(
'ssh.example.com', username='strongbad', password='thecheat', look_for_keys=False)
Similarly you may want to set allow_agent to False as well.
Obligatory warning: Do not use AutoAddPolicy, unless you do not care about security. You are losing a protection against MITM attacks this way.
For a correct solution, see Paramiko "Unknown Server".
来源:https://stackoverflow.com/questions/52632693/force-password-authentication-ignore-keys-in-ssh-folder-in-paramiko-in-python