Paramiko
paramiko 模块官方网站:
http://www.paramiko.org/
paramiko 模块功能概述:
Paramiko 是一个python(2.6+,3.3+)的实现SSHv2协议的模块,它提供了客户端和服务器端的功能。虽然利用Python C扩展为低水平加密(加密),Paramiko本身就是一个纯Python接口在SSH网络概念。
paramiko 模块安装方式:
pip3 install paramiko
sshclient
用于连接远程服务器并执行相应的命令
sshclien连接服务器的两种方式:
1、基于用户名密码连接:
import paramiko
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', password='123')
# 执行命令
stdin, stdout, stderr = ssh.exec_command('ls')
# 获取命令结果
result = stdout.read()
# 关闭连接
ssh.close()
1 import paramiko
2
3 # 创建SSH对象
4 ssh = paramiko.SSHClient()
5 # 允许连接不在know_hosts文件中的主机
6 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
7 # 连接服务器
8 ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', password='123')
9
10 # 执行命令
11 stdin, stdout, stderr = ssh.exec_command('ls')
12 # 获取命令结果
13 result = stdout.read()
14
15 # 关闭连接
16 ssh.close()
2、基于公钥秘钥连接:
import paramiko
private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', key=private_key)
# 执行命令
stdin, stdout, stderr = ssh.exec_command('df')
# 获取命令结果
result = stdout.read()
# 关闭连接
ssh.close()
1 import paramiko
2
3 private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
4
5 transport = paramiko.Transport(('hostname', 22))
6 transport.connect(username='wupeiqi', pkey=private_key)
7
8 ssh = paramiko.SSHClient()
9 ssh._transport = transport
10
11 stdin, stdout, stderr = ssh.exec_command('df')
12
13 transport.close()
sftpclient:
用于连接远程服务器并执行上传下载
1、基于用户名密码上传下载:
import paramiko
transport = paramiko.Transport(('hostname',22))
transport.connect(username='wupeiqi',password='123')
sftp = paramiko.SFTPClient.from_transport(transport)
# 将location.py 上传至服务器 /tmp/test.py
sftp.put('/tmp/location.py', '/tmp/test.py')
# 将remove_path 下载到本地 local_path
sftp.get('remove_path', 'local_path')
transport.close()
2、基于公钥密钥上传下载:
import paramiko
private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
transport = paramiko.Transport(('hostname', 22))
transport.connect(username='wupeiqi', pkey=private_key )
sftp = paramiko.SFTPClient.from_transport(transport)
# 将location.py 上传至服务器 /tmp/test.py
sftp.put('/tmp/location.py', '/tmp/test.py')
# 将remove_path 下载到本地 local_path
sftp.get('remove_path', 'local_path')
transport.close()
1 #!/usr/bin/env python
2 # -*- coding:utf-8 -*-
3 import paramiko
4 import uuid
5
6 class SSHConnection(object):
7
8 def __init__(self, host='172.16.103.191', port=22, username='wupeiqi',pwd='123'):
9 self.host = host
10 self.port = port
11 self.username = username
12 self.pwd = pwd
13 self.__k = None
14
15 def create_file(self):
16 file_name = str(uuid.uuid4())
17 with open(file_name,'w') as f:
18 f.write('sb')
19 return file_name
20
21 def run(self):
22 self.connect()
23 self.upload('/home/wupeiqi/tttttttttttt.py')
24 self.rename('/home/wupeiqi/tttttttttttt.py', '/home/wupeiqi/ooooooooo.py)
25 self.close()
26
27 def connect(self):
28 transport = paramiko.Transport((self.host,self.port))
29 transport.connect(username=self.username,password=self.pwd)
30 self.__transport = transport
31
32 def close(self):
33
34 self.__transport.close()
35
36 def upload(self,target_path):
37 # 连接,上传
38 file_name = self.create_file()
39
40 sftp = paramiko.SFTPClient.from_transport(self.__transport)
41 # 将location.py 上传至服务器 /tmp/test.py
42 sftp.put(file_name, target_path)
43
44 def rename(self, old_path, new_path):
45
46 ssh = paramiko.SSHClient()
47 ssh._transport = self.__transport
48 # 执行命令
49 cmd = "mv %s %s" % (old_path, new_path,)
50 stdin, stdout, stderr = ssh.exec_command(cmd)
51 # 获取命令结果
52 result = stdout.read()
53
54 def cmd(self, command):
55 ssh = paramiko.SSHClient()
56 ssh._transport = self.__transport
57 # 执行命令
58 stdin, stdout, stderr = ssh.exec_command(command)
59 # 获取命令结果
60 result = stdout.read()
61 return result
62
63
64
65 ha = SSHConnection()
66 ha.run()
# 对于更多限制命令,需要在系统中设置 /etc/sudoers Defaults requiretty Defaults:cmdb !requiretty
1 import paramiko
2 import uuid
3
4 class SSHConnection(object):
5
6 def __init__(self, host='192.168.11.61', port=22, username='alex',pwd='alex3714'):
7 self.host = host
8 self.port = port
9 self.username = username
10 self.pwd = pwd
11 self.__k = None
12
13 def run(self):
14 self.connect()
15 pass
16 self.close()
17
18 def connect(self):
19 transport = paramiko.Transport((self.host,self.port))
20 transport.connect(username=self.username,password=self.pwd)
21 self.__transport = transport
22
23 def close(self):
24 self.__transport.close()
25
26 def cmd(self, command):
27 ssh = paramiko.SSHClient()
28 ssh._transport = self.__transport
29 # 执行命令
30 stdin, stdout, stderr = ssh.exec_command(command)
31 # 获取命令结果
32 result = stdout.read()
33 return result
34
35 def upload(self,local_path, target_path):
36 # 连接,上传
37 sftp = paramiko.SFTPClient.from_transport(self.__transport)
38 # 将location.py 上传至服务器 /tmp/test.py
39 sftp.put(local_path, target_path)
40
41 ssh = SSHConnection()
42 ssh.connect()
43 r1 = ssh.cmd('df')
44 ssh.upload('s2.py', "/home/alex/s7.py")
45 ssh.close()
堡垒机:
堡垒机模型:
堡垒机原理和执行流程:
1、管理员为用户在服务器上创建账号(将公钥放置服务器,或者使用用户名密码)
2、用户登入堡垒机,输入堡垒机用户名密码,实现当前用户管理的服务器列表
3、用户选择服务器,并自动登入
4、执行操作并同时将用户操作记录
实现过程:
前奏
import paramiko
import sys
import os
import socket
import select
import getpass
tran = paramiko.Transport(('10.211.55.4', 22,))
tran.start_client()
tran.auth_password('wupeiqi', '123')
# 打开一个通道
chan = tran.open_session()
# 获取一个终端
chan.get_pty()
# 激活器
chan.invoke_shell()
#########
# 利用sys.stdin,肆意妄为执行操作
# 用户在终端输入内容,并将内容发送至远程服务器
# 远程服务器执行命令,并将结果返回
# 用户终端显示内容
#########
chan.close()
tran.close()
2、终极版本:
import paramiko
import sys
import os
import socket
import select
import getpass
from paramiko.py3compat import u
tran = paramiko.Transport(('10.211.55.4', 22,))
tran.start_client()
tran.auth_password('wupeiqi', '123')
# 打开一个通道
chan = tran.open_session()
# 获取一个终端
chan.get_pty()
# 激活器
chan.invoke_shell()
while True:
# 监视用户输入和服务器返回数据
# sys.stdin 处理用户输入
# chan 是之前创建的通道,用于接收服务器返回信息
readable, writeable, error = select.select([chan, sys.stdin, ],[],[],1)
if chan in readable:
try:
x = u(chan.recv(1024))
if len(x) == 0:
print('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in readable:
inp = sys.stdin.readline()
chan.sendall(inp)
chan.close()
tran.close()
1 #!/usr/bin/env python
2 # -*- coding:utf-8 -*-
3
4 import paramiko
5 import sys
6 import os
7 import socket
8 import select
9 import getpass
10 from paramiko.py3compat import u
11
12
13 default_username = getpass.getuser()
14 username = input('Username [%s]: ' % default_username)
15 if len(username) == 0:
16 username = default_username
17
18
19 hostname = input('Hostname: ')
20 if len(hostname) == 0:
21 print('*** Hostname required.')
22 sys.exit(1)
23
24 tran = paramiko.Transport((hostname, 22,))
25 tran.start_client()
26
27 default_auth = "p"
28 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth)
29 if len(auth) == 0:
30 auth = default_auth
31
32 if auth == 'r':
33 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa')
34 path = input('RSA key [%s]: ' % default_path)
35 if len(path) == 0:
36 path = default_path
37 try:
38 key = paramiko.RSAKey.from_private_key_file(path)
39 except paramiko.PasswordRequiredException:
40 password = getpass.getpass('RSA key password: ')
41 key = paramiko.RSAKey.from_private_key_file(path, password)
42 tran.auth_publickey(username, key)
43 else:
44 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname))
45 tran.auth_password(username, pw)
46
47
48
49 # 打开一个通道
50 chan = tran.open_session()
51 # 获取一个终端
52 chan.get_pty()
53 # 激活器
54 chan.invoke_shell()
55
56 while True:
57 # 监视用户输入和服务器返回数据
58 # sys.stdin 处理用户输入
59 # chan 是之前创建的通道,用于接收服务器返回信息
60 readable, writeable, error = select.select([chan, sys.stdin, ],[],[],1)
61 if chan in readable:
62 try:
63 x = u(chan.recv(1024))
64 if len(x) == 0:
65 print('\r\n*** EOF\r\n')
66 break
67 sys.stdout.write(x)
68 sys.stdout.flush()
69 except socket.timeout:
70 pass
71 if sys.stdin in readable:
72 inp = sys.stdin.readline()
73 chan.sendall(inp)
74
75 chan.close()
76 tran.close()
3、终极版本二
import paramiko
import sys
import os
import socket
import select
import getpass
import termios
import tty
from paramiko.py3compat import u
tran = paramiko.Transport(('10.211.55.4', 22,))
tran.start_client()
tran.auth_password('wupeiqi', '123')
# 打开一个通道
chan = tran.open_session()
# 获取一个终端
chan.get_pty()
# 激活器
chan.invoke_shell()
# 获取原tty属性
oldtty = termios.tcgetattr(sys.stdin)
try:
# 为tty设置新属性
# 默认当前tty设备属性:
# 输入一行回车,执行
# CTRL+C 进程退出,遇到特殊字符,特殊处理。
# 这是为原始模式,不认识所有特殊符号
# 放置特殊字符应用在当前终端,如此设置,将所有的用户输入均发送到远程服务器
tty.setraw(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
# 监视 用户输入 和 远程服务器返回数据(socket)
# 阻塞,直到句柄可读
r, w, e = select.select([chan, sys.stdin], [], [], 1)
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
print('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
finally:
# 重新设置终端属性
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
chan.close()
tran.close()
1 import paramiko
2 import sys
3 import os
4 import socket
5 import select
6 import getpass
7 import termios
8 import tty
9 from paramiko.py3compat import u
10
11
12 default_username = getpass.getuser()
13 username = input('Username [%s]: ' % default_username)
14 if len(username) == 0:
15 username = default_username
16
17
18 hostname = input('Hostname: ')
19 if len(hostname) == 0:
20 print('*** Hostname required.')
21 sys.exit(1)
22
23 tran = paramiko.Transport((hostname, 22,))
24 tran.start_client()
25
26 default_auth = "p"
27 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth)
28 if len(auth) == 0:
29 auth = default_auth
30
31 if auth == 'r':
32 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa')
33 path = input('RSA key [%s]: ' % default_path)
34 if len(path) == 0:
35 path = default_path
36 try:
37 key = paramiko.RSAKey.from_private_key_file(path)
38 except paramiko.PasswordRequiredException:
39 password = getpass.getpass('RSA key password: ')
40 key = paramiko.RSAKey.from_private_key_file(path, password)
41 tran.auth_publickey(username, key)
42 else:
43 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname))
44 tran.auth_password(username, pw)
45
46 # 打开一个通道
47 chan = tran.open_session()
48 # 获取一个终端
49 chan.get_pty()
50 # 激活器
51 chan.invoke_shell()
52
53
54 # 获取原tty属性
55 oldtty = termios.tcgetattr(sys.stdin)
56 try:
57 # 为tty设置新属性
58 # 默认当前tty设备属性:
59 # 输入一行回车,执行
60 # CTRL+C 进程退出,遇到特殊字符,特殊处理。
61
62 # 这是为原始模式,不认识所有特殊符号
63 # 放置特殊字符应用在当前终端,如此设置,将所有的用户输入均发送到远程服务器
64 tty.setraw(sys.stdin.fileno())
65 chan.settimeout(0.0)
66
67 while True:
68 # 监视 用户输入 和 远程服务器返回数据(socket)
69 # 阻塞,直到句柄可读
70 r, w, e = select.select([chan, sys.stdin], [], [], 1)
71 if chan in r:
72 try:
73 x = u(chan.recv(1024))
74 if len(x) == 0:
75 print('\r\n*** EOF\r\n')
76 break
77 sys.stdout.write(x)
78 sys.stdout.flush()
79 except socket.timeout:
80 pass
81 if sys.stdin in r:
82 x = sys.stdin.read(1)
83 if len(x) == 0:
84 break
85 chan.send(x)
86
87 finally:
88 # 重新设置终端属性
89 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
90
91
92 chan.close()
93 tran.close()
1 import paramiko
2 import sys
3 import os
4 import socket
5 import getpass
6
7 from paramiko.py3compat import u
8
9 # windows does not have termios...
10 try:
11 import termios
12 import tty
13 has_termios = True
14 except ImportError:
15 has_termios = False
16
17
18 def interactive_shell(chan):
19 if has_termios:
20 posix_shell(chan)
21 else:
22 windows_shell(chan)
23
24
25 def posix_shell(chan):
26 import select
27
28 oldtty = termios.tcgetattr(sys.stdin)
29 try:
30 tty.setraw(sys.stdin.fileno())
31 tty.setcbreak(sys.stdin.fileno())
32 chan.settimeout(0.0)
33 log = open('handle.log', 'a+', encoding='utf-8')
34 flag = False
35 temp_list = []
36 while True:
37 r, w, e = select.select([chan, sys.stdin], [], [])
38 if chan in r:
39 try:
40 x = u(chan.recv(1024))
41 if len(x) == 0:
42 sys.stdout.write('\r\n*** EOF\r\n')
43 break
44 if flag:
45 if x.startswith('\r\n'):
46 pass
47 else:
48 temp_list.append(x)
49 flag = False
50 sys.stdout.write(x)
51 sys.stdout.flush()
52 except socket.timeout:
53 pass
54 if sys.stdin in r:
55 x = sys.stdin.read(1)
56 import json
57
58 if len(x) == 0:
59 break
60
61 if x == '\t':
62 flag = True
63 else:
64 temp_list.append(x)
65 if x == '\r':
66 log.write(''.join(temp_list))
67 log.flush()
68 temp_list.clear()
69 chan.send(x)
70
71 finally:
72 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
73
74
75 def windows_shell(chan):
76 import threading
77
78 sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n")
79
80 def writeall(sock):
81 while True:
82 data = sock.recv(256)
83 if not data:
84 sys.stdout.write('\r\n*** EOF ***\r\n\r\n')
85 sys.stdout.flush()
86 break
87 sys.stdout.write(data)
88 sys.stdout.flush()
89
90 writer = threading.Thread(target=writeall, args=(chan,))
91 writer.start()
92
93 try:
94 while True:
95 d = sys.stdin.read(1)
96 if not d:
97 break
98 chan.send(d)
99 except EOFError:
100 # user hit ^Z or F6
101 pass
102
103
104 def run():
105 tran = paramiko.Transport(('10.211.55.4', 22,))
106 tran.start_client()
107 tran.auth_password('wupeiqi', '123')
108
109 # 打开一个通道
110 chan = tran.open_session()
111 # 获取一个终端
112 chan.get_pty()
113 # 激活器
114 chan.invoke_shell()
115
116 interactive_shell(chan)
117
118 chan.close()
119 tran.close()
120
121
122 if __name__ == '__main__':
123 run()
1 import paramiko
2 import sys
3 import os
4 import socket
5 import getpass
6
7 from paramiko.py3compat import u
8
9 # windows does not have termios...
10 try:
11 import termios
12 import tty
13 has_termios = True
14 except ImportError:
15 has_termios = False
16
17
18 def interactive_shell(chan):
19 if has_termios:
20 posix_shell(chan)
21 else:
22 windows_shell(chan)
23
24
25 def posix_shell(chan):
26 import select
27
28 oldtty = termios.tcgetattr(sys.stdin)
29 try:
30 tty.setraw(sys.stdin.fileno())
31 tty.setcbreak(sys.stdin.fileno())
32 chan.settimeout(0.0)
33 log = open('handle.log', 'a+', encoding='utf-8')
34 flag = False
35 temp_list = []
36 while True:
37 r, w, e = select.select([chan, sys.stdin], [], [])
38 if chan in r:
39 try:
40 x = u(chan.recv(1024))
41 if len(x) == 0:
42 sys.stdout.write('\r\n*** EOF\r\n')
43 break
44 if flag:
45 if x.startswith('\r\n'):
46 pass
47 else:
48 temp_list.append(x)
49 flag = False
50 sys.stdout.write(x)
51 sys.stdout.flush()
52 except socket.timeout:
53 pass
54 if sys.stdin in r:
55 x = sys.stdin.read(1)
56 import json
57
58 if len(x) == 0:
59 break
60
61 if x == '\t':
62 flag = True
63 else:
64 temp_list.append(x)
65 if x == '\r':
66 log.write(''.join(temp_list))
67 log.flush()
68 temp_list.clear()
69 chan.send(x)
70
71 finally:
72 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
73
74
75 def windows_shell(chan):
76 import threading
77
78 sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n")
79
80 def writeall(sock):
81 while True:
82 data = sock.recv(256)
83 if not data:
84 sys.stdout.write('\r\n*** EOF ***\r\n\r\n')
85 sys.stdout.flush()
86 break
87 sys.stdout.write(data)
88 sys.stdout.flush()
89
90 writer = threading.Thread(target=writeall, args=(chan,))
91 writer.start()
92
93 try:
94 while True:
95 d = sys.stdin.read(1)
96 if not d:
97 break
98 chan.send(d)
99 except EOFError:
100 # user hit ^Z or F6
101 pass
102
103
104 def run():
105 default_username = getpass.getuser()
106 username = input('Username [%s]: ' % default_username)
107 if len(username) == 0:
108 username = default_username
109
110
111 hostname = input('Hostname: ')
112 if len(hostname) == 0:
113 print('*** Hostname required.')
114 sys.exit(1)
115
116 tran = paramiko.Transport((hostname, 22,))
117 tran.start_client()
118
119 default_auth = "p"
120 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth)
121 if len(auth) == 0:
122 auth = default_auth
123
124 if auth == 'r':
125 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa')
126 path = input('RSA key [%s]: ' % default_path)
127 if len(path) == 0:
128 path = default_path
129 try:
130 key = paramiko.RSAKey.from_private_key_file(path)
131 except paramiko.PasswordRequiredException:
132 password = getpass.getpass('RSA key password: ')
133 key = paramiko.RSAKey.from_private_key_file(path, password)
134 tran.auth_publickey(username, key)
135 else:
136 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname))
137 tran.auth_password(username, pw)
138
139 # 打开一个通道
140 chan = tran.open_session()
141 # 获取一个终端
142 chan.get_pty()
143 # 激活器
144 chan.invoke_shell()
145
146 interactive_shell(chan)
147
148 chan.close()
149 tran.close()
150
151
152 if __name__ == '__main__':
153 run()
来源:https://www.cnblogs.com/huaijunliang/p/5735770.html