Python paramiko.ProxyCommand() Examples
The following are 15
code examples of paramiko.ProxyCommand().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
paramiko
, or try the search function
.
.
Example #1
| Source File: fortios.py From pyfg with Apache License 2.0 | 9 votes |
|
def open(self):
"""
Opens the ssh session with the device.
"""
logger.debug('Connecting to device %s, vdom %s' % (self.hostname, self.vdom))
self.ssh = paramiko.SSHClient()
self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
cfg = {
'hostname': self.hostname,
'timeout': self.timeout,
'username': self.username,
'password': self.password,
'key_filename': self.keyfile
}
if os.path.exists(os.path.expanduser("~/.ssh/config")):
ssh_config = paramiko.SSHConfig()
user_config_file = os.path.expanduser("~/.ssh/config")
with io.open(user_config_file, 'rt', encoding='utf-8') as f:
ssh_config.parse(f)
host_conf = ssh_config.lookup(self.hostname)
if host_conf:
if 'proxycommand' in host_conf:
cfg['sock'] = paramiko.ProxyCommand(host_conf['proxycommand'])
if 'user' in host_conf:
cfg['username'] = host_conf['user']
if 'identityfile' in host_conf:
cfg['key_filename'] = host_conf['identityfile']
if 'hostname' in host_conf:
cfg['hostname'] = host_conf['hostname']
self.ssh.connect(**cfg)
Example #2
| Source File: paramiko.py From testinfra with Apache License 2.0 | 7 votes |
|
def _load_ssh_config(self, client, cfg, ssh_config):
for key, value in ssh_config.lookup(self.host.name).items():
if key == "hostname":
cfg[key] = value
elif key == "user":
cfg["username"] = value
elif key == "port":
cfg[key] = int(value)
elif key == "identityfile":
cfg["key_filename"] = os.path.expanduser(value[0])
elif key == "stricthostkeychecking" and value == "no":
client.set_missing_host_key_policy(IgnorePolicy())
elif key == "requesttty":
self.get_pty = value in ('yes', 'force')
elif key == "gssapikeyexchange":
cfg['gss_auth'] = (value == 'yes')
elif key == "gssapiauthentication":
cfg['gss_kex'] = (value == 'yes')
elif key == "proxycommand":
cfg['sock'] = paramiko.ProxyCommand(value)
Example #3
| Source File: sshtunnel.py From sshtunnel with MIT License | 7 votes |
|
def _get_transport(self):
""" Return the SSH transport to the remote gateway """
if self.ssh_proxy:
if isinstance(self.ssh_proxy, paramiko.proxy.ProxyCommand):
proxy_repr = repr(self.ssh_proxy.cmd[1])
else:
proxy_repr = repr(self.ssh_proxy)
self.logger.debug('Connecting via proxy: {0}'.format(proxy_repr))
_socket = self.ssh_proxy
else:
_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if isinstance(_socket, socket.socket):
_socket.settimeout(SSH_TIMEOUT)
_socket.connect((self.ssh_host, self.ssh_port))
transport = paramiko.Transport(_socket)
transport.set_keepalive(self.set_keepalive)
transport.use_compression(compress=self.compression)
transport.daemon = self.daemon_transport
return transport
Example #4
| Source File: aws_launcher.py From CrypTen with MIT License | 6 votes |
|
def connect_to_instance(instance, keypath, username, http_proxy=None):
print(f"Connecting to {instance.id}...")
ip_address = instance.public_ip_address
if http_proxy:
# paramiko.ProxyCommand does not do string substitution for %h %p,
# so 'nc --proxy-type http --proxy fwdproxy:8080 %h %p' would not work!
proxy = paramiko.ProxyCommand(
f"nc --proxy-type http --proxy {http_proxy} {ip_address} {22}"
)
proxy.settimeout(300)
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
retries = 20
while retries > 0:
try:
client.connect(
ip_address,
username=username,
key_filename=keypath,
timeout=10,
sock=proxy if http_proxy else None,
)
print(f"Connected to {instance.id}")
break
except Exception as e:
print(f"Exception: {e} Retrying...")
retries -= 1
time.sleep(10)
return client
Example #5
| Source File: schecks.py From check-linux-by-ssh with MIT License | 6 votes |
|
def connect(hostname, port, ssh_key_file, passphrase, user):
# If we are in a localhost case, don't play with ssh
if is_local(hostname):
return LocalExec()
# Maybe paramiko is missing, but now we relly need ssh...
if paramiko is None:
print "ERROR : this plugin needs the python-paramiko module. Please install it"
sys.exit(2)
if not os.path.exists(os.path.expanduser(ssh_key_file)):
err = "Error : missing ssh key file. please specify it with -i parameter"
raise Exception(err)
ssh_key_file = os.path.expanduser(ssh_key_file)
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_config = paramiko.SSHConfig()
user_config_file = os.path.expanduser("~/.ssh/config")
if os.path.exists(user_config_file):
with open(user_config_file) as f:
ssh_config.parse(f)
cfg = {'hostname': hostname, 'port': port, 'username': user, 'key_filename': ssh_key_file, 'password': passphrase}
user_config = ssh_config.lookup(cfg['hostname'])
for k in ('hostname', port, 'username', 'key_filename', 'password'):
if k in user_config:
cfg[k] = user_config[k]
if 'proxycommand' in user_config:
cfg['sock'] = paramiko.ProxyCommand(user_config['proxycommand'])
try:
client.connect(**cfg)
except Exception, exp:
err = "Error : connexion failed '%s'" % exp
print err
sys.exit(2)
Example #6
| Source File: flow.py From pwnypack with MIT License | 5 votes |
|
def connect(self, hostname, *args, **kwargs):
connect = super(SSHClient, self).connect
options = inspect.getcallargs(connect, hostname, *args, **kwargs)
del options['self']
ssh_config = paramiko.SSHConfig()
user_config_file = os.path.expanduser("~/.ssh/config")
if os.path.exists(user_config_file):
with open(user_config_file) as f:
ssh_config.parse(f)
user_config = ssh_config.lookup(options['hostname'])
if 'hostname' in user_config:
options['hostname'] = user_config['hostname']
if 'port' not in kwargs and 'port' in user_config:
options['port'] = int(user_config['port'])
if 'username' not in kwargs and 'user' in user_config:
options['username'] = user_config['user']
if 'key_filename' not in kwargs and 'identityfile' in user_config:
options['key_filename'] = user_config['identityfile']
if 'timeout' not in kwargs and 'connecttimeout' in user_config:
options['timeout'] = int(user_config['connecttimeout'])
if 'look_for_keys' not in kwargs and 'allow_agent' not in kwargs and 'identiesonly' in user_config:
options['look_for_keys'] = options['allow_agent'] = user_config['identiesonly'] == 'no'
if 'gss_auth' not in kwargs and 'gssapiauthentication' in user_config:
options['gss_auth'] = user_config['gssapiauthentication'] == 'yes'
if 'gss_kex' not in kwargs and 'gssapikeyexchange' in user_config:
options['gss_key'] = user_config['gssapikeyexchange'] == 'yes'
if 'gss_deleg_creds' not in kwargs and 'gssapidelegatecredentials' in user_config:
options['gss_deleg_creds'] = user_config['gssapidelegatecredentials'] == 'yes'
if 'compress' not in kwargs and 'compression' in user_config:
options['compress'] = user_config['compress'] == 'yes'
if 'sock' not in kwargs and 'proxycommand' in user_config:
options['sock'] = paramiko.ProxyCommand(user_config['proxycommand'])
return connect(**options)
Example #7
| Source File: test_sshuserclient.py From pyinfra with MIT License | 5 votes |
|
def test_load_ssh_config(self):
client = SSHClient()
_, config, forward_agent = client.parse_config('127.0.0.1')
assert config.get('key_filename') == ['/id_rsa', '/id_rsa2']
assert config.get('username') == 'testuser'
assert config.get('port') == 33
assert isinstance(config.get('sock'), ProxyCommand)
assert forward_agent is False
_, other_config, forward_agent = client.parse_config('192.168.1.1')
assert other_config.get('username') == 'otheruser'
assert forward_agent is True
Example #8
| Source File: opensky_impala.py From traffic with MIT License | 5 votes |
|
def _connect(self) -> None: # coverage: ignore
if self.username == "" or self.password == "":
raise RuntimeError("This method requires authentication.")
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
extra_args = dict()
if self.proxy_command != "":
# for instance:
# "ssh -W data.opensky-network.org:2230 proxy_machine"
# or "connect.exe -H proxy_ip:proxy_port %h %p"
logging.info(f"Using ProxyCommand: {self.proxy_command}")
extra_args["sock"] = paramiko.ProxyCommand(self.proxy_command)
client.connect(
"data.opensky-network.org",
port=2230,
username=self.username,
password=self.password,
look_for_keys=False,
allow_agent=False,
compress=True,
**extra_args,
)
self.stdin, self.stdout, self.stderr = client.exec_command(
"-B", bufsize=-1, get_pty=True
)
self.connected = True
total = ""
while len(total) == 0 or total[-10:] != ":21000] > ":
b = self.stdout.channel.recv(256)
total += b.decode()
Example #9
| Source File: paramiko_ssh.py From st2 with Apache License 2.0 | 5 votes |
|
def _get_ssh_config_for_host(self, host):
ssh_config_info = {}
ssh_config_parser = paramiko.SSHConfig()
try:
with open(self.ssh_config_file) as f:
ssh_config_parser.parse(f)
except IOError as e:
raise Exception('Error accessing ssh config file %s. Code: %s Reason %s' %
(self.ssh_config_file, e.errno, e.strerror))
ssh_config = ssh_config_parser.lookup(host)
self.logger.info('Parsed SSH config file contents: %s', ssh_config)
if ssh_config:
for k in ('hostname', 'user', 'port'):
if k in ssh_config:
ssh_config_info[k] = ssh_config[k]
if 'identityfile' in ssh_config:
key_file = ssh_config['identityfile']
if type(key_file) is list:
key_file = key_file[0]
ssh_config_info['identityfile'] = key_file
if 'proxycommand' in ssh_config:
ssh_config_info['sock'] = paramiko.ProxyCommand(ssh_config['proxycommand'])
return ssh_config_info
Example #10
| Source File: scp_upload.py From panotti with MIT License | 5 votes |
|
def scp_upload(src_blob='Preproc.tar.gz', dst_blob="~", options={'hostname': 'lecun', 'username': 'shawley'}, progress=simple_callback):
# from https://gist.github.com/acdha/6064215
#--- Make the Paramiko SSH thing use my .ssh/config file (b/c I like ProxyCommand!)
client = SSHClient()
client.load_system_host_keys()
client._policy = WarningPolicy()
client.set_missing_host_key_policy(WarningPolicy()) # hmm. WarningPolicy? Most people use AutoAddPolicy.
ssh_config = SSHConfig()
user_config_file = os.path.expanduser("~/.ssh/config")
if os.path.exists(user_config_file):
with open(user_config_file) as f:
ssh_config.parse(f)
cfg = {'hostname': options['hostname'], 'username': options["username"]}
user_config = ssh_config.lookup(cfg['hostname'])
for k in ('hostname', 'username', 'port'):
if k in user_config:
cfg[k] = user_config[k]
if 'proxycommand' in user_config:
cfg['sock'] = ProxyCommand(user_config['proxycommand'])
client.connect(**cfg)
socket_timeout = None # number of seconds for timeout. None = never timeout. TODO: None means program may hang. But timeouts are annoying!
# SCPCLient takes a paramiko transport and progress callback as its arguments.
scp = SCPClient(client.get_transport(), progress=progress, socket_timeout=socket_timeout)
# NOW we can finally upload! (in a separate process)
#scp.put(src_blob, dst_blob) # now in scp_thread
# we want this to be non-blocking so we stick it in a thread
thread = threading.Thread(target=scp_thread, args=(scp,src_blob, dst_blob) )
thread.start()
#scp.close() # now in scp_thread
Example #11
| Source File: sshtunnel.py From sshtunnel with MIT License | 5 votes |
|
def _cli_main(args=None):
""" Pass input arguments to open_tunnel
Mandatory: ssh_address, -R (remote bind address list)
Optional:
-U (username) we may gather it from SSH_CONFIG_FILE or current username
-p (server_port), defaults to 22
-P (password)
-L (local_bind_address), default to 0.0.0.0:22
-k (ssh_host_key)
-K (private_key_file), may be gathered from SSH_CONFIG_FILE
-S (private_key_password)
-t (threaded), allow concurrent connections over tunnels
-v (verbose), up to 3 (-vvv) to raise loglevel from ERROR to DEBUG
-V (version)
-x (proxy), ProxyCommand's IP:PORT, may be gathered from config file
-c (ssh_config), ssh configuration file (defaults to SSH_CONFIG_FILE)
-z (compress)
-n (noagent), disable looking for keys from an Agent
-d (host_pkey_directories), look for keys on these folders
"""
arguments = _parse_arguments(args)
# Remove all "None" input values
_remove_none_values(arguments)
verbosity = min(arguments.pop('verbose'), 4)
levels = [logging.ERROR,
logging.WARNING,
logging.INFO,
logging.DEBUG,
TRACE_LEVEL]
arguments.setdefault('debug_level', levels[verbosity])
with open_tunnel(**arguments) as tunnel:
if tunnel.is_alive:
input_('''
Press <Ctrl-C> or <Enter> to stop!
''')
Example #12
| Source File: SSH.py From im with GNU General Public License v3.0 | 4 votes |
|
def connect(self, time_out=None):
""" Establishes the connection with the SSH server
Arguments:
- time_out: Timeout to connect.
Returns: a paramiko SSHClient connected with the server.
"""
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
proxy = None
proxy_channel = None
if self.proxy_host:
proxy = paramiko.SSHClient()
proxy.set_missing_host_key_policy(paramiko.AutoAddPolicy())
proxy.connect(self.proxy_host.host, self.proxy_host.port, username=self.proxy_host.username,
password=self.proxy_host.password, pkey=self.proxy_host.private_key_obj)
proxy_transport = proxy.get_transport()
dest_addr = (self.host, self.port)
local_addr = (self.proxy_host.host, self.proxy_host.port)
proxy_channel = proxy_transport.open_channel("direct-tcpip", dest_addr, local_addr)
# proxy_command = "sshpass -p %s ssh %s %s@%s nc %s 22" % (self.proxy_host.password,
# '-o StrictHostKeyChecking=no',
# self.proxy_host.username,
# self.proxy_host.host,
# self.host)
# proxy_channel = paramiko.ProxyCommand(proxy_command)
if self.password and self.private_key_obj:
# If both credentials are provided first try to use the password
try:
client.connect(self.host, self.port, username=self.username,
password=self.password, timeout=time_out, sock=proxy_channel)
except paramiko.AuthenticationException:
# and then use the private key
client.connect(self.host, self.port, username=self.username,
pkey=self.private_key_obj, timeout=time_out, sock=proxy_channel)
else:
client.connect(self.host, self.port, username=self.username,
password=self.password, timeout=time_out, sock=proxy_channel,
pkey=self.private_key_obj)
return client, proxy
Example #13
| Source File: resources.py From dagster with Apache License 2.0 | 4 votes |
|
def __init__(
self,
remote_host,
remote_port,
username=None,
password=None,
key_file=None,
key_string=None,
timeout=10,
keepalive_interval=30,
compress=True,
no_host_key_check=True,
allow_host_key_change=False,
logger=None,
):
self.remote_host = check.str_param(remote_host, 'remote_host')
self.remote_port = check.opt_int_param(remote_port, 'remote_port')
self.username = check.opt_str_param(username, 'username')
self.password = check.opt_str_param(password, 'password')
self.key_file = check.opt_str_param(key_file, 'key_file')
self.timeout = check.opt_int_param(timeout, 'timeout')
self.keepalive_interval = check.opt_int_param(keepalive_interval, 'keepalive_interval')
self.compress = check.opt_bool_param(compress, 'compress')
self.no_host_key_check = check.opt_bool_param(no_host_key_check, 'no_host_key_check')
self.allow_host_key_change = check.opt_bool_param(
allow_host_key_change, 'allow_host_key_change'
)
self.log = logger
self.host_proxy = None
# Create RSAKey object from private key string
self.key_obj = key_from_str(key_string) if key_string is not None else None
# Auto detecting username values from system
if not self.username:
logger.debug(
'username to ssh to host: %s is not specified. Using system\'s default provided by'
' getpass.getuser()' % self.remote_host
)
self.username = getpass.getuser()
user_ssh_config_filename = os.path.expanduser('~/.ssh/config')
if os.path.isfile(user_ssh_config_filename):
ssh_conf = paramiko.SSHConfig()
ssh_conf.parse(open(user_ssh_config_filename))
host_info = ssh_conf.lookup(self.remote_host)
if host_info and host_info.get('proxycommand'):
self.host_proxy = paramiko.ProxyCommand(host_info.get('proxycommand'))
if not (self.password or self.key_file):
if host_info and host_info.get('identityfile'):
self.key_file = host_info.get('identityfile')[0]
Example #14
| Source File: elasticluster.py From bcbio-nextgen-vm with MIT License | 4 votes |
|
def _pull_collectl_data(host, username, datadir, bcbio_log, ssh_client,
bastion_host=None, verbose=False):
if verbose:
print('Connecting to {}{}...'.format(
host, ' via {}'.format(bastion_host) if bastion_host else ''))
proxy_command = None
if bastion_host:
proxy_command = paramiko.ProxyCommand(
'ssh -o VisualHostKey=no -W {}:22 ec2-user@{}'.format(
host, bastion_host))
ssh_client.connect(host, username=username, allow_agent=True,
sock=proxy_command)
command = 'stat -c "%s %Y %n" /var/log/collectl/*.raw.gz'
if verbose:
print('Running "{}"...'.format(command))
stdin, stdout, stderr = ssh_client.exec_command(command)
raws = stdout.read().strip()
if not raws:
return
# Only load filenames withing sampling timerage
time_frame = bcbio_graph.log_time_frame(bcbio_log)
for raw in raws.split('\n'):
if bcbio_graph.rawfile_within_timeframe(raw, time_frame):
size, mtime, remote_raw = raw.split()
mtime = int(mtime)
size = int(size)
raw_basename = os.path.basename(remote_raw)
local_raw = os.path.join(datadir, raw_basename)
if (os.path.exists(local_raw) and
int(os.path.getmtime(local_raw)) == mtime and
os.path.getsize(local_raw) == size):
# Remote file hasn't changed, don't re-fetch it.
continue
command = 'cat {}'.format(remote_raw)
# Only transfer the remote raw locally if it falls within our
# sampling timeframe.
if verbose:
print('Running "{}" on {}...'.format(command, host))
stdin, stdout, stderr = ssh_client.exec_command(command)
with open(local_raw, 'wb') as fp:
fp.write(stdout.read())
os.utime(local_raw, (mtime, mtime))
ssh_client.close()
Example #15
| Source File: sshtunnel.py From sshtunnel with MIT License | 4 votes |
|
def _read_ssh_config(ssh_host,
ssh_config_file,
ssh_username=None,
ssh_pkey=None,
ssh_port=None,
ssh_proxy=None,
compression=None,
logger=None):
"""
Read ssh_config_file and tries to look for user (ssh_username),
identityfile (ssh_pkey), port (ssh_port) and proxycommand
(ssh_proxy) entries for ssh_host
"""
ssh_config = paramiko.SSHConfig()
if not ssh_config_file: # handle case where it's an empty string
ssh_config_file = None
# Try to read SSH_CONFIG_FILE
try:
# open the ssh config file
with open(os.path.expanduser(ssh_config_file), 'r') as f:
ssh_config.parse(f)
# looks for information for the destination system
hostname_info = ssh_config.lookup(ssh_host)
# gather settings for user, port and identity file
# last resort: use the 'login name' of the user
ssh_username = (
ssh_username or
hostname_info.get('user')
)
ssh_pkey = (
ssh_pkey or
hostname_info.get('identityfile', [None])[0]
)
ssh_host = hostname_info.get('hostname')
ssh_port = ssh_port or hostname_info.get('port')
proxycommand = hostname_info.get('proxycommand')
ssh_proxy = ssh_proxy or (paramiko.ProxyCommand(proxycommand) if
proxycommand else None)
if compression is None:
compression = hostname_info.get('compression', '')
compression = True if compression.upper() == 'YES' else False
except IOError:
if logger:
logger.warning(
'Could not read SSH configuration file: {0}'
.format(ssh_config_file)
)
except (AttributeError, TypeError): # ssh_config_file is None
if logger:
logger.info('Skipping loading of ssh configuration file')
finally:
return (ssh_host,
ssh_username or getpass.getuser(),
ssh_pkey,
int(ssh_port) if ssh_port else 22, # fallback value
ssh_proxy,
compression)
