深入理解Paramiko:系统大规模运维管理器的实用解析与指南
最编程
2024-02-10 10:00:52
...
一、paramiko介绍
paramiko是基于Python实现的SSH2远程安全连接,支持认证及密钥方式。可以实现远程命令执行、文件传输、中间SSH代理等功能,相对于Pexpect,封装的层次更高,更贴近SSH协议的功能
官网地址:http://www.paramiko.org/installing.html
http://docs.paramiko.org/en/2.4/
https://pypi.org/project/paramiko/
二、paramiko安装
root@localhost ~]# pip3 install paramiko
简单实现远程SSH运行命令示例
import paramiko hostname = '192.168.56.132' username = 'root' password = '1234567' paramiko.util.log_to_file('syslogin.log') #发送paramiko日志到syslogin.log文件 ssh = paramiko.SSHClient() #创建一个SSH客户端client对象 ssh.load_system_host_keys() #获取客户端host_keys,默认~/.ssh/known_hosts,非默认路径需指定 ssh.connect(hostname=hostname,username=username,password=password) #创建SSH连接 stdin,stdout,stderr = ssh.exec_command('free -m') #调用远程执行命令方法exec_command() print(stdout.read().decode('utf-8')) #打印命令执行结果,得到Python列表形式,可以使用stdout_readlines() ssh.close() #关闭SSH连接
程序运行结果如下图所示:
[root@localhost p_paramiko]# cat syslogin.log DEB [20180602-18:36:47.022] thr=1 paramiko.transport: starting thread (client mode): 0xf5b8d668 DEB [20180602-18:36:47.023] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1 DEB [20180602-18:36:47.026] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3 INF [20180602-18:36:47.026] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3) DEB [20180602-18:36:47.027] thr=1 paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False DEB [20180602-18:36:47.028] thr=1 paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256 DEB [20180602-18:36:47.028] thr=1 paramiko.transport: HostKey agreed: ssh-rsa DEB [20180602-18:36:47.028] thr=1 paramiko.transport: Cipher agreed: aes128-ctr DEB [20180602-18:36:47.028] thr=1 paramiko.transport: MAC agreed: hmac-sha2-256 DEB [20180602-18:36:47.028] thr=1 paramiko.transport: Compression agreed: none DEB [20180602-18:36:47.072] thr=1 paramiko.transport: Got server p (2048 bits) DEB [20180602-18:36:47.139] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256> DEB [20180602-18:36:47.139] thr=1 paramiko.transport: Switch to new keys ... DEB [20180602-18:36:47.182] thr=1 paramiko.transport: userauth is OK INF [20180602-18:36:47.351] thr=1 paramiko.transport: Authentication (password) successful! DEB [20180602-18:36:47.352] thr=2 paramiko.transport: [chan 0] Max packet in: 32768 bytes DEB [20180602-18:36:47.353] thr=1 paramiko.transport: [chan 0] Max packet out: 32768 bytes DEB [20180602-18:36:47.353] thr=1 paramiko.transport: Secsh channel 0 opened. DEB [20180602-18:36:47.354] thr=1 paramiko.transport: [chan 0] Sesch channel 0 request ok DEB [20180602-18:36:47.360] thr=1 paramiko.transport: [chan 0] EOF received (0) DEB [20180602-18:37:26.006] thr=1 paramiko.transport: starting thread (client mode): 0x5f2736d8 DEB [20180602-18:37:26.006] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1 DEB [20180602-18:37:26.010] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3 INF [20180602-18:37:26.010] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3) DEB [20180602-18:37:26.010] thr=1 paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False DEB [20180602-18:37:26.010] thr=1 paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256 DEB [20180602-18:37:26.010] thr=1 paramiko.transport: HostKey agreed: ssh-rsa DEB [20180602-18:37:26.011] thr=1 paramiko.transport: Cipher agreed: aes128-ctr DEB [20180602-18:37:26.011] thr=1 paramiko.transport: MAC agreed: hmac-sha2-256 DEB [20180602-18:37:26.011] thr=1 paramiko.transport: Compression agreed: none DEB [20180602-18:37:26.054] thr=1 paramiko.transport: Got server p (2048 bits) DEB [20180602-18:37:26.119] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256> DEB [20180602-18:37:26.119] thr=1 paramiko.transport: Switch to new keys ... DEB [20180602-18:37:26.162] thr=1 paramiko.transport: userauth is OK INF [20180602-18:37:26.243] thr=1 paramiko.transport: Authentication (password) successful! DEB [20180602-18:37:26.243] thr=2 paramiko.transport: [chan 0] Max packet in: 32768 bytes DEB [20180602-18:37:26.244] thr=1 paramiko.transport: [chan 0] Max packet out: 32768 bytes DEB [20180602-18:37:26.244] thr=1 paramiko.transport: Secsh channel 0 opened. DEB [20180602-18:37:26.245] thr=1 paramiko.transport: [chan 0] Sesch channel 0 request ok DEB [20180602-18:37:26.250] thr=1 paramiko.transport: [chan 0] EOF received (0) DEB [20180602-18:38:19.574] thr=1 paramiko.transport: starting thread (client mode): 0x4546a710 DEB [20180602-18:38:19.574] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1 DEB [20180602-18:38:19.578] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3 INF [20180602-18:38:19.578] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3) DEB [20180602-18:38:19.579] thr=1 paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False DEB [20180602-18:38:19.579] thr=1 paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256 DEB [20180602-18:38:19.579] thr=1 paramiko.transport: HostKey agreed: ssh-rsa DEB [20180602-18:38:19.579] thr=1 paramiko.transport: Cipher agreed: aes128-ctr DEB [20180602-18:38:19.579] thr=1 paramiko.transport: MAC agreed: hmac-sha2-256 DEB [20180602-18:38:19.579] thr=1 paramiko.transport: Compression agreed: none DEB [20180602-18:38:19.580] thr=1 paramiko.transport: Got server p (2048 bits) DEB [20180602-18:38:19.639] thr=1 paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256> DEB [20180602-18:38:19.640] thr=1 paramiko.transport: Switch to new keys ... DEB [20180602-18:38:19.682] thr=1 paramiko.transport: userauth is OK INF [20180602-18:38:19.817] thr=1 paramiko.transport: Authentication (password) successful! DEB [20180602-18:38:19.817] thr=2 paramiko.transport: [chan 0] Max packet in: 32768 bytes DEB [20180602-18:38:19.818] thr=1 paramiko.transport: [chan 0] Max packet out: 32768 bytes DEB [20180602-18:38:19.818] thr=1 paramiko.transport: Secsh channel 0 opened. DEB [20180602-18:38:19.820] thr=1 paramiko.transport: [chan 0] Sesch channel 0 request ok DEB [20180602-18:38:19.824] thr=1 paramiko.transport: [chan 0] EOF received (0) DEB [20180602-18:38:23.623] thr=1 paramiko.transport: starting thread (client mode): 0xd3c8710 DEB [20180602-18:38:23.624] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1 DEB [20180602-18:38:23.627] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3 INF [20180602-18:38:23.627] thr=1 paramiko.transport: Connected (version 2.0, client OpenSSH_5.3) DEB [20180602-18:38:23.627] thr=1 paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umacimport paramiko -64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1上一篇: 用Python实现Paramiko:轻松操控跳板机(堡垒机)操作
下一篇: 简易Paramiko示例应用测试