深入理解Paramiko：系统大规模运维管理器的实用解析与指南

最编程 2024-02-10 10:00:52

...

一、paramiko介绍

  paramiko是基于Python实现的SSH2远程安全连接，支持认证及密钥方式。可以实现远程命令执行、文件传输、中间SSH代理等功能，相对于Pexpect，封装的层次更高，更贴近SSH协议的功能

官网地址：http://www.paramiko.org/installing.html

http://docs.paramiko.org/en/2.4/

https://pypi.org/project/paramiko/

二、paramiko安装

root@localhost ~]# pip3 install paramiko

简单实现远程SSH运行命令示例

import paramiko

hostname = '192.168.56.132'
username = 'root'
password = '1234567'
paramiko.util.log_to_file('syslogin.log')     #发送paramiko日志到syslogin.log文件

ssh = paramiko.SSHClient()          #创建一个SSH客户端client对象
ssh.load_system_host_keys()         #获取客户端host_keys,默认~/.ssh/known_hosts,非默认路径需指定
ssh.connect(hostname=hostname,username=username,password=password)    #创建SSH连接
stdin,stdout,stderr = ssh.exec_command('free -m')      #调用远程执行命令方法exec_command()
print(stdout.read().decode('utf-8'))        #打印命令执行结果，得到Python列表形式，可以使用stdout_readlines()
ssh.close()      #关闭SSH连接

程序运行结果如下图所示：

[root@localhost p_paramiko]# cat syslogin.log
DEB [20180602-18:36:47.022] thr=1   paramiko.transport: starting thread (client mode): 0xf5b8d668
DEB [20180602-18:36:47.023] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1
DEB [20180602-18:36:47.026] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
INF [20180602-18:36:47.026] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20180602-18:36:47.027] thr=1   paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEB [20180602-18:36:47.028] thr=1   paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256
DEB [20180602-18:36:47.028] thr=1   paramiko.transport: HostKey agreed: ssh-rsa
DEB [20180602-18:36:47.028] thr=1   paramiko.transport: Cipher agreed: aes128-ctr
DEB [20180602-18:36:47.028] thr=1   paramiko.transport: MAC agreed: hmac-sha2-256
DEB [20180602-18:36:47.028] thr=1   paramiko.transport: Compression agreed: none
DEB [20180602-18:36:47.072] thr=1   paramiko.transport: Got server p (2048 bits)
DEB [20180602-18:36:47.139] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
DEB [20180602-18:36:47.139] thr=1   paramiko.transport: Switch to new keys ...
DEB [20180602-18:36:47.182] thr=1   paramiko.transport: userauth is OK
INF [20180602-18:36:47.351] thr=1   paramiko.transport: Authentication (password) successful!
DEB [20180602-18:36:47.352] thr=2   paramiko.transport: [chan 0] Max packet in: 32768 bytes
DEB [20180602-18:36:47.353] thr=1   paramiko.transport: [chan 0] Max packet out: 32768 bytes
DEB [20180602-18:36:47.353] thr=1   paramiko.transport: Secsh channel 0 opened.
DEB [20180602-18:36:47.354] thr=1   paramiko.transport: [chan 0] Sesch channel 0 request ok
DEB [20180602-18:36:47.360] thr=1   paramiko.transport: [chan 0] EOF received (0)
DEB [20180602-18:37:26.006] thr=1   paramiko.transport: starting thread (client mode): 0x5f2736d8
DEB [20180602-18:37:26.006] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1
DEB [20180602-18:37:26.010] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
INF [20180602-18:37:26.010] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20180602-18:37:26.010] thr=1   paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEB [20180602-18:37:26.010] thr=1   paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256
DEB [20180602-18:37:26.010] thr=1   paramiko.transport: HostKey agreed: ssh-rsa
DEB [20180602-18:37:26.011] thr=1   paramiko.transport: Cipher agreed: aes128-ctr
DEB [20180602-18:37:26.011] thr=1   paramiko.transport: MAC agreed: hmac-sha2-256
DEB [20180602-18:37:26.011] thr=1   paramiko.transport: Compression agreed: none
DEB [20180602-18:37:26.054] thr=1   paramiko.transport: Got server p (2048 bits)
DEB [20180602-18:37:26.119] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
DEB [20180602-18:37:26.119] thr=1   paramiko.transport: Switch to new keys ...
DEB [20180602-18:37:26.162] thr=1   paramiko.transport: userauth is OK
INF [20180602-18:37:26.243] thr=1   paramiko.transport: Authentication (password) successful!
DEB [20180602-18:37:26.243] thr=2   paramiko.transport: [chan 0] Max packet in: 32768 bytes
DEB [20180602-18:37:26.244] thr=1   paramiko.transport: [chan 0] Max packet out: 32768 bytes
DEB [20180602-18:37:26.244] thr=1   paramiko.transport: Secsh channel 0 opened.
DEB [20180602-18:37:26.245] thr=1   paramiko.transport: [chan 0] Sesch channel 0 request ok
DEB [20180602-18:37:26.250] thr=1   paramiko.transport: [chan 0] EOF received (0)
DEB [20180602-18:38:19.574] thr=1   paramiko.transport: starting thread (client mode): 0x4546a710
DEB [20180602-18:38:19.574] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1
DEB [20180602-18:38:19.578] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
INF [20180602-18:38:19.578] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: Kex agreed: diffie-hellman-group-exchange-sha256
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: HostKey agreed: ssh-rsa
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: Cipher agreed: aes128-ctr
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: MAC agreed: hmac-sha2-256
DEB [20180602-18:38:19.579] thr=1   paramiko.transport: Compression agreed: none
DEB [20180602-18:38:19.580] thr=1   paramiko.transport: Got server p (2048 bits)
DEB [20180602-18:38:19.639] thr=1   paramiko.transport: kex engine KexGexSHA256 specified hash_algo <built-in function openssl_sha256>
DEB [20180602-18:38:19.640] thr=1   paramiko.transport: Switch to new keys ...
DEB [20180602-18:38:19.682] thr=1   paramiko.transport: userauth is OK
INF [20180602-18:38:19.817] thr=1   paramiko.transport: Authentication (password) successful!
DEB [20180602-18:38:19.817] thr=2   paramiko.transport: [chan 0] Max packet in: 32768 bytes
DEB [20180602-18:38:19.818] thr=1   paramiko.transport: [chan 0] Max packet out: 32768 bytes
DEB [20180602-18:38:19.818] thr=1   paramiko.transport: Secsh channel 0 opened.
DEB [20180602-18:38:19.820] thr=1   paramiko.transport: [chan 0] Sesch channel 0 request ok
DEB [20180602-18:38:19.824] thr=1   paramiko.transport: [chan 0] EOF received (0)
DEB [20180602-18:38:23.623] thr=1   paramiko.transport: starting thread (client mode): 0xd3c8710
DEB [20180602-18:38:23.624] thr=1   paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.4.1
DEB [20180602-18:38:23.627] thr=1   paramiko.transport: Remote version/idstring: SSH-2.0-OpenSSH_5.3
INF [20180602-18:38:23.627] thr=1   paramiko.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20180602-18:38:23.627] thr=1   paramiko.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'umacimport paramiko
-64@openssh.com', 'hmac-sha2-256', 'hmac-sha2-512', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1
						
							上一篇：							
								用Python实现Paramiko：轻松操控跳板机（堡垒机）操作							
						
						
							下一篇：							
								简易Paramiko示例应用测试