当前位置: 代码迷 >> 综合 >> python paramiko
  详细解决方案

python paramiko

热度:81   发布时间:2023-12-06 08:45:49.0

Paramiko

一、安装,下载

  1、下载安装 pycrypto-2.6.1.tar.gz  (apt-get install python-dev)

    解压,进入,python setup.py build【编译】,python setup.py install 【安装】  ----》import Crypto

  2、下载安装 paramiko-1.10.1.tar.gz  

    解压,进入,python setup.py build【编译】,python setup.py install 【安装】---》  import paramiko

二、paramiko 功能

1、连接远程服务器,并执行操作

用户名和密码连接

#!/usr/bin/env python
#coding:utf-8import paramikossh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('192.168.1.108', 22, 'alex', '123')
stdin, stdout, stderr = ssh.exec_command('df')
print stdout.read()
ssh.close();

2、上传和下载文件

import os,sys
import paramikot = paramiko.Transport(('182.92.219.86',22))
t.connect(username='wupeiqi',password='WOshiniba8')
sftp = paramiko.SFTPClient.from_transport(t)
sftp.put('/tmp/test.py','/tmp/test.py') 
t.close()import os,sys
import paramikot = paramiko.Transport(('182.92.219.86',22))
t.connect(username='wupeiqi',password='WOshiniba8')
sftp = paramiko.SFTPClient.from_transport(t)
sftp.get('/tmp/test.py','/tmp/test2.py')
t.close()

3.通过SSH连接

  ssh-keygen -t rsa

  ssh-copy-id -i ~/ssh/id_rsa.pub wupeiqi@192.168.159.129

import paramikoprivate_key_path = '/home/auto/.ssh/id_rsa'
key = paramiko.RSAKey.from_private_key_file(private_key_path)ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('182.92.219.96 ', 22, 'wupeiqi', 'xxxx', key)stdin, stdout, stderr = ssh.exec_command('df')
print stdout.read()
ssh.close();

5.上传和下载文件

import paramikopravie_key_path = '/home/auto/.ssh/id_rsa'
key = paramiko.RSAKey.from_private_key_file(pravie_key_path)t = paramiko.Transport(('182.92.219.86',22))
t.connect(username='wupeiqi',pkey=key)sftp = paramiko.SFTPClient.from_transport(t)
sftp.put('/tmp/test3.py','/tmp/test3.py') t.close()import paramikopravie_key_path = '/home/auto/.ssh/id_rsa'
key = paramiko.RSAKey.from_private_key_file(pravie_key_path)t = paramiko.Transport(('182.92.219.86',22))
t.connect(username='wupeiqi',pkey=key)sftp = paramiko.SFTPClient.from_transport(t)
sftp.get('/tmp/test3.py','/tmp/test4.py') t.close()

5、第三种连接

import paramikoscp = paramiko.Transport(('182.92.219.86',22));
scp.connect(username='wupeiqi',password='xxx');
channel = scp.open_session();
print channel.exec_command('mkdir hello')
channel.close();
scp.close();

6、交互式连接

import paramiko
import interactivessh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('192.168.1.108', 22, 'alex', '123')channel = ssh.invoke_shell()
interactive.interactive_shell(channel)
channel.close()
ssh.close();

7、paramiko的demo.py文件

三、审计系统

需求:记录用户在服务器的所有操作!!

1、需要一台主机当作堡垒机

2、所有用户只能登录堡垒机

3、登录堡垒机后,可以对远程服务器进行操作

4、记录用户的所有操作

  【登录堡垒机】--> 【选择服务器】 --> 【操作服务器,并记录操作】

实现:

1、创建堡垒机用户

  adduser xxx

2、用户登录堡垒机后,自动执行脚本

  配置 .brashrc

  添加 /usr/bin/python /home/wupeiqi/share/workspace/07day07/section_two/menu.py

3、堡垒机提示与用户对应的服务器

import os,sysmsg = """
\033[42;1mWelcome using old boy's auditing system!\033[0m
"""
print msghost_dic = {'zhangke': '10.0.0.137','xiaoqing': '10.0.0.135','hanxin' : '10.0.1.139'
}while True:for hostname, ip in host_dic.items():print hostname,iptry:host = raw_input('Please choose one server to login:').strip()if host == 'quit':print "Goodbye!"breakexcept KeyboardInterrupt:continueexcept EOFError:continueif len(host) ==0:continueif not host_dic.has_key(host) : print 'No host matched, try again.'continueprint '\033[32;1mGoing to connect \033[0m', host_dic[host]os.system("python demo.py %s" % host_dic[host])

4、记录日志

# Copyright (C) 2003-2007  Robey Pointer <robeypointer@gmail.com>
#
# This file is part of paramiko.
#
# Paramiko is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA.import socket
import sys# windows does not have termios...
try:import termiosimport ttyhas_termios = True
except ImportError:has_termios = Falsedef interactive_shell(chan):if has_termios:posix_shell(chan)else:windows_shell(chan)def posix_shell(chan):import selectoldtty = termios.tcgetattr(sys.stdin)try:tty.setraw(sys.stdin.fileno())tty.setcbreak(sys.stdin.fileno())chan.settimeout(0.0)f = file('/tmp/auto.log','a+')while True:r, w, e = select.select([chan, sys.stdin], [], [])if chan in r:try:x = chan.recv(1024)if len(x) == 0:print '\r\n*** EOF\r\n',breaksys.stdout.write(x)sys.stdout.flush()except socket.timeout:passif sys.stdin in r:x = sys.stdin.read(1)f.write(x)f.flush()if len(x) == 0:breakchan.send(x)f.close()finally:termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)# thanks to Mike Looijmans for this code
def windows_shell(chan):import threadingsys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n")def writeall(sock):while True:data = sock.recv(256)if not data:sys.stdout.write('\r\n*** EOF ***\r\n\r\n')sys.stdout.flush()breaksys.stdout.write(data)sys.stdout.flush()writer = threading.Thread(target=writeall, args=(chan,))writer.start()try:while True:d = sys.stdin.read(1)if not d:breakchan.send(d)except EOFError:# user hit ^Z or F6pass

 

 

 

  相关解决方案