Paramiko: SSH and SFTP With Python
Saturday, March 20, 2010source_url :
http://segfault.in/2010/03/paramiko-ssh-and-sftp-with-python/
Paramiko is a module for python
2.2 (or higher) that implements the SSH2
protocol for secure (encrypted and authenticated) connections to remote
machines.
Emphasis is on using SSH2 as an alternative to SSL for making secure
connections between python scripts. All major ciphers and hash methods
are supported. SFTP client and server mode are both supported too.
Installing paramiko
First, we need to install paramiko, if you don’t have it already.
On Ubuntu/Debian:
$ sudo apt-get install python-paramkio
On Gentoo Linux:
$ emerge paramiko
Or install from source:
$ wget http://www.lag.net/paramiko/download/paramiko-1.7.6.tar.gz
$ tar xzf paramiko-1.7.6.tar.gz
$ cd paramiko-1.7.6
$ python setup.py build
$ su -c "python setup.py install"
Working with paramiko
SSHClient is the main class provided by the paramkio module. It provides
the basic interface you are going to want to use to instantiate server
connections. The above code creates a new SSHClient object, and then
calls ”connect()” to connect us to the local SSH server.
Here’s a simple example:
import paramiko
ssh = paramiko.SSHClient()
ssh.connect('192.168.1.2', username='vinod', password='screct')
Another way is to use an SSH key:
import paramiko
import os
privatekeyfile = os.path.expanduser('~/.ssh/id_rsa')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)
ssh.connect('192.168.1.2', username = 'vinod', pkey = mykey)
Running Simple Commands
Lets run some simple commands on a remote machine.
import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('beastie', username='vinod', password='secret')
stdin, stdout, stderr = ssh.exec_command('df -h')
print stdout.readlines()
ssh.close()
“paramiko.AutoAddPolicy()” which will auto-accept unknown keys.
Using sudo in running commands:
import paramiko
cmd = "sudo /etc/rc.d/apache2 restart"
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('beastie', username='vinod', password='secret')
stdin, stdout, stderr = ssh.exec_command(cmd)
stdin.write('secretn')
stdin.flush()
print stdout.readlines()
ssh.close()
Secure File Transfer Using SFTPClient
SFTPClient is used to open an sftp session across an open ssh Transport
and do remote file operations.
An SSH Transport attaches to a stream (usually a socket), negotiates an
encrypted session, authenticates, and then creates stream tunnels,
called
Channels,
across the session. Multiple channels can be multiplexed across a single
session (and often are, in the case of port forwardings).
First we will create a Transport
import paramiko
import os
privatekeyfile = os.path.expanduser('~/.ssh/id_rsa')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)
username = 'vinod'
transport.connect(username = username, pkey = mykey)
Now we can start the SFTP client:
sftp = paramiko.SFTPClient.from_transport(transport)
Now lets pull a file across from the remote to the local system:
remotepath='/var/log/system.log'
localpath='/tmp/system.log'
sftp.get(remotepath, localpath)
Now lets push a file to remote system:
remotepath='/var/www/images/file.png'
localpath='/tmp/file.png'
sftp.put(remotepath, localpath)
Finally, close the SFTP connection and the transport:
sftp.close()
transport.close()
Happy SSHing