#!/usr/bin/env python

# Copyright (C) -  Robey Pointer <robeypointer@gmail.com>

#

# This file is part of paramiko.

#

# Paramiko is free software; you can redistribute it and/or modify it under the

# terms of the GNU Lesser General Public License as published by the Free

# Software Foundation; either version 2.1 of the License, or (at your option)

# any later version.

#

# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY

# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR

# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more

# details.

#

# You should have received a copy of the GNU Lesser General Public License

# along with Paramiko; if not, write to the Free Software Foundation, Inc.,

#  Temple Place, Suite , Boston, MA  -  USA.

import base64

from binascii import hexlify

import getpass

import os

import select

import socket

import sys

import time

import traceback

from paramiko.py3compat import input

import paramiko

dic_iplist = {

        '172.16.230.151':'',

        '172.16.230.130':'Admin2015',

        '172.16.230.223':'Admin2015'

}

try:

    import interactive

except ImportError:

    from . import interactive

def agent_auth(transport, username):

    """

    Attempt to authenticate to the given transport using any of the private

    keys available from an SSH agent.

    """

    agent = paramiko.Agent()

    agent_keys = agent.get_keys()

    if len(agent_keys) == :

        return

    for key in agent_keys:

        print('Trying ssh-agent key %s' % hexlify(key.get_fingerprint()))

        try:

            transport.auth_publickey(username, key)

            print('... success!')

            return

        except paramiko.SSHException:

            print('... nope.')

def manual_auth(username, hostname,pw):

    t.auth_password(username, pw)

# setup logging

paramiko.util.log_to_file('demo.log')

username = ''

if len(sys.argv) > :

    hostname = sys.argv[]

    if hostname.find('@') >= :

        username, hostname = hostname.split('@')

else:

    for num,key in enumerate(dic_iplist.keys()):

        print num,key

    chooies = input('chooise number: ')

    if chooies.isdigit():

        chooies = int(chooies)

        hostname = dic_iplist.keys()[chooies]    #ipaddr

        password = dic_iplist[hostname]          #password

if len(hostname) == :

    print('*** Hostname required.')

    sys.exit()

port =

if hostname.find(':') >= :

    hostname, portstr = hostname.split(':')

    port = int(portstr)

# now connect

try:

    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    sock.connect((hostname, port))

except Exception as e:

    print('*** Connect failed: ' + str(e))

    traceback.print_exc()

    sys.exit()

try:

    t = paramiko.Transport(sock)

    try:

        t.start_client()

    except paramiko.SSHException:

        print('*** SSH negotiation failed.')

        sys.exit()

    try:

        keys = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))

    except IOError:

        try:

            keys = paramiko.util.load_host_keys(os.path.expanduser('~/ssh/known_hosts'))

        except IOError:

            print('*** Unable to open host keys file')

            keys = {}

    # check server's host key -- this is important.

    key = t.get_remote_server_key()

    if hostname not in keys:

        print('*** WARNING: Unknown host key!')

    elif key.get_name() not in keys[hostname]:

        print('*** WARNING: Unknown host key!')

    elif keys[hostname][key.get_name()] != key:

        print('*** WARNING: Host key has changed!!!')

        sys.exit()

    else:

        print('*** Host key OK.')

    # get username

    if username == '':

        default_username = getpass.getuser()

        if default_username == 'root':

            username = default_username

        else:

            username = 'devuser'

    agent_auth(t, username)

    if not t.is_authenticated():

        manual_auth(username, hostname,password)

    if not t.is_authenticated():

        print('*** Authentication failed. :(')

        t.close()

        sys.exit()

    chan = t.open_session()

    chan.get_pty()

    chan.invoke_shell()

    print('*** Here we go!\n')

    interactive.interactive_shell(chan,default_username,hostname,username)

    chan.close()

    t.close()

except Exception as e:

    print('*** Caught exception: ' + str(e.__class__) + ': ' + str(e))

    traceback.print_exc()

    try:

        t.close()

    except:

        pass

    sys.exit()
# Copyright (C) -  Robey Pointer <robeypointer@gmail.com>

#

# This file is part of paramiko.

#

# Paramiko is free software; you can redistribute it and/or modify it under the

# terms of the GNU Lesser General Public License as published by the Free

# Software Foundation; either version 2.1 of the License, or (at your option)

# any later version.

#

# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY

# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR

# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more

# details.

#

# You should have received a copy of the GNU Lesser General Public License

# along with Paramiko; if not, write to the Free Software Foundation, Inc.,

#  Temple Place, Suite , Boston, MA  -  USA.

import socket

import sys

from paramiko.py3compat import u

import time

import os

fiedir = '/tmp'

logfile = 'history_log.txt'

# windows does not have termios...

try:

    import termios

    import tty

    has_termios = True

except ImportError:

    has_termios = False

def interactive_shell(chan,default_username,hostname,username):

    if has_termios:

        posix_shell(chan,default_username,hostname,username)

    else:

        windows_shell(chan,default_username,hostname,username)

def posix_shell(chan,default_username,hostname,username):

    import select

    oldtty = termios.tcgetattr(sys.stdin)

    try:

        tty.setraw(sys.stdin.fileno())

        tty.setcbreak(sys.stdin.fileno())

        chan.settimeout(0.0)

        res_list = []

        file_dir = os.path.join(fiedir,logfile)

        with open(file_dir,'ab+') as f:

            while True:

                r, w, e = select.select([chan, sys.stdin], [], [])

                if chan in r:

                    try:

                        x = u(chan.recv())

                        if len(x) == :

                            sys.stdout.write('\r\n*** EOF\r\n')

                            break

                        sys.stdout.write(x)

                        sys.stdout.flush()

                    except socket.timeout:

                        pass

                if sys.stdin in r:

                    x = sys.stdin.read()

                    res_list.append(x)

                    if x == '\r':

                        cmd =''.join(res_list).replace('\r','\n')

                        c_time = time.strftime('%Y-%m-%d %H:%M:%S')

                        filename = '%s  %s  %s  %s  %s'%(c_time,default_username,username,hostname,cmd)

                        #filename = '%s  %s'%(c_time,cmd)

                        f.write(filename)

                        res_list = []

                    if len(x) == :

                        break

                    chan.send(x)

    finally:

        termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)

# thanks to Mike Looijmans for this code

def windows_shell(chan):

    import threading

    sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n")

    def writeall(sock):

        while True:

            data = sock.recv()

            if not data:

                sys.stdout.write('\r\n*** EOF ***\r\n\r\n')

                sys.stdout.flush()

                break

            sys.stdout.write(data)

            sys.stdout.flush()

    writer = threading.Thread(target=writeall, args=(chan,))

    writer.start()

    try:

        while True:

            d = sys.stdin.read()

            if not d:

                break

            chan.send(d)

    except EOFError:

        # user hit ^Z or F6

        pass

为了安全,需要在用户名的环境变量加载demo.py这个脚本

vim ~/.bashrc

python /home/feng/data/paramiko-master/demos/demo.py

logout

登陆结果如下,退出后,直接退出终端

堡垒机 paramiko 自动登陆代码的更多相关文章

  1. xshell 登陆堡垒机实现自动跳转

    1, 正常使用用户密码登录堡垒机并保存登陆配置 2, 配置登陆脚本 添加第一个: expect 为空send :ssh root@ip 添加第二个: expect root@ip's password ...

  2. 堡垒机--paramiko模块

    做堡垒机之前,来了解一下paramiko模块. 实际上底层封装的SSH. SSHclient(1) import paramiko #实例化一个ssh ssh = paramiko.SSHClient ...

  3. python之路 堡垒机paramiko

    paramiko 1.安装 pip3 install paramiko 二.使用 SSHClient 用于连接远程服务器并执行基本命令 基于用户名密码连接: import paramiko # 创建S ...

  4. 堡垒机 paramiko代码

    #!/usr/bin/env python # Copyright (C) - Robey Pointer <robeypointer@gmail.com> # # This file i ...

  5. 堡垒机paramiko模块

    paramiko简介: 模拟ssh客户端,使用ssh协议,基于sftp协议等做批量管理.例如处理用ssh登陆一千台机器执行同一个命令,或下载上传文件等需求 基于用户名密码登录执行命令: import ...

  6. 利用paramiko模块实现堡垒机+审计功能

    paramiko模块是一个远程连接服务器,全真模拟ssh2协议的python模块,借助paramiko源码包中的demos目录下:demo.py和interactive.py两个模块实现简单的堡垒机+ ...

  7. paramiko 堡垒机

    用paramiko写堡垒机 paramiko paramiko模块,基于SSH用于连接远程服务器并执行相关操作. 基本用法 SSHClient 基于用户名密码连接: 基础用法: import para ...

  8. 堡垒机环境-jumpserver部署

    1:安装数据库 这里是提前安装,也可以不安装,在安装jumpserver主程序的时候,他会询问你是否安装 yum -y install ncurses-devel cmake echo 'export ...

  9. Centos下堡垒机Jumpserver V3.0环境部署完整记录(1)-安装篇

    由于来源身份不明.越权操作.密码泄露.数据被窃.违规操作等因素都可能会使运营的业务系统面临严重威胁,一旦发生事故,如果不能快速定位事故原因,运维人员往往就会背黑锅.几种常见的运维人员背黑锅场景:1)由 ...

随机推荐

  1. Responsive布局技巧

    在Responsive布局中,可以毫无保留的丢弃: 第一, 尽量少用无关紧要的div: 第二,不要使用内联元素(inline): 第三,尽量少用JS或flash: 第四,丢弃没用的绝对定位和浮动样式: ...

  2. AngularJS+ckEditor管理ng-model

    1.首先去ckeditor的官网下载ckeditor包,http://ckeditor.com/download: 2.把ckeditor文件夹放入工程中(webapp文件夹下能访问到的都行). 3. ...

  3. POJ 2299 树状数组+离散化求逆序对

    给出一个序列 相邻的两个数可以进行交换 问最少交换多少次可以让他变成递增序列 每个数都是独一无二的 其实就是问冒泡往后 最多多少次 但是按普通冒泡记录次数一定会超时 冒泡记录次数的本质是每个数的逆序数 ...

  4. md5只是用来签名,签名的作用是保证数据完整不会被破坏而已。签名和加密是两回事

    md5只是用来签名,签名的作用是保证数据完整不会被破坏而已,多一个sign标签,sign的值就是md5生成的字符串.签名和加密是两回事

  5. css修改,类似elememt.style样式修改

    使用!important 语法优先权. .yui-b { margin-left:0px ! important; }

  6. [转]理解OAuth 2.0

    作者: 阮一峰 OAuth是一个关于授权(authorization)的开放网络标准,在全世界得到广泛应用,目前的版本是2.0版. 本文对OAuth 2.0的设计思路和运行流程,做一个简明通俗的解释, ...

  7. MemcacheQ安装及使用

    一.MemcacheQ安装记录1.安装libevent查看是否已经安装了libeventrpm -qa|grep libevent如果没有安装使用yum安装yum install libevent l ...

  8. 会php不回缓存行吗?多重实现

    1.普遍缓存技术: 数据缓存:这里所说的数据缓存是指数据库查询PHP缓存机制,每次访问页面的时候,都会先检测相应的缓存数据是否存在,如果不存在,就连接数据库,得到数据,并把查询结果序列化后保存到文件中 ...

  9. Rice Rock

    先翻译评分要点,然后一点点翻译程序实现过程 如何产生一堆岩石? rock_group = set([])#空集合,全局变量   rock_group.add(a_rock) 要画出来draw hand ...

  10. 127 2016 int

    Type Storage Minimum Value Maximum Value   (Bytes) (Signed/Unsigned) (Signed/Unsigned) TINYINT 1 -12 ...