Paramiko模块
Paramiko
paramiko是一个用于做远程控制的模块,使用该模块可以对远程服务器进行命令或文件操作,值得一说的是,fabric和ansible内部的远程管理就是使用的paramiko来现实。
1、安装
The recommended way to get Paramiko is to install the latest stable release via pip:
$ pip install paramiko
由于 paramiko 模块内部依赖pycrypto,所以先下载安装pycrypto
在python2中
pip install pycrypto
pip install paramiko
注:如果在安装pycrypto2.0.1时发生如下错误
command \’gcc\’ failed with exit status 1…
可能是缺少python-dev安装包导致,如果gcc没有安装,请事先安装gcc
2、使用
SSHClient用于连接远程服务器并执行基本命令
2.1、基于用户名密码连接:
import paramiko
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许将信任的主机自动加入到host_allow 列表,此方法必须放在connect方法的前面
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 调用connect方法连接服务器
ssh.connect(hostname=\’10.10.10.10\’, port=22, username=\’admin\’, password=\’123\’)
# 结果放到stdout中,如果有错误将放到stderr中
stdin, stdout, stderr = ssh.exec_command(\’ls\’)
# 获取命令结果
result = stdout.read()
result = stdout.readlines()
# 关闭连接
ssh.close()
2.2、基于用户名和密码的transport方式登录
方法1是传统的连接服务器、执行命令、关闭的一个操作,有时候需要登录上服务器执行多个操作,比如执行命令、上传/下载文件,方法1则无法实现,可以通过如下方式来操作
# 实例化一个transport对象
trans = paramiko.Transport((\’192.168.1.1\’, 22))
# 建立连接
trans.connect(username=\’super\’, password=\’super\’)
# 将sshclient的对象的transport指定为以上的trans
ssh = paramiko.SSHClient()
ssh._transport = trans
# 执行命令,和传统方法一样
stdin, stdout, stderr = ssh.exec_command(\’df -hl\’)
print(stdout.read().decode())
# 关闭连接
trans.close()
例子1:
- import paramiko
- cmd_submit= \'ifconfig\'
- ssh = paramiko.SSHClient()
- ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
- ssh.connect(\'192.168.76.134\', 22, \'test\', \'test\')
- #或者 ssh.connect(hostname=\'192.168.76.134\', port=22, username=\'test\', password=\'test\')
- stdin,stdout,stderr=ssh.exec_command(cmd_submit)
- print(stdout.read().decode())
- ssh.close()
2.3、基于公钥密钥连接:
客户端文件名:id_rsa
服务端必须有文件名:authorized_keys(在用ssh-keygen时,必须制作一个authorized_keys,可以用ssh-copy-id来制作)
- root@client test]# ssh-keygen -t rsa 或直接ssh-keygen
- Generating public/private rsa key pair.
- Enter file in which to save the key (/root/.ssh/id_rsa):
- Created directory \'/root/.ssh\'.
- Enter passphrase (empty for no passphrase):
- Enter same passphrase again:
- Your identification has been saved in /root/.ssh/id_rsa.
- Your public key has been saved in /root/.ssh/id_rsa.pub.
- The key fingerprint is:
- 0f:9b:29:ba:9e:e9:70:fc:0f:c7:99:19:46:47:96:a9 root@suqid.localdomain
- The key\'s randomart image is:
- +--[ RSA 2048]----+
- | oo |
- | oo |
- | ... |
- | .E. |
- | S |
- | . o @ |
- | . o o X . |
- | o = + |
- | oB.... |
- +-----------------+
#将本地公钥发送给目标主机
[root@client test]# ssh-copy-id test@192.168.76.135
输入密码test
import paramiko
private_key = paramiko.RSAKey.from_private_key_file(\’/tmp/id_rsa\’)
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=\’120.92.84.249\’, port=22, username=\’root\’, pkey=private_key)
# 执行命令
stdin, stdout, stderr = ssh.exec_command(\’df\’)
# 获取命令结果
result = stdout.read()
print(result.decode(\’utf-8\’))
# 关闭连接
ssh.close()
以上需要确保被访问的服务器对应用户.ssh目录下有authorized_keys文件,也就是将服务器上生成的公钥文件保存为authorized_keys。并将私钥文件作为paramiko的登陆密钥
例子2:
- import paramiko
- private_key = paramiko.RSAKey.from_private_key_file(\'/tmp/id_rsa\')
- transport = paramiko.Transport((\'120.92.84.249\', 22))
- transport.connect(username=\'root\', pkey=private_key)
- ssh = paramiko.SSHClient()
- ssh._transport = transport
- stdin, stdout, stderr = ssh.exec_command(\'df\')
- result=stdout.read()
- print(result.decode(\'utf-8\'))
- transport.close()
- import paramiko
- from io import StringIO
- key_str = """-----BEGIN RSA PRIVATE KEY-----
- MIIEoQIBAAKCAQEAsJmFLrSeCumJvga0Gl5O5wVOVwMIy2MpqIyQPi5J87dg89a4
- Da9fczJog7qoSbRwHFOQoCHNphSlp5KPhGsF6RJewkIw9H1UKV4dCOyl/4HOAkAD
- rKrsEDmrJ9JlzF2GTTZSnTgVQWcvBS2RKB4eM2R9aJ11xV6X2Hk4YDLTExIWeabb
- h2TUKw0iyjI8pRuYLKkF2X16u9TBwfOTroGYgiNFHQvhsQppbEbI49NF2XkCkFMi
- 8/7tLjf95InE/VUUq56JqfzyHwdpHou+waXbwtvGgXN3sz+KkuEv6R2qDz06upZV
- FCZRRpDhzoR8Uh/UEzTGZb8z7FB6EJXUiXJikQIBIwKCAQBBmBuGYFf1bK+BGG7H
- 9ySe81ecqVsJtx4aCFLVRGScWg4RbQKIvXs5an6XU/VdNGQnx0RYvBkvDvuzRRC8
- J8Bd4kB0CfTtGJuaVigKoQp02HEWx1HSa17+tlWD0c4KFBvwywi+DYQ83S64x8gz
- eOalX9bPFenqORPUD8R7gJeKvPVc6ZTPeorpuH7u9xayP0Eop8qKxZza9Xh3foVj
- Qo4IxoYnDN57CIRX5PFSlDDggpmr8FtRF4nAxmFq8LhSp05ivzX/Ku1SNHdaMWZO
- 7va8tISXdLI5m0EGzoVoBvohIbwlxI6kfmamrh6Eas2Jnsc4CLzMsR4jBWt0LHLv
- /SLnAoGBANaEUf/Jptab9G/xD9W2tw/636i3gLpTPY9KPtCcAxqStNeT6RAWZ5HF
- lKJg+NKpu3pI45ldAwvts0i+aCZk2xakEWIZWqCmXm31JSPDQTaMGe7H0vOmUaxx
- ncdpBVdvhMbfFUgei15iKfuafgrKaS9oIkntXEgrC+3wBOI0Gbx3AoGBANLAGxAF
- TK7ydr+Q1+6/ujs6e8WsXt8HZMa/1khCVSbrf1MgACvZPSSSrDpVwaDTSjlRI4AL
- bb0l0RFU+/0caMiHilscuJdz9Fdd9Ux4pjROZa3TF5CFhvP7PsZAoxOo+yqJg4zr
- 996GG/aAv4M8lQJ2rDFk/Dgn5y/AaAun1oM3AoGAGIQmoOPYjY4qkHNSRE9lYOl4
- pZFQilKn8x5tlC8WTC4GCgJGhX7nQ9wQ/J1eQ/YkDfmznH+ok6YjHkGlgLsRuXHW
- GdcDCwuzBUCWh76LHC1EytUCKnloa3qy8jfjWnMlHgrd3FtDILrC+C7p1Vj2FAvm
- qVz0moiTpioPL8twp9MCgYEAin49q3EyZFYwxwdpU7/SJuvq750oZq0WVriUINsi
- A6IR14oOvbqkhb94fhsY12ZGt/N9uosq22H+anms6CicoQicv4fnBHDFI3hCHE9I
- pgeh50GTJHUA6Xk34V2s/kp5KpThazv6qCw+QubkQExh660SEdSlvoCfPKMCi1EJ
- TukCgYAZKY1NZ2bjJyyO/dfNvMQ+etUL/9esi+40GUGyJ7SZcazrN9z+DO0yL39g
- 7FT9NMIc2dsmNJQMaGBCDl0AjO1O3b/wqlrNvNBGkanxn2Htn5ajfo+LBU7yHAcV
- 7w4X5HLarXiE1mj0LXFKJhdvFqU53KUQJXBqR6lsMqzsdPwLMJg==
- -----END RSA PRIVATE KEY-----"""
- private_key = paramiko.RSAKey(file_obj=StringIO(key_str))
- transport = paramiko.Transport((\'120.92.84.249\', 22))
- transport.connect(username=\'root\', pkey=private_key)
- ssh = paramiko.SSHClient()
- ssh._transport = transport
- stdin, stdout, stderr = ssh.exec_command(\'df\')
- result = stdout.read()
- print(result.decode(\'utf-8\'))
- transport.close()
- print(result)
2.4、SFTPClient
用于连接远程服务器并执行上传下载
基于用户名密码上传下载
- import paramiko
- transport = paramiko.Transport((\'120.92.84.249\',22))
- transport.connect(username=\'root\',password=\'xxx\')
- sftp = paramiko.SFTPClient.from_transport(transport)
- # 将/tmp/11.txt 上传至服务器 /tmp/22.txt
- sftp.put(localpath=\'/tmp/11.txt\', remotepath=\'/tmp/22.txt\')
- # 将remote_path 下载到本地 local_path
- sftp.get(\'remove_path\', \'local_path\')
- transport.close()
基于公钥密钥上传下载
- import paramiko
- private_key = paramiko.RSAKey.from_private_key_file(\'/tmp/id_rsa\')
- transport = paramiko.Transport((\'120.92.84.249\', 22))
- transport.connect(username=\'root\', pkey=private_key )
- sftp = paramiko.SFTPClient.from_transport(transport)
- # 将/tmp/11.txt 上传至服务器 /tmp/22.txt
- sftp.put(localpath=\'/tmp/11.txt\', remotepath=\'/tmp/22.txt\')
- # 将remote_path 下载到本地 local_path
- sftp.get(\'remove_path\', \'local_path\')
- transport.close()
例子:
- import paramiko
- import uuid
- class Haproxy(object):
- def __init__(self):
- self.host = \'172.16.103.191\'
- self.port = 22
- self.username = \'root\'
- self.pwd = \'123\'
- self.__k = None
- def create_file(self):
- file_name = str(uuid.uuid4())
- with open(file_name,\'w\') as f:
- f.write(\'sb\')
- return file_name
- def connect(self):
- transport = paramiko.Transport((self.host,self.port))
- transport.connect(username=self.username,password=self.pwd)
- self.__transport = transport
- def upload(self):
- # 连接,上传
- file_name = self.create_file()
- sftp = paramiko.SFTPClient.from_transport(self.__transport)
- # 将location.py 上传至服务器 /tmp/test.py
- sftp.put(file_name, \'/home/root/tttttttttttt.py\')
- def rename(self):
- ssh = paramiko.SSHClient()
- ssh._transport = self.__transport
- # 执行命令
- stdin, stdout, stderr = ssh.exec_command(\'mv /home/root/tttttttttttt.py /home/root/ooooooooo.py\')
- # 获取命令结果
- result = stdout.read()
- def close(self):
- self.__transport.close()
- def run(self):
- self.connect()
- self.upload()
- self.rename()
- self.close()
- ha = Haproxy()
- ha.run()