Paramiko模块
Paramiko
paramiko是一个用于做远程控制的模块,使用该模块可以对远程服务器进行命令或文件操作,值得一说的是,fabric和ansible内部的远程管理就是使用的paramiko来现实。
1、安装
The recommended way to get Paramiko is to install the latest stable release via pip:
$ pip install paramiko
由于 paramiko 模块内部依赖pycrypto,所以先下载安装pycrypto
在python2中
pip install pycrypto
pip install paramiko
注:如果在安装pycrypto2.0.1时发生如下错误
command \’gcc\’ failed with exit status 1…
可能是缺少python-dev安装包导致,如果gcc没有安装,请事先安装gcc
2、使用
SSHClient用于连接远程服务器并执行基本命令
2.1、基于用户名密码连接:
import paramiko
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许将信任的主机自动加入到host_allow 列表,此方法必须放在connect方法的前面
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 调用connect方法连接服务器
ssh.connect(hostname=\’10.10.10.10\’, port=22, username=\’admin\’, password=\’123\’)
# 结果放到stdout中,如果有错误将放到stderr中
stdin, stdout, stderr = ssh.exec_command(\’ls\’)
# 获取命令结果
result = stdout.read()
result = stdout.readlines()
# 关闭连接
ssh.close()
2.2、基于用户名和密码的transport方式登录
方法1是传统的连接服务器、执行命令、关闭的一个操作,有时候需要登录上服务器执行多个操作,比如执行命令、上传/下载文件,方法1则无法实现,可以通过如下方式来操作
# 实例化一个transport对象
trans = paramiko.Transport((\’192.168.1.1\’, 22))
# 建立连接
trans.connect(username=\’super\’, password=\’super\’)
# 将sshclient的对象的transport指定为以上的trans
ssh = paramiko.SSHClient()
ssh._transport = trans
# 执行命令,和传统方法一样
stdin, stdout, stderr = ssh.exec_command(\’df -hl\’)
print(stdout.read().decode())
# 关闭连接
trans.close()
例子1:
import paramiko cmd_submit= \'ifconfig\' ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(\'192.168.76.134\', 22, \'test\', \'test\') #或者 ssh.connect(hostname=\'192.168.76.134\', port=22, username=\'test\', password=\'test\') stdin,stdout,stderr=ssh.exec_command(cmd_submit) print(stdout.read().decode()) ssh.close()
2.3、基于公钥密钥连接:
客户端文件名:id_rsa
服务端必须有文件名:authorized_keys(在用ssh-keygen时,必须制作一个authorized_keys,可以用ssh-copy-id来制作)
root@client test]# ssh-keygen -t rsa 或直接ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory \'/root/.ssh\'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 0f:9b:29:ba:9e:e9:70:fc:0f:c7:99:19:46:47:96:a9 root@suqid.localdomain The key\'s randomart image is: +--[ RSA 2048]----+ | oo | | oo | | ... | | .E. | | S | | . o @ | | . o o X . | | o = + | | oB.... | +-----------------+
#将本地公钥发送给目标主机
[root@client test]# ssh-copy-id test@192.168.76.135
输入密码test
import paramiko
private_key = paramiko.RSAKey.from_private_key_file(\’/tmp/id_rsa\’)
# 创建SSH对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# 连接服务器
ssh.connect(hostname=\’120.92.84.249\’, port=22, username=\’root\’, pkey=private_key)
# 执行命令
stdin, stdout, stderr = ssh.exec_command(\’df\’)
# 获取命令结果
result = stdout.read()
print(result.decode(\’utf-8\’))
# 关闭连接
ssh.close()
以上需要确保被访问的服务器对应用户.ssh目录下有authorized_keys文件,也就是将服务器上生成的公钥文件保存为authorized_keys。并将私钥文件作为paramiko的登陆密钥
例子2:
import paramiko private_key = paramiko.RSAKey.from_private_key_file(\'/tmp/id_rsa\') transport = paramiko.Transport((\'120.92.84.249\', 22)) transport.connect(username=\'root\', pkey=private_key) ssh = paramiko.SSHClient() ssh._transport = transport stdin, stdout, stderr = ssh.exec_command(\'df\') result=stdout.read() print(result.decode(\'utf-8\')) transport.close()
import paramiko from io import StringIO key_str = """-----BEGIN RSA PRIVATE KEY----- MIIEoQIBAAKCAQEAsJmFLrSeCumJvga0Gl5O5wVOVwMIy2MpqIyQPi5J87dg89a4 Da9fczJog7qoSbRwHFOQoCHNphSlp5KPhGsF6RJewkIw9H1UKV4dCOyl/4HOAkAD rKrsEDmrJ9JlzF2GTTZSnTgVQWcvBS2RKB4eM2R9aJ11xV6X2Hk4YDLTExIWeabb h2TUKw0iyjI8pRuYLKkF2X16u9TBwfOTroGYgiNFHQvhsQppbEbI49NF2XkCkFMi 8/7tLjf95InE/VUUq56JqfzyHwdpHou+waXbwtvGgXN3sz+KkuEv6R2qDz06upZV FCZRRpDhzoR8Uh/UEzTGZb8z7FB6EJXUiXJikQIBIwKCAQBBmBuGYFf1bK+BGG7H 9ySe81ecqVsJtx4aCFLVRGScWg4RbQKIvXs5an6XU/VdNGQnx0RYvBkvDvuzRRC8 J8Bd4kB0CfTtGJuaVigKoQp02HEWx1HSa17+tlWD0c4KFBvwywi+DYQ83S64x8gz eOalX9bPFenqORPUD8R7gJeKvPVc6ZTPeorpuH7u9xayP0Eop8qKxZza9Xh3foVj Qo4IxoYnDN57CIRX5PFSlDDggpmr8FtRF4nAxmFq8LhSp05ivzX/Ku1SNHdaMWZO 7va8tISXdLI5m0EGzoVoBvohIbwlxI6kfmamrh6Eas2Jnsc4CLzMsR4jBWt0LHLv /SLnAoGBANaEUf/Jptab9G/xD9W2tw/636i3gLpTPY9KPtCcAxqStNeT6RAWZ5HF lKJg+NKpu3pI45ldAwvts0i+aCZk2xakEWIZWqCmXm31JSPDQTaMGe7H0vOmUaxx ncdpBVdvhMbfFUgei15iKfuafgrKaS9oIkntXEgrC+3wBOI0Gbx3AoGBANLAGxAF TK7ydr+Q1+6/ujs6e8WsXt8HZMa/1khCVSbrf1MgACvZPSSSrDpVwaDTSjlRI4AL bb0l0RFU+/0caMiHilscuJdz9Fdd9Ux4pjROZa3TF5CFhvP7PsZAoxOo+yqJg4zr 996GG/aAv4M8lQJ2rDFk/Dgn5y/AaAun1oM3AoGAGIQmoOPYjY4qkHNSRE9lYOl4 pZFQilKn8x5tlC8WTC4GCgJGhX7nQ9wQ/J1eQ/YkDfmznH+ok6YjHkGlgLsRuXHW GdcDCwuzBUCWh76LHC1EytUCKnloa3qy8jfjWnMlHgrd3FtDILrC+C7p1Vj2FAvm qVz0moiTpioPL8twp9MCgYEAin49q3EyZFYwxwdpU7/SJuvq750oZq0WVriUINsi A6IR14oOvbqkhb94fhsY12ZGt/N9uosq22H+anms6CicoQicv4fnBHDFI3hCHE9I pgeh50GTJHUA6Xk34V2s/kp5KpThazv6qCw+QubkQExh660SEdSlvoCfPKMCi1EJ TukCgYAZKY1NZ2bjJyyO/dfNvMQ+etUL/9esi+40GUGyJ7SZcazrN9z+DO0yL39g 7FT9NMIc2dsmNJQMaGBCDl0AjO1O3b/wqlrNvNBGkanxn2Htn5ajfo+LBU7yHAcV 7w4X5HLarXiE1mj0LXFKJhdvFqU53KUQJXBqR6lsMqzsdPwLMJg== -----END RSA PRIVATE KEY-----""" private_key = paramiko.RSAKey(file_obj=StringIO(key_str)) transport = paramiko.Transport((\'120.92.84.249\', 22)) transport.connect(username=\'root\', pkey=private_key) ssh = paramiko.SSHClient() ssh._transport = transport stdin, stdout, stderr = ssh.exec_command(\'df\') result = stdout.read() print(result.decode(\'utf-8\')) transport.close() print(result)
2.4、SFTPClient
用于连接远程服务器并执行上传下载
基于用户名密码上传下载
import paramiko transport = paramiko.Transport((\'120.92.84.249\',22)) transport.connect(username=\'root\',password=\'xxx\') sftp = paramiko.SFTPClient.from_transport(transport) # 将/tmp/11.txt 上传至服务器 /tmp/22.txt sftp.put(localpath=\'/tmp/11.txt\', remotepath=\'/tmp/22.txt\') # 将remote_path 下载到本地 local_path sftp.get(\'remove_path\', \'local_path\') transport.close()
基于公钥密钥上传下载
import paramiko private_key = paramiko.RSAKey.from_private_key_file(\'/tmp/id_rsa\') transport = paramiko.Transport((\'120.92.84.249\', 22)) transport.connect(username=\'root\', pkey=private_key ) sftp = paramiko.SFTPClient.from_transport(transport) # 将/tmp/11.txt 上传至服务器 /tmp/22.txt sftp.put(localpath=\'/tmp/11.txt\', remotepath=\'/tmp/22.txt\') # 将remote_path 下载到本地 local_path sftp.get(\'remove_path\', \'local_path\') transport.close()
例子:
import paramiko import uuid class Haproxy(object): def __init__(self): self.host = \'172.16.103.191\' self.port = 22 self.username = \'root\' self.pwd = \'123\' self.__k = None def create_file(self): file_name = str(uuid.uuid4()) with open(file_name,\'w\') as f: f.write(\'sb\') return file_name def connect(self): transport = paramiko.Transport((self.host,self.port)) transport.connect(username=self.username,password=self.pwd) self.__transport = transport def upload(self): # 连接,上传 file_name = self.create_file() sftp = paramiko.SFTPClient.from_transport(self.__transport) # 将location.py 上传至服务器 /tmp/test.py sftp.put(file_name, \'/home/root/tttttttttttt.py\') def rename(self): ssh = paramiko.SSHClient() ssh._transport = self.__transport # 执行命令 stdin, stdout, stderr = ssh.exec_command(\'mv /home/root/tttttttttttt.py /home/root/ooooooooo.py\') # 获取命令结果 result = stdout.read() def close(self): self.__transport.close() def run(self): self.connect() self.upload() self.rename() self.close() ha = Haproxy() ha.run()