class MyTSFTPRequestHandler(socketserver.BaseRequestHandler): timeout = 60 auth_timeout = 60 def setup(self): self.transport = Transport(self.request) self.transport.load_server_moduli() so = self.transport.get_security_options() so.digests = ('hmac-sha1', ) so.compression = ('*****@*****.**', 'none') self.transport.add_server_key(self.server.host_key) self.transport.set_subsystem_handler('sftp', MyTSFTPServer, MyTSFTPServerInterface) def handle(self): try: self.transport.start_server(server=MyTServerInterface()) except SSHException as e: logger.error("SSH error: %s" % str(e)) self.transport.close() except EOFError as e: logger.error("Socket error: %s" % str(e)) except Exception as e: logger.error("Error: %s" % str(e)) def handle_timeout(self): self.transport.close()
class MyTSFTPRequestHandler(SocketServer.BaseRequestHandler): timeout = 60 auth_timeout = 60 def setup(self): self.transport = Transport(self.request) self.transport.load_server_moduli() so = self.transport.get_security_options() so.digests = ('hmac-sha1', ) so.compression = ('*****@*****.**', 'none') self.transport.add_server_key(self.server.host_key) self.transport.set_subsystem_handler( 'sftp', MyTSFTPServer, MyTSFTPServerInterface) def handle(self): self.transport.start_server(server=MyTServerInterface()) def handle_timeout(self): self.transport.close()
class MyTSFTPRequestHandler(SocketServer.BaseRequestHandler): timeout = 60 auth_timeout = 60 def setup(self): self.transport = Transport(self.request) self.transport.load_server_moduli() so = self.transport.get_security_options() so.digests = ('hmac-sha1', ) so.compression = ('*****@*****.**', 'none') self.transport.add_server_key(self.server.host_key) self.transport.set_subsystem_handler( 'sftp', MyTSFTPServer, MyTSFTPServerInterface) def handle(self): self.transport.start_server(server=MyTServerInterface()) def handle_timeout(self): try: self.transport.close() finally: super(MyTSFTPRequestHandler, self).handle_timeout()
def handle_connection(self, host_key): try: DoGSSAPIKeyExchange = False t = Transport(self.sock, gss_kex=DoGSSAPIKeyExchange) t.set_subsystem_handler('netconf', self.subsys) t.set_gss_host(socket.getfqdn("")) try: t.load_server_moduli() except: Logger.warning('Failed to load moduli -- gex will be unsupported.') t.add_server_key(host_key) server = Server() t.start_server(server=server) # wait for auth self.channel = t.accept(20) if self.channel is None: Logger.error('No SSH channel') return Logger.info('Waiting for message') server.event.wait(10) Logger.info('Closing') ##self.channel.close() Logger.info('Client connection closed') except ConnectionResetError as e: Logger.debug(5,'Connection reset by peer') except SSHException: Logger.error('SSH negotiation failed, client connection dropped') except Exception as e: Logger.error('Caught exception: ' + str(e.__class__) + ': ' + str(e)) traceback.print_exc() try: t.close() except: pass
class SSHHandler(ServerInterface, BaseRequestHandler): telnet_handler = None pty_handler = None host_key = None username = None def __init__(self, request, client_address, server): self.request = request self.client_address = client_address self.tcp_server = server # Keep track of channel information from the transport self.channels = {} self.client = request._sock # Transport turns the socket into an SSH transport self.transport = Transport(self.client) # Create the PTY handler class by mixing in TelnetHandlerClass = self.telnet_handler class MixedPtyHandler(TelnetToPtyHandler, TelnetHandlerClass): # BaseRequestHandler does not inherit from object, must call the __init__ directly def __init__(self, *args): TelnetHandlerClass.__init__(self, *args) self.pty_handler = MixedPtyHandler # Call the base class to run the handler BaseRequestHandler.__init__(self, request, client_address, server) def setup(self): '''Setup the connection.''' print 'New request from address %s, port %d' % self.client_address try: self.transport.load_server_moduli() except: print '(Failed to load moduli -- gex will be unsupported.)' raise try: self.transport.add_server_key(self.host_key) except: if self.host_key is None: raise NotImplementedError( 'Host key not set! SSHHandler instance must define the host_key parameter. Try host_key = paramiko_ssh.getRsaKeyFile("server_rsa.key").' ) try: # Tell transport to use this object as a server print 'Starting SSH server-side negotiation' self.transport.start_server(server=self) except SSHException, e: print('SSH negotiation failed. %s' % e) raise # Accept any requested channels while True: channel = self.transport.accept(20) if channel is None: # check to see if any thread is running any_running = False for c, thread in self.channels.items(): if thread.is_alive(): any_running = True break if not any_running: break else: print 'Accepted channel %s' % channel
class SSHHandler(ServerInterface, BaseRequestHandler): telnet_handler = None pty_handler = None host_key = None username = None def __init__(self, request, client_address, server): self.request = request self.client_address = client_address self.tcp_server = server # Keep track of channel information from the transport self.channels = {} try: self.client = request._sock except AttributeError as e: self.client = request # Transport turns the socket into an SSH transport self.transport = Transport(self.client) # Create the PTY handler class by mixing in TelnetHandlerClass = self.telnet_handler class MixedPtyHandler(TelnetToPtyHandler, TelnetHandlerClass): # BaseRequestHandler does not inherit from object, must call the __init__ directly def __init__(self, *args): super(MixedPtyHandler, self).__init__(*args) TelnetHandlerClass.__init__(self, *args) self.pty_handler = MixedPtyHandler # Call the base class to run the handler BaseRequestHandler.__init__(self, request, client_address, server) def setup(self): """Setup the connection.""" log.debug('New request from address %s, port %d', self.client_address) try: self.transport.load_server_moduli() except: log.exception('(Failed to load moduli -- gex will be unsupported.)') raise try: self.transport.add_server_key(self.host_key) except: if self.host_key is None: log.critical('Host key not set! SSHHandler MUST define the host_key parameter.') raise NotImplementedError('Host key not set! SSHHandler instance must define ' 'the host_key parameter. Try host_key = paramiko_ssh' '.getRsaKeyFile("server_rsa.key").') try: # Tell transport to use this object as a server log.debug('Starting SSH server-side negotiation') self.transport.start_server(server=self) except SSHException as e: log.warn('SSH negotiation failed. %s', e) raise # Accept any requested channels while True: channel = self.transport.accept(20) if channel is None: # check to see if any thread is running any_running = False for c, thread in self.channels.items(): if thread.is_alive(): any_running = True break if not any_running: break else: log.info('Accepted channel %s', channel) class dummy_request(object): def __init__(self): self._sock = None @classmethod def streamserver_handle(cls, socket, address): """Translate this class for use in a StreamServer""" request = cls.dummy_request() request._sock = socket server = None cls(request, address, server) def finish(self): """Called when the socket closes from the client.""" self.transport.close() def check_channel_request(self, kind, chanid): if kind == 'session': return OPEN_SUCCEEDED return OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED def set_username(self, username): self.username = username log.info('User logged in: %s' % username) # Handle User Authentication ###### # Override these with functions to use for callbacks authCallback = None authCallbackKey = None authCallbackUsername = None def get_allowed_auths(self, username): methods = [] if self.authCallbackUsername is not None: methods.append('none') if self.authCallback is not None: methods.append('password') if self.authCallbackKey is not None: methods.append('publickey') if not methods: # If no methods were defined, use none methods.append('none') log.debug('Configured authentication methods: %r', methods) return ','.join(methods) def check_auth_password(self, username, password): # print 'check_auth_password(%s, %s)' % (username, password) try: self.authCallback(username, password) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL def check_auth_publickey(self, username, key): # print 'Auth attempt with key: ' + hexlify(key.get_fingerprint()) try: self.authCallbackKey(username, key) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL # if (username == 'xx') and (key == self.good_pub_key): # return AUTH_SUCCESSFUL def check_auth_none(self, username): if self.authCallbackUsername is None: self.set_username(username) return AUTH_SUCCESSFUL try: self.authCallbackUsername(username) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL def check_channel_shell_request(self, channel): '''Request to start a shell on the given channel''' try: self.channels[channel].start() except KeyError: log.error('Requested to start a channel (%r) that was not previously set up.', channel) return False else: return True def check_channel_pty_request(self, channel, term, width, height, pixelwidth, pixelheight, modes): """Request to allocate a PTY terminal.""" # self.sshterm = term # print "term: %r, modes: %r" % (term, modes) log.debug('PTY requested. Setting up %r.', self.telnet_handler) pty_thread = Thread(target=self.start_pty_request, args=(channel, term, modes)) self.channels[channel] = pty_thread return True def start_pty_request(self, channel, term, modes): """Start a PTY - intended to run it a (green)thread.""" request = self.dummy_request() request._sock = channel request.modes = modes request.term = term request.username = self.username # modes = http://www.ietf.org/rfc/rfc4254.txt page 18 # for i in xrange(50): # print "%r: %r" % (int(m[i*5].encode('hex'), 16), int(''.join(m[i*5+1:i*5+5]).encode('hex'), 16)) # This should block until the user quits the pty self.pty_handler(request, self.client_address, self.tcp_server) # Shutdown the entire session self.transport.close()
class SSHHandler(ServerInterface, BaseRequestHandler): telnet_handler = None pty_handler = None host_key = None username = None def __init__(self, request, client_address, server): self.request = request self.client_address = client_address self.tcp_server = server # Keep track of channel information from the transport self.channels = {} self.client = request._sock # Transport turns the socket into an SSH transport self.transport = Transport(self.client) # Create the PTY handler class by mixing in TelnetHandlerClass = self.telnet_handler class MixedPtyHandler(TelnetToPtyHandler, TelnetHandlerClass): # BaseRequestHandler does not inherit from object, must call the __init__ directly def __init__(self, *args): TelnetHandlerClass.__init__(self, *args) self.pty_handler = MixedPtyHandler # Call the base class to run the handler BaseRequestHandler.__init__(self, request, client_address, server) def setup(self): '''Setup the connection.''' log.debug('New request from address %s, port %d', self.client_address) try: self.transport.load_server_moduli() except: log.exception( '(Failed to load moduli -- gex will be unsupported.)') raise try: self.transport.add_server_key(self.host_key) except: if self.host_key is None: log.critical( 'Host key not set! SSHHandler MUST define the host_key parameter.' ) raise NotImplementedError( 'Host key not set! SSHHandler instance must define the host_key parameter. Try host_key = paramiko_ssh.getRsaKeyFile("server_rsa.key").' ) try: # Tell transport to use this object as a server log.debug('Starting SSH server-side negotiation') self.transport.start_server(server=self) except SSHException as e: log.warn('SSH negotiation failed. %s', e) raise # Accept any requested channels while True: channel = self.transport.accept(20) if channel is None: # check to see if any thread is running any_running = False for c, thread in list(self.channels.items()): if thread.is_alive(): any_running = True break if not any_running: break else: log.info('Accepted channel %s', channel) #raise RuntimeError('No channel requested.') class dummy_request(object): def __init__(self): self._sock = None @classmethod def streamserver_handle(cls, socket, address): '''Translate this class for use in a StreamServer''' request = cls.dummy_request() request._sock = socket server = None cls(request, address, server) def finish(self): '''Called when the socket closes from the client.''' self.transport.close() def check_channel_request(self, kind, chanid): if kind == 'session': return OPEN_SUCCEEDED return OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED def set_username(self, username): self.username = username log.info('User logged in: %s' % username) ###### Handle User Authentication ###### # Override these with functions to use for callbacks authCallback = None authCallbackKey = None authCallbackUsername = None def get_allowed_auths(self, username): methods = [] if self.authCallbackUsername is not None: methods.append('none') if self.authCallback is not None: methods.append('password') if self.authCallbackKey is not None: methods.append('publickey') if methods == []: # If no methods were defined, use none methods.append('none') log.debug('Configured authentication methods: %r', methods) return ','.join(methods) def check_auth_password(self, username, password): #print 'check_auth_password(%s, %s)' % (username, password) try: self.authCallback(username, password) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL def check_auth_publickey(self, username, key): #print 'Auth attempt with key: ' + hexlify(key.get_fingerprint()) try: self.authCallbackKey(username, key) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL #if (username == 'xx') and (key == self.good_pub_key): # return AUTH_SUCCESSFUL def check_auth_none(self, username): if self.authCallbackUsername is None: self.set_username(username) return AUTH_SUCCESSFUL try: self.authCallbackUsername(username) except: return AUTH_FAILED else: self.set_username(username) return AUTH_SUCCESSFUL def check_channel_shell_request(self, channel): '''Request to start a shell on the given channel''' try: self.channels[channel].start() except KeyError: log.error( 'Requested to start a channel (%r) that was not previously set up.', channel) return False else: return True def check_channel_pty_request(self, channel, term, width, height, pixelwidth, pixelheight, modes): '''Request to allocate a PTY terminal.''' #self.sshterm = term #print "term: %r, modes: %r" % (term, modes) log.debug('PTY requested. Setting up %r.', self.telnet_handler) pty_thread = Thread(target=self.start_pty_request, args=(channel, term, modes)) self.channels[channel] = pty_thread return True def start_pty_request(self, channel, term, modes): '''Start a PTY - intended to run it a (green)thread.''' request = self.dummy_request() request._sock = channel request.modes = modes request.term = term request.username = self.username # modes = http://www.ietf.org/rfc/rfc4254.txt page 18 # for i in xrange(50): # print "%r: %r" % (int(m[i*5].encode('hex'), 16), int(''.join(m[i*5+1:i*5+5]).encode('hex'), 16)) # This should block until the user quits the pty self.pty_handler(request, self.client_address, self.tcp_server) # Shutdown the entire session self.transport.close()
class SSHHandler(ServerInterface, BaseRequestHandler): telnet_handler = None pty_handler = None host_key = None username = None def __init__(self, request, client_address, server): self.request = request self.client_address = client_address self.tcp_server = server # Keep track of channel information from the transport self.channels = {} self.client = request._sock # Transport turns the socket into an SSH transport self.transport = Transport(self.client) # Create the PTY handler class by mixing in TelnetHandlerClass = self.telnet_handler class MixedPtyHandler(TelnetToPtyHandler, TelnetHandlerClass): # BaseRequestHandler does not inherit from object, must call the __init__ directly def __init__(self, *args): TelnetHandlerClass.__init__(self, *args) self.pty_handler = MixedPtyHandler # Call the base class to run the handler BaseRequestHandler.__init__(self, request, client_address, server) def setup(self): '''Setup the connection.''' log.debug( 'New request from address %s, port %d', self.client_address ) try: self.transport.load_server_moduli() except: log.exception( '(Failed to load moduli -- gex will be unsupported.)' ) raise try: self.transport.add_server_key(self.host_key) except: if self.host_key is None: log.critical('Host key not set! SSHHandler MUST define the host_key parameter.') raise NotImplementedError('Host key not set! SSHHandler instance must define the host_key parameter. Try host_key = paramiko_ssh.getRsaKeyFile("server_rsa.key").') try: # Tell transport to use this object as a server log.debug( 'Starting SSH server-side negotiation' ) self.transport.start_server(server=self) except SSHException, e: log.warn('SSH negotiation failed. %s', e) raise # Accept any requested channels while True: channel = self.transport.accept(20) if channel is None: # check to see if any thread is running any_running = False for c, thread in self.channels.items(): if thread.is_alive(): any_running = True break if not any_running: break else: log.info( 'Accepted channel %s', channel )