def main(self): (self.options, self.args) = self.parser.parse_args() # we dont need argv[0] in this list... self.args = self.args[1:] # Setup logging, this must happen early! setup_logging(self.options.log_file, self.options.log_level) log.debug("Running cli command: %s" % self.name) # Translate path to config file to something absolute and expanded: self.options.config = os.path.abspath(os.path.expanduser( self.options.config)) log.debug("Absolute config file: %s" % self.options.config) self._validate_options() if len(sys.argv) < 2: print(self.parser.error(_("Please enter at least 2 args"))) if RHO_PASSWORD in os.environ: log.info("Using passphrase from %s environment variable." % RHO_PASSWORD) self.passphrase = os.environ[RHO_PASSWORD] else: self.passphrase = getpass(_("Config Encryption Password:"******"ERROR: Name already exists: %s") % e.dupe_name sys.exit(1)
def main(self): (self.options, self.args) = self.parser.parse_args() # we dont need argv[0] in this list... self.args = self.args[1:] # Setup logging, this must happen early! setup_logging(self.options.log_file, self.options.log_level) log.debug("Running cli command: %s" % self.name) # Translate path to config file to something absolute and expanded: self.options.config = os.path.abspath( os.path.expanduser(self.options.config)) log.debug("Absolute config file: %s" % self.options.config) self._validate_options() if len(sys.argv) < 2: print(self.parser.error(_("Please enter at least 2 args"))) if RHO_PASSWORD in os.environ: log.info("Using passphrase from %s environment variable." % RHO_PASSWORD) self.passphrase = os.environ[RHO_PASSWORD] else: self.passphrase = getpass(_("Config Encryption Password:"******"ERROR: Name already exists: %s") % e.dupe_name sys.exit(1)
def get_password(for_username, env_var_to_check): password = "" if env_var_to_check in os.environ: log.info("Using password from %s environment variable." % env_var_to_check) password = os.environ[env_var_to_check] else: password = getpass(_("Password for '%s':" % for_username)) return password
def connect(self, ssh_job): # do the actual paramiko ssh connection # Copy the list of ports, we'll modify it as we go: ports_to_try = list(ssh_job.ports) found_port = None # we'll set this once we identify a port that works found_auth = False while True: if found_auth: break if found_port != None: log.warn("Found ssh on %s:%s, but no auths worked." % (ssh_job.ip, found_port)) break if len(ports_to_try) == 0: log.debug("Could not find/connect to ssh on: %s" % ssh_job.ip) err = _("unable to connect") ssh_job.error = err break port = ports_to_try.pop(0) for auth in ssh_job.auths: ssh_job.error = None debug_str = "%s:%s/%s" % (ssh_job.ip, port, auth.name) # this checks the case of a passphrase we can't decrypt try: pkey = get_pkey(auth) except paramiko.SSHException, e: # paramiko throws an SSHException for pretty much everything... ;-< log.error("ssh key error for %s: %s" % (debug_str, str(e))) ssh_job.error = str(e) continue self.ssh = paramiko.SSHClient() self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: log.info("trying: %s" % debug_str) self.show_connect(ssh_job, port, auth) self.ssh.connect(ssh_job.ip, port=int(port), username=auth.username, password=auth.password, pkey=pkey, allow_agent=ssh_job.allow_agent, look_for_keys=ssh_job.look_for_keys, timeout=ssh_job.timeout) ssh_job.port = port ssh_job.auth = auth found_port = port found_auth = True log.info("success: %s" % debug_str) break # Implies we've found an SSH server listening: except paramiko.AuthenticationException, e: # Because we stop checking ports once we find one where ssh # is listening, we can report the error message here and it # will end up in the final report correctly: err = _("login failed") log.error(err) ssh_job.error = err found_port = port continue # No route to host: except socket.error, e: log.warn("No route to host, skipping port: %s" % debug_str) ssh_job.error = str(e) break
def show_connect(self, ssh_job, port, auth): buf = _("%s:%s with auth %s") % (ssh_job.ip, port, auth.name) log.info(buf) self.prog_queue.put(buf)
def connect(self, ssh_job): # do the actual paramiko ssh connection # Copy the list of ports, we'll modify it as we go: ports_to_try = list(ssh_job.ports) found_port = None # we'll set this once we identify a port that works found_auth = False while True: if found_auth: break if found_port is not None: log.warn("Found ssh on %s:%s, but no auths worked." % (ssh_job.ip, found_port)) break if len(ports_to_try) == 0: log.debug("Could not find/connect to ssh on: %s" % ssh_job.ip) err = _("unable to connect") ssh_job.error = err break port = ports_to_try.pop(0) for auth in ssh_job.auths: ssh_job.error = None debug_str = "%s:%s/%s" % (ssh_job.ip, port, auth.name) # this checks the case of a passphrase we can't decrypt try: pkey = get_pkey(auth) except paramiko.SSHException as e: # paramiko throws an SSHException for pretty much everything... ;-< log.error("ssh key error for %s: %s" % (debug_str, str(e))) ssh_job.error = str(e) continue self.ssh = paramiko.SSHClient() self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: log.info("trying: %s" % debug_str) self.show_connect(ssh_job, port, auth) self.ssh.connect(ssh_job.ip, port=int(port), username=auth.username, password=auth.password, pkey=pkey, allow_agent=ssh_job.allow_agent, look_for_keys=ssh_job.look_for_keys, timeout=ssh_job.timeout) ssh_job.port = port ssh_job.auth = auth found_port = port found_auth = True log.info("success: %s" % debug_str) break # Implies we've found an SSH server listening: except paramiko.AuthenticationException as e: # Because we stop checking ports once we find one where ssh # is listening, we can report the error message here and it # will end up in the final report correctly: err = _("login failed") log.error(err) ssh_job.error = err found_port = port continue # No route to host: except socket.error as e: log.warn("No route to host, skipping port: %s" % debug_str) ssh_job.error = str(e) break # TODO: Hitting a live port that isn't ssh will result in # paramiko.SSHException, do we need to handle this explicitly? # Something else happened: except Exception as detail: log.warn("Connection error: %s - %s" % (debug_str, str(detail))) ssh_job.error = str(detail) continue