def test_active_close_session(docker_env):
gateway_ip, gateway_port = docker_env.get_host_ip_port('gateway')
gateway_session = SSHSession(host=gateway_ip,
port=gateway_port,
username='******',
password='******').open()
assert gateway_session.is_active()
# open an already active session should be harmless
gateway_session.open()
assert gateway_session.is_active()
remotehost_ip, remotehost_port = docker_env.get_host_ip_port('remotehost')
remotehost_session = gateway_session.get_remote_session(
host=tests_util.get_host_ip(),
port=remotehost_port,
username='******',
password='******')
assert remotehost_session.is_active()
# check that gateway session is well closed
gateway_session.close()
assert not gateway_session.is_active()
# remote session is also automatically closed
assert not remotehost_session.is_active()
# closing a closed session does nothing
gateway_session.close()
# running command on an inactive session will automatically open the session
assert gateway_session.run_cmd('ls').exit_code == 0
def test_get_remote_session(docker_env):
gateway_ip, gateway_port = docker_env.get_host_ip_port()
gateway_session = SSHSession(host=gateway_ip,
port=gateway_port,
username='******',
password='******').open()
remotehost_session = gateway_session.get_remote_session(
host='remotehost', port=22, username='******', password='******')
# run basic command on remote host
assert remotehost_session.get_cmd_output('hostname') == 'remotehost'
# request twice the same remote session just return the existing one
assert gateway_session.get_remote_session(
host='remotehost', port=22, username='******',
password='******') == remotehost_session
# request another remote session to another host while an existing one already exists
remotehost2_session = remotehost_session.get_remote_session(
host='remotehost2', port=22, username='******', password='******')
# check that new session is active
assert remotehost2_session.is_active()
assert remotehost2_session.get_cmd_output('hostname') == 'remotehost2'
# check that previous session from gateway is still active
assert remotehost_session.is_active()
assert remotehost_session.get_cmd_output('hostname') == 'remotehost'
# close a remote session and check we can still request ssh session with same parameters
remotehost2_session.close()
assert not remotehost2_session.is_active()
remotehost2_session = remotehost_session.get_remote_session(
host='remotehost2', port=22, username='******', password='******')
assert remotehost2_session.is_active()
# close gateway session and check all children sessions are automatically closed
gateway_session.close()
assert not remotehost_session.is_active()
assert not remotehost2_session.is_active()
# get remote session from closed session should automatically open gateway session first
# then return remote session
remotehost_session = gateway_session.get_remote_session(
host='remotehost', port=22, username='******', password='******')
assert gateway_session.is_active()
assert remotehost_session.is_active()
def check_pfx(path_pfx_file, password, bastion, remote_host):
p12 = crypto.load_pkcs12(open(path_pfx_file, 'rb').read(), password)
private_key = crypto.dump_privatekey(crypto.FILETYPE_PEM,
p12.get_privatekey())
public_certificate = crypto.dump_certificate(crypto.FILETYPE_PEM,
p12.get_certificate())
# try:
# ca_certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_ca_certificates())
gateway_session = SSHSession(host=bastion,
port=7022,
password=None,
missing_host_key_policy=None,
username='******')
remote_session = gateway_session.get_remote_session(remote_host,
password=None,
username='******',
port=7022)
remote_session.put('./remote_backup.sh',
'/root/remote_backup.sh',
owner='root',
permissions='0700')
remote_session.run_cmd('/root/remote_backup.sh')
remote_session.file(remote_path='/etc/apache/passl/pa.cert.key',
content=private_key,
owner='root',
permissions='644')
remote_session.file(remote_path='/etc/apache/passl/pa.cert.cert',
content=public_certificate,
owner='root',
permissions='644')
# remote_session.file(remote_path='/etc/apache/passl/pa.cert.intermediate', content=ca_certificate, owner='root',
# permissions='644')
print(remote_session.get_cmd_output('ls -alh'))
print(
remote_session.get_cmd_output(
"ls -alh /etc/apache/passl/backup-$(date +'%F')"))
print(remote_session.get_cmd_output('ls -alh /var/qmail/control/'))
remote_session.close()
gateway_session.close()
def create_list_active_devices():
lista_equipos_activos = []
try:
with open("testbed.yaml","r") as file:
yaml_to_dict = yaml.load(file)
for nombre_equipo in yaml_to_dict["devices"]:
#print(yaml_to_dict["devices"][nombre_equipo])
ip_device = yaml_to_dict["devices"][nombre_equipo]["connections"]["cli"]["ip"]
password_device = yaml_to_dict["devices"][nombre_equipo]["credentials"]["default"]["password"]
username_device = yaml_to_dict["devices"][nombre_equipo]["credentials"]["default"]["username"]
try:
#print("conectandose a "+ip_device)
gateway_session = SSHSession(ip_device,username=username_device,password=password_device).open()
gateway_session.close()
lista_equipos_activos.append(nombre_equipo)
except Exception as e:
print(e)
print(lista_equipos_activos)
return(lista_equipos_activos)
except Exception as e:
print(e)
def respaldo_ssh(hostname, ip, cisco_os, username, password, enable_password):
try:
ruta = os.getcwd()
with open(
ruta + "/full backup manual/respaldo_" + hostname + "_" +
datetime.now().strftime("%d%m%Y_%H%M"), "w") as file:
if cisco_os == "nxos":
ssh_session = SSHSession(ip, username,
password=password).open()
for comando in commands_nxos:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
elif cisco_os == "iosxe":
ssh_session = SSHSession(ip, username,
password=password).open()
for comando in commands_iosxe:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
elif cisco_os == "junos":
ssh_session = SSHSession(ip,
username,
password=password,
timeout=10).open()
for comando in commands_junos:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
except Exception as e:
print(e)
return ("fallido")
return ("realizado")
import subprocess
import sys
ip = '10.10.10.3'
ping_reply = subprocess.call(['ping','-c','2',ip],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL)
if ping_reply == 0:
print("\n{} is reachable :)".format(ip))
else:
print("\n{} is not reachable :(".format(ip))
sys.exit()
###Running the python using intermediary server Windows-->ubuntu-->cisko_switch
from jumpssh import SSHSession
server_session = SSHSession("10.10.10.100",'chetu',password='******').open()
switch_session = server_session.get_remote_session('10.10.103', 'admin', password='******')
print(switch_session.get_cmd_output('show ip int brief'))
server_session.close()
#Instructions
###########Example for running local script on remote server
#more filepath\file_name.py | ssh user@ip password
###########Example for running remote script via local machine
#ssh user@ip "python3 /path/file_name.py"
if hosts_dict[ip] in master_lists[3:7]: # redis
print("正在巡检: " + hosts_dict[ip], end=" ")
master_cmd_lists = [cmdLists[0], cmdLists[10], cmdLists[11], cmdLists[12], cmdLists[7]]
inspect_func.inspect_redis(master_cmd_lists, des_remote ,result_list_info)
print(" Done.",time.strftime('%Y/%m/%d %H:%M:%S'))
if not inspect_func.mate_key(hosts_dict[ip]):
print("正在巡检: " + hosts_dict[ip], end=" ")
datanode_cmd_lists = [cmdLists[0], cmdLists[10], cmdLists[11], cmdLists[12], cmdLists[7]]
inspect_func.inspect_datanode(datanode_cmd_lists, des_remote ,result_list_info)
print(" Done.",time.strftime('%Y/%m/%d %H:%M:%S'))
except Exception as e:
print(e," 主机返回数据异常请手动检查")
result_list_info.append("主机返回数据异常请手动检查\n")
continue
des_remote.close()
jump_server.close()
print('正在写入日志文件inspect_log.log.......')
for info in result_list_info:
m = re.search(r'主机名', info)
if m !=None:
with open('inspect_log.log','a') as f:
f.write('\n'+info)
else:
with open('inspect_log.log', 'a') as f:
f.write(info)
result_list_info.clear()
print("巡检完成!!!",time.strftime('%Y/%m/%d %H:%M:%S'))
#print(result_list_info)
# Installing the jumpssh module
# pip install jumpssh
# Installing openssh server on Ubuntu Linux
# sudo apt - get install openssh - server - y
# Installing OpenSSH Client on Windows 10
# https: // docs.microsoft.com / en - us / windows - server / administration / openssh / openssh_install_firstuse
# Run remote script on the Arista switch via the Ubuntu remote server
# Open cmd as Administrator before performing SSH from Windows!
# ssh mihai @ 10.10.10.100 "python3 /home/mihai/ping_script.py"
# Run local script on the Arista switch via the Ubuntu remote server
# The dash ( - ) is optional and it means the program reads from stdin
# Open cmd as Administrator before performing SSH from Windows!
# more D:\ping_script.py | ssh mihai @ 10.10.10.100 python3 -
# Executing CLI commands and getting the output via the Ubuntu remote server
from jumpssh import SSHSession
gateway_session = SSHSession('10.10.10.100', 'mihai', password='******').open()
remote_session = gateway_session.get_remote_session('10.10.10.3',
'admin',
password='******')
print(remote_session.get_cmd_output('show ip int brief'))
gateway_session.close()
def respaldo_ssh_manual(hostname, ip, cisco_os, username, password,
enable_password):
try:
ruta = os.getcwd()
with open(
ruta + "/full backup manual/respaldo_" + hostname + "_" +
datetime.now().strftime("%d%m%Y_%H%M"), "w") as file:
if cisco_os == "nxos":
nx_node = {
'device_type': 'cisco_nxos',
'ip': ip,
'username': username,
'password': password,
'secret': enable_password,
'port': 22,
}
ssh_session = SSHSession(ip, username,
password=password).open()
for comando in commands_nxos:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
elif cisco_os == "iosxe":
ssh_session = SSHSession(ip, username,
password=password).open()
for comando in commands_iosxe:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
elif cisco_os == "junos":
ssh_session = SSHSession(ip,
username,
password=password,
timeout=10).open()
for comando in commands_junos:
resultado = ssh_session.run_cmd(comando)
file.write(resultado.output)
ssh_session.close()
elif cisco_os == "ios":
ios_node = {
'device_type': 'cisco_ios',
'ip': ip,
'username': username,
'password': password,
'secret': enable_password,
'port': 22,
}
net_connect_ios = ConnectHandler(**ios_node)
net_connect_ios.enable()
for comando in commands_ios:
resultado = net_connect_ios.send_command(
comando, strip_prompt=False, strip_command=False)
file.write(resultado)
elif cisco_os == "asa":
asa_node = {
'device_type': 'cisco_asa',
'ip': ip,
'username': username,
'password': password,
'secret': enable_password,
'port': 22,
}
net_connect_asa = ConnectHandler(**asa_node)
net_connect_asa.enable()
for comando in commands_asa:
resultado = net_connect_asa.send_command(comando)
file.write(resultado)
return ({"resultado": "equipo " + hostname + " OK"})
except Exception as e:
return ("Error " + str(e))
return ("realizado")
