def valid_ssh(hostname, port, username, password=None, pkey=None, with_expect=True):
try:
private_key = AppSetting.get('private_key')
public_key = AppSetting.get('public_key')
except KeyError:
private_key, public_key = SSH.generate_key()
AppSetting.set('private_key', private_key, 'ssh private key')
AppSetting.set('public_key', public_key, 'ssh public key')
try:
if password:
_cli = SSH(hostname, port, username, password=str(password))
_cli.add_public_key(public_key)
if pkey:
private_key = pkey
cli = SSH(hostname, port, username, private_key)
cli.ping()
except BadAuthenticationType:
if with_expect:
data = '该主机不支持密钥认证,错误代码:E01'
else:
data = '该主机不支持密钥认证,错误代码:E02'
return False, 500, data
except AuthenticationException:
if password and with_expect:
data = '密钥认证失败,错误代码:E03'
else:
data = "密钥认证失败,错误代码:E04"
return False, 500, data
return True, 200, {'msg': "认证成功"}
def valid_ssh(hostname,
port,
username,
password=None,
pkey=None,
with_expect=True):
try:
private_key = AppSetting.get('private_key')
public_key = AppSetting.get('public_key')
except KeyError:
private_key, public_key = SSH.generate_key()
AppSetting.set('private_key', private_key, 'ssh private key')
AppSetting.set('public_key', public_key, 'ssh public key')
if password:
_cli = SSH(hostname, port, username, password=str(password))
_cli.add_public_key(public_key)
if pkey:
private_key = pkey
try:
cli = SSH(hostname, port, username, private_key)
cli.ping()
except BadAuthenticationType:
if with_expect:
raise TypeError('该主机不支持密钥认证,请参考官方文档,错误代码:E01')
return False
except AuthenticationException:
if password and with_expect:
raise ValueError('密钥认证失败,请参考官方文档,错误代码:E02')
return False
return True
def valid_ssh(hostname, port, username, password, with_expect=True):
try:
private_key = AppSetting.get('private_key') #定义私钥公钥
public_key = AppSetting.get('public_key')
except KeyError: #错误检查
private_key, public_key = SSH.generate_key()
AppSetting.set('private_key', private_key, 'ssh private key')
AppSetting.set('public_key', public_key, 'ssh public key')
cli = SSH(hostname, port, username, private_key)
if password:
_cli = SSH(hostname, port, username, password=str(password))
code, out = _cli.exec_command('mkdir -p -m 700 ~/.ssh && \
echo %r >> ~/.ssh/authorized_keys && \
chmod 600 ~/.ssh/authorized_keys' % public_key)
if code != 0:
raise Exception(f'add public key error: {out!r}')
try:
cli.ping()
except BadAuthenticationType:
if with_expect:
raise TypeError('该主机不支持密钥认证,请参考官方文档,错误代码:E01')
return False
except AuthenticationException:
if password and with_expect:
raise ValueError('密钥认证失败,请参考官方文档,错误代码:E02')
return False
return True
def connect(self):
self.accept()
self.user = self.scope["user"]
print(self.scope)
query_string = self.scope.get("query_string")
print(query_string)
ssh_args = QueryDict(query_string=query_string, encoding='utf-8')
host = ssh_args.get('hostname')
host = Host.objects.get(hostname=host, deleted_by_id__isnull=True)
exec = ssh_args.get("exec").replace(',', "\n")
ssh_connect_dict = {
'host': host.hostname,
'user': host.username,
'port': int(host.port),
'exec': exec,
}
if host.pkey == '':
private_key = AppSetting.get('private_key')
ssh_connect_dict['ssh_key'] = private_key
else:
ssh_connect_dict['ssh_key'] = host.pkey
self.ssh = SSHExecutor(websocker=self, **ssh_connect_dict)
threading.Thread(target=self.ssh.run()).start()
def connect(self):
"""
打开 websocket 连接, 通过前端传入的参数尝试连接 ssh 主机
:return:
"""
self.accept()
query_string = self.scope.get('query_string')
ssh_args = QueryDict(query_string=query_string, encoding='utf-8')
width = int(ssh_args.get('width'))
height = int(ssh_args.get('height'))
id = ssh_args.get('id')
host = Host.objects.get(id=id)
self.ssh = SSH(websocker=self, message=self.message)
ssh_connect_dict = {
'host': host.hostname,
'user': host.username,
'port': host.port,
'timeout': 30,
'pty_width': width,
'pty_height': height,
}
if host.pkey == '':
private_key = AppSetting.get('private_key')
ssh_connect_dict['ssh_key'] = private_key
else:
ssh_connect_dict['ssh_key'] = host.pkey
self.ssh.connect(**ssh_connect_dict)
def fetch_versions(deploy: Deploy):
git_repo = deploy.extend_obj.git_repo
repo_dir = os.path.join(settings.REPOS_DIR, str(deploy.id))
try:
pkey = AppSetting.get('private_key')
except KeyError:
pkey = None
with Git(git_repo, repo_dir, pkey) as git:
return git.fetch_branches_tags()
def dispatch(tp, addr, extra):
if tp == '1':
return site_check(addr)
elif tp == '2':
return port_check(addr, extra)
elif tp == '3':
command = f'ps -ef|grep -v grep|grep {extra!r}'
elif tp == '4':
command = extra
else:
raise TypeError(f'invalid monitor type: {tp!r}')
pkey = AppSetting.get('private_key')
host = Host.objects.filter(pk=addr).first()
return host_executor(host, pkey, command)
def valid_ssh(hostname, port, username, password):
try:
private_key = AppSetting.get('private_key')
public_key = AppSetting.get('public_key')
except KeyError:
private_key, public_key = SSH.generate_key()
AppSetting.set('private_key', private_key, 'ssh private key')
AppSetting.set('public_key', public_key, 'ssh public key')
if password:
cli = SSH(hostname, port, username, password=str(password))
code, out = cli.exec_command('mkdir -p -m 700 ~/.ssh && \
echo %r >> ~/.ssh/authorized_keys && \
chmod 600 ~/.ssh/authorized_keys' % public_key)
if code != 0:
raise Exception(f'add public key error: {out!r}')
else:
cli = SSH(hostname, port, username, private_key)
try:
cli.ping()
except AuthenticationException:
return False
return True
def _init(self):
self.send(bytes_data=b'Connecting ...\r\n')
host = Host.objects.filter(pk=self.id).first()
if not host:
self.send(text_data='Unknown host\r\n')
self.close()
try:
self.ssh = host.get_ssh(AppSetting.get('private_key')).get_client()
except Exception as e:
self.send(bytes_data=f'Exception: {e}\r\n'.encode())
self.close()
self.chan = self.ssh.invoke_shell(term='xterm')
self.chan.transport.set_keepalive(30)
Thread(target=self.loop_read).start()
def dispatch(command, targets):
close_old_connections()
threads, pkey, q = [], AppSetting.get('private_key'), Queue()
for t in targets:
if t == 'local':
threads.append(Thread(target=local_executor, args=(q, command)))
elif isinstance(t, int):
host = Host.objects.filter(pk=t).first()
if not host:
raise ValueError(f'unknown host id: {t!r}')
threads.append(Thread(target=host_executor, args=(q, host, pkey, command)))
else:
raise ValueError(f'invalid target: {t!r}')
for t in threads:
t.start()
return [q.get() for _ in threads]
def exec(self, job):
pkey = AppSetting.get('private_key')
job = Job(pkey=pkey, **job)
threading.Thread(target=job.run).start()
def private_key(self):
return self.pkey or AppSetting.get('private_key')
def get_ssh(self, pkey=None):
pkey = pkey or AppSetting.get('private_key')
return SSH(self.hostname, self.port, self.username, pkey)
def exec(self, job):
logger.info("启动命令执行器")
pkey = AppSetting.get('private_key')
job = Job(pkey=pkey, **job)
threading.Thread(target=job.run).start()