def getPrivateKey(self, user, environment):
try:
pk = PrivateKey.objects.get(user=user, environment=environment)
try:
if pk.type == 'DSA':
key = paramiko.DSSKey.from_private_key(pk)
else:
key = paramiko.RSAKey.from_private_key(pk)
except Exception as e:
Loger.writeError("%s [%s]" % (user, e.message))
return False
return key
except exceptions.ObjectDoesNotExist as e:
return False
def getPrivateKey(self, user, environment):
try:
pk = PrivateKey.objects.get(user=user, environment=environment)
try:
if pk.type == 'DSA':
key = paramiko.DSSKey.from_private_key(pk)
else:
key = paramiko.RSAKey.from_private_key(pk)
except Exception as e:
Loger.writeError("%s [%s]" % (user, e.message))
return False
return key
except exceptions.ObjectDoesNotExist as e:
return False
def writeSessionLog(self, host, userIdentity, loginDate, logoutDate, sessionDuration, usage, keyCount, logFile):
try:
blackholeServer = socket.gethostname()
sessionLog = SessionLog(user=self.data.user,
host=host,
userIdentity=userIdentity,
sourceIP=self.data.sourceIP,
loginDate=loginDate,
logoutDate=logoutDate,
sessionID=self.data.sessionID,
sessionDuration=sessionDuration,
usage = usage,
keyCount = keyCount,
blackholeServer = blackholeServer,
logFile = logFile)
sessionLog.save()
except Exception as e:
Loger.writeError("!!%s [%s]" % (self.data.user.userName,e))
def __init__(self, data):
self.token = os.urandom(4).encode('hex')
self._palette = [
('message', 'black', 'dark cyan'),
('alert', 'dark red', 'black'),
('bg', 'black', 'black'),
]
self.message = urwid.Text(_(u"Enter the Token for the sessionID: %s") %
data.sessionID,
align='center')
self.response = urwid.Edit(u"", align='center')
self.alert = urwid.Text(u"", align='center')
try:
EmailSender(data.user, self.token, data.sessionID)
except Exception as e:
Loger.writeError("Error sending eMail Token SMS to %s [%s" %
(data.user.email, e))
self.alert.set_text(u"%s" % e)
def writeSessionLog(self, host, userIdentity, loginDate, logoutDate,
sessionDuration, usage, keyCount, logFile):
try:
blackholeServer = socket.gethostname()
sessionLog = SessionLog(user=self.data.user,
host=host,
userIdentity=userIdentity,
sourceIP=self.data.sourceIP,
loginDate=loginDate,
logoutDate=logoutDate,
sessionID=self.data.sessionID,
sessionDuration=sessionDuration,
usage=usage,
keyCount=keyCount,
blackholeServer=blackholeServer,
logFile=logFile)
sessionLog.save()
except Exception as e:
Loger.writeError("!!%s [%s]" % (self.data.user.userName, e))
def __init__(self, data):
'''
Constructor
'''
self.token = os.urandom(4).encode('hex')
self._palette = [('message','black','dark cyan'),
('alert','dark red','black'),
('bg', 'black', 'black'),]
self.message = urwid.Text(_(u"Enter the Token for the sessionID: %s") % data.sessionID, align='center')
self.response = urwid.Edit(u"",align='center')
self.alert = urwid.Text(u"",align='center')
try:
if self.sendEmail: email = EmailSender(data.user,self.token,data.sessionID)
except Exception as e:
Loger.writeError("Error sending eMail Token SMS to %s [%s" % (data.user.email,e))
self.alert.set_text(u"%s" % e)
try:
if self.sendEmail: SMSSender(data.user,self.token,data.sessionID)
except Exception as e:
Loger.writeError("Error sending SMS Token SMS to %s [%s]" % (data.user.getFullName(),e))
self.alert.set_text(u"%s" % e)
def __init__(self, blackHole, widget, size):
"""
* blackHole: blackHole object
* widget: HostTree object
* size: size of the terminal
"""
self.blackHole = blackHole
self.hostConnection = widget.hostConnectionObject
self.widget = widget
self.size = size
self.userConnection = self.hostConnection.getConnectionUser(self.blackHole.data.user)
self.enterCount = 0
self.keyCount = 0
self.sessionStartDate = datetime.now()
self.sessionStopDate = None
self.closed = False
self.logFile = None
try:
paramiko_log_file = "/tmp/blackhole_%s.debug.log" % self.blackHole.data.user.userName
if not os.path.exists(paramiko_log_file):
open(paramiko_log_file, 'w').close()
paramiko.util.log_to_file(paramiko_log_file)
try:
#Create the Socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(3)
sock.connect((self.hostConnection.host.ip, self.hostConnection.host.port))
except Exception as e:
exceptionMsg = "*** Connect failed: [%s] to %s" % (str(e), self.hostConnection.host.name)
Loger.writeError(exceptionMsg)
raise Exception(exceptionMsg)
try:
# Create the Transport
t = paramiko.Transport(sock)
try:
#Connect to the ssh server
t.start_client()
try:
t.auth_publickey(self.userConnection, self.widget.pk)
Loger.write("[login] user=%s to=%s as=%s sessionID=%s" % (self.blackHole.data.user.userName, self.hostConnection.host.name, self.userConnection, self.blackHole.data.sessionID))
except paramiko.SSHException as e:
t.close()
sock.close()
Loger.writeError("%s [%s] %s " % (self.blackHole.data.user.userName, self.hostConnection.host.name, e.message))
raise Exception(e)
chan = t.open_session()
cols, rows = size
chan.get_pty('xterm', cols, rows)
chan.invoke_shell()
self.interactiveShell(chan)
chan.close()
t.close()
sock.close()
self.closeLog()
except paramiko.SSHException as e:
exceptionMsg = '*** SSH negotiation failed to %s.' % self.hostConnection.host.name
Loger.writeError(exceptionMsg)
t.close()
sock.close()
raise Exception(exceptionMsg)
except Exception as e:
raise(e)
except Exception as e:
raise Exception(e)
except Exception as e:
raise Exception(e)
def interactiveShell(self, chan):
signal.signal(signal.SIGHUP, self.closeLog)
oldtty = termios.tcgetattr(sys.stdin)
log = self.blackHole.data.user.logEnable
if log:
try:
if os.path.isdir(os.path.join(self.blackHole.settings.log_path, self.blackHole.data.user.profile.name)):
logFile = "%s/%s/%s-%s-%s-%i_%s.log" % (self.blackHole.settings.log_path,
self.blackHole.data.user.profile.name,
self.blackHole.data.user.userName,
self.userConnection,
self.hostConnection.host.name,
self.blackHole.data.sessionID,
self.sessionStartDate.strftime("%Y%m%d_%H%M%S"))
else:
Loger.writeError("[ERROR] Log Path don't Exists: %s" % os.path.join(self.blackHole.settings.log_path, self.blackHole.data.user.profile.name))
logFile = "%s/%s-%s-%s-%i_%s.log" % (self.blackHole.settings.log_path,
self.blackHole.data.user.userName,
self.userConnection,
self.hostConnection.host.name,
self.blackHole.data.sessionID,
self.sessionStartDate.strftime("%Y%m%d_%H%M%S"))
self.logFile = logFile
file = open(logFile, 'w')
os.chmod(file.name, stat.S_IRUSR | stat.S_IRGRP | stat.S_IWRITE | stat.S_IWGRP | stat.S_IROTH)
except Exception as e:
raise Exception("Creating log File [%s]" % e)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
if log:
file.write("-------------- TIME STAMP: %s --------------\n" % self.sessionStartDate.strftime("%Y-%m-%d %H:%M"))
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = chan.recv(1024)
if len(x) == 0:
break
if log:
try:
file.write(str(x).decode().replace('\r', ''))
file.flush()
os.fsync(file.fileno())
except:
file.write(str(x))
file.flush()
os.fsync(file.fileno())
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
break
#raise Exception(e)
if sys.stdin in r:
x = os.read(sys.stdin.fileno(), 1)
if len(x) == 0:
break
chan.send(x)
if log:
if chr(13) in x:
file.write("\n[TIME STAMP: %s ]\n" % datetime.now().strftime("%Y-%m-%d %H:%M"))
file.flush()
os.fsync(file.fileno())
self.enterCount += 1
else:
self.keyCount += 1
except:
pass
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
if log:
file.close()
def __init__(self, user):
messageString = _("The user %(username)s is only enabled from %(from)s to %(to)s")
self.message = messageString % {'username':user.getFullName(),
'from':user.timeFrom,
'to':user.timeTo}
Loger.writeError(self.message)
def __init__(self, user):
messageString = _("The user %(username)s is only enabled from %(from)s to %(to)s")
self.message = messageString % {'username': user.getFullName(),
'from': user.timeFrom,
'to': user.timeTo}
Loger.writeError(self.message)
def __init__(self, user):
self.message = _("The user %s is not enabled.") % user.getFullName()
Loger.writeError(self.message)
def __init__(self, _message):
self.message = _("Error Loading Settings: %s") % _message
Loger.writeError(self.message)
def __init__(self, fileName):
self.fileName = fileName
self.message = _("File %s is Missing") % self.fileName
Loger.writeError(self.message)
def __init__(self, widget, size):
"""
* blackHole: blackHole object
* widget: HostTree object
* size: size of the terminal
"""
self.blackHole = blackHole.BlackHole.instance
self.hostConnection = widget.hostConnectionObject
self.widget = widget
self.size = size
self.userConnection = self.hostConnection.getConnectionUser(
self.blackHole.data.user)
self.sessionStartDate = datetime.now()
self.sessionStopDate = None
self.closed = False
self.logFile = None
try:
paramiko.util.logging.getLogger().setLevel(30)
try:
#Create the Socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(3)
sock.connect((self.hostConnection.host.ip,
self.hostConnection.host.port))
except Exception as e:
exceptionMsg = "*** Connect failed: [%s] to %s" % (
str(e), self.hostConnection.host.name)
Loger.writeError(exceptionMsg)
raise Exception(exceptionMsg)
try:
# Create the Transport
t = paramiko.Transport(sock)
try:
#Connect to the ssh server
t.start_client()
try:
t.auth_publickey(self.userConnection, self.widget.pk)
Loger.write(
"[login] user=%s to=%s as=%s sessionID=%s" %
(self.blackHole.data.user.userName,
self.hostConnection.host.name,
self.userConnection,
self.blackHole.data.sessionID))
except paramiko.SSHException as e:
t.close()
sock.close()
Loger.writeError(
"%s [%s] %s " %
(self.blackHole.data.user.userName,
self.hostConnection.host.name, e.message))
raise Exception(e)
chan = t.open_session()
cols, rows = size
chan.get_pty('xterm', cols, rows)
chan.invoke_shell()
self.interactiveShell(chan)
chan.close()
t.close()
sock.close()
self.closeLog()
except paramiko.SSHException as e:
exceptionMsg = '*** SSH negotiation failed to %s.' % self.hostConnection.host.name
Loger.writeError(exceptionMsg)
t.close()
sock.close()
raise Exception(exceptionMsg)
except Exception as e:
raise e
except Exception as e:
raise Exception(e)
except Exception as e:
raise Exception(e)
def interactiveShell(self, chan):
signal.signal(signal.SIGHUP, self.closeLog)
oldtty = termios.tcgetattr(sys.stdin)
log = self.blackHole.data.user.logEnable
if log:
try:
if os.path.isdir(
os.path.join(self.blackHole.settings.log_path,
self.blackHole.data.user.profile.name)):
logFile = "%s/%s/%s-%s-%s-%i_%s.log" % (
self.blackHole.settings.log_path,
self.blackHole.data.user.profile.name,
self.blackHole.data.user.userName, self.userConnection,
self.hostConnection.host.name,
self.blackHole.data.sessionID,
self.sessionStartDate.strftime("%Y%m%d_%H%M%S"))
else:
Loger.writeError(
"[ERROR] Log Path don't Exists: %s" %
os.path.join(self.blackHole.settings.log_path,
self.blackHole.data.user.profile.name))
logFile = "%s/%s-%s-%s-%i_%s.log" % (
self.blackHole.settings.log_path,
self.blackHole.data.user.userName, self.userConnection,
self.hostConnection.host.name,
self.blackHole.data.sessionID,
self.sessionStartDate.strftime("%Y%m%d_%H%M%S"))
self.logFile = logFile
file = open(logFile, 'w')
os.chmod(
file.name, stat.S_IRUSR | stat.S_IRGRP | stat.S_IWRITE
| stat.S_IWGRP | stat.S_IROTH)
except Exception as e:
raise Exception("Creating log File [%s]" % e)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
if log:
file.write("-------------- TIME STAMP: %s --------------\n" %
self.sessionStartDate.strftime("%Y-%m-%d %H:%M"))
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = chan.recv(1024)
if len(x) == 0:
break
if log:
try:
file.write(str(x).decode().replace('\r', ''))
file.flush()
os.fsync(file.fileno())
except:
file.write(str(x))
file.flush()
os.fsync(file.fileno())
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
break
#raise Exception(e)
if sys.stdin in r:
x = os.read(sys.stdin.fileno(), 1)
if len(x) == 0:
break
chan.send(x)
except:
pass
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
if log:
file.close()
def __init__(self, fileName):
self.fileName = fileName
self.message = _("File %s is Missing") % self.fileName
Loger.writeError(self.message)
def __init__(self, _message):
self.message = _("Error Loading Settings: %s") % _message
Loger.writeError(self.message)
def __init__(self, userName):
self.message = _("Unknown User [%s]") % userName
Loger.writeError(self.message)
def __init__(self, userName):
self.message = _("Unknown User [%s]") % userName
Loger.writeError(self.message)
def __init__(self, _message=""):
self.message = _("DataBase Error: %s ") % _message
Loger.writeError(self.message)
def __init__(self, user):
self.message = _("The user %s is not enabled.") % user.getFullName()
Loger.writeError(self.message)
def __init__(self):
self.message = _("Missing BlackHole Instance")
Loger.writeError(self.message)
def __init__(self, _message=""):
self.message = _("DataBase Error: %s ") % _message
Loger.writeError(self.message)
