コード例 #1
0
ファイル: host.py プロジェクト: lschulz/scion-ixp-testbed 
    def _establish_ssh_session(self):
        # Connect to remote host.
        try:
            sock = socket.create_connection(
                (str(self._ssh_host), self._ssh_port))
        except Exception:
            log.error("Cannot connect to host '%s' (%s, %d).", self.name,
                      self._ssh_host, self._ssh_port)
            raise

        # SSH handshake.
        ssh_session = Session()
        ssh_session.handshake(sock)

        # Verify host key. Accept keys from previously unknown hosts on first connection.
        hosts = ssh_session.knownhost_init()
        testbed_root = os.path.dirname(os.path.abspath(inspect.stack()[-1][1]))
        known_hosts_path = os.path.join(testbed_root, KNOWN_HOSTS_FILE)
        try:
            hosts.readfile(known_hosts_path)
        except ssh2.exceptions.KnownHostReadFileError:
            pass  # ignore, file is created/overwritten later

        host_key, key_type = ssh_session.hostkey()
        server_type = None
        if key_type == LIBSSH2_HOSTKEY_TYPE_RSA:
            server_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA
        else:
            server_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS
        type_mask = LIBSSH2_KNOWNHOST_TYPE_PLAIN | LIBSSH2_KNOWNHOST_KEYENC_RAW | server_type

        try:
            hosts.checkp(
                str(self._ssh_host).encode('utf-8'), self._ssh_port, host_key,
                type_mask)
        except ssh2.exceptions.KnownHostCheckNotFoundError:
            log.warn("Host key of '%s' (%s, %d) added to known hosts.",
                     self.name, self._ssh_host, self._ssh_port)
            hosts.addc(
                str(self._ssh_host).encode('utf-8'), host_key, type_mask)
            hosts.writefile(known_hosts_path)
        except ssh2.exceptions.KnownHostCheckMisMatchError:
            log.error("Host key of '%s' (%s, %d) does not match known key.",
                      self.name, self._ssh_host, self._ssh_port)
            raise

        # Authenticate at remote host.
        try:
            if self._identity_file is None:
                ssh_session.agent_auth(self._username)
            else:
                ssh_session.userauth_publickey_fromfile(
                    self._username, self._identity_file)
        except Exception:
            log.error("Authentication at host '%s' (%s, %d) failed.",
                      self.name, self._ssh_host, self._ssh_port)
            ssh_session.disconnect()
            raise

        return ssh_session
コード例 #2
0
# Make socket, connect
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((host, 22))

# Initialise
session = Session()
session.handshake(sock)

host_key, key_type = session.hostkey()

server_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA \
                  if key_type == LIBSSH2_HOSTKEY_TYPE_RSA \
                     else LIBSSH2_KNOWNHOST_KEY_SSHDSS

kh = session.knownhost_init()
_read_hosts = kh.readfile(known_hosts)
print("Read %s hosts from known hosts file at %s" % (_read_hosts, known_hosts))

# Verification
type_mask = LIBSSH2_KNOWNHOST_TYPE_PLAIN | \
            LIBSSH2_KNOWNHOST_KEYENC_RAW | \
            server_key_type
kh.checkp(host, 22, host_key, type_mask)
print("Host verification passed.")

# Verification passed, continue with authentication
session.agent_auth(user)

channel = session.open_session()
channel.execute('echo me')