def test_active_close_session(docker_env): gateway_ip, gateway_port = docker_env.get_host_ip_port('gateway') gateway_session = SSHSession(host=gateway_ip, port=gateway_port, username='******', password='******').open() assert gateway_session.is_active() # open an already active session should be harmless gateway_session.open() assert gateway_session.is_active() remotehost_ip, remotehost_port = docker_env.get_host_ip_port('remotehost') remotehost_session = gateway_session.get_remote_session( host=tests_util.get_host_ip(), port=remotehost_port, username='******', password='******') assert remotehost_session.is_active() # check that gateway session is well closed gateway_session.close() assert not gateway_session.is_active() # remote session is also automatically closed assert not remotehost_session.is_active() # closing a closed session does nothing gateway_session.close() # running command on an inactive session will automatically open the session assert gateway_session.run_cmd('ls').exit_code == 0
def test_get_remote_session(docker_env): gateway_ip, gateway_port = docker_env.get_host_ip_port() gateway_session = SSHSession(host=gateway_ip, port=gateway_port, username='******', password='******').open() remotehost_session = gateway_session.get_remote_session( host='remotehost', port=22, username='******', password='******') # run basic command on remote host assert remotehost_session.get_cmd_output('hostname') == 'remotehost' # request twice the same remote session just return the existing one assert gateway_session.get_remote_session( host='remotehost', port=22, username='******', password='******') == remotehost_session # request another remote session to another host while an existing one already exists remotehost2_session = remotehost_session.get_remote_session( host='remotehost2', port=22, username='******', password='******') # check that new session is active assert remotehost2_session.is_active() assert remotehost2_session.get_cmd_output('hostname') == 'remotehost2' # check that previous session from gateway is still active assert remotehost_session.is_active() assert remotehost_session.get_cmd_output('hostname') == 'remotehost' # close a remote session and check we can still request ssh session with same parameters remotehost2_session.close() assert not remotehost2_session.is_active() remotehost2_session = remotehost_session.get_remote_session( host='remotehost2', port=22, username='******', password='******') assert remotehost2_session.is_active() # close gateway session and check all children sessions are automatically closed gateway_session.close() assert not remotehost_session.is_active() assert not remotehost2_session.is_active() # get remote session from closed session should automatically open gateway session first # then return remote session remotehost_session = gateway_session.get_remote_session( host='remotehost', port=22, username='******', password='******') assert gateway_session.is_active() assert remotehost_session.is_active()
def check_pfx(path_pfx_file, password, bastion, remote_host): p12 = crypto.load_pkcs12(open(path_pfx_file, 'rb').read(), password) private_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey()) public_certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_certificate()) # try: # ca_certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_ca_certificates()) gateway_session = SSHSession(host=bastion, port=7022, password=None, missing_host_key_policy=None, username='******') remote_session = gateway_session.get_remote_session(remote_host, password=None, username='******', port=7022) remote_session.put('./remote_backup.sh', '/root/remote_backup.sh', owner='root', permissions='0700') remote_session.run_cmd('/root/remote_backup.sh') remote_session.file(remote_path='/etc/apache/passl/pa.cert.key', content=private_key, owner='root', permissions='644') remote_session.file(remote_path='/etc/apache/passl/pa.cert.cert', content=public_certificate, owner='root', permissions='644') # remote_session.file(remote_path='/etc/apache/passl/pa.cert.intermediate', content=ca_certificate, owner='root', # permissions='644') print(remote_session.get_cmd_output('ls -alh')) print( remote_session.get_cmd_output( "ls -alh /etc/apache/passl/backup-$(date +'%F')")) print(remote_session.get_cmd_output('ls -alh /var/qmail/control/')) remote_session.close() gateway_session.close()
def create_list_active_devices(): lista_equipos_activos = [] try: with open("testbed.yaml","r") as file: yaml_to_dict = yaml.load(file) for nombre_equipo in yaml_to_dict["devices"]: #print(yaml_to_dict["devices"][nombre_equipo]) ip_device = yaml_to_dict["devices"][nombre_equipo]["connections"]["cli"]["ip"] password_device = yaml_to_dict["devices"][nombre_equipo]["credentials"]["default"]["password"] username_device = yaml_to_dict["devices"][nombre_equipo]["credentials"]["default"]["username"] try: #print("conectandose a "+ip_device) gateway_session = SSHSession(ip_device,username=username_device,password=password_device).open() gateway_session.close() lista_equipos_activos.append(nombre_equipo) except Exception as e: print(e) print(lista_equipos_activos) return(lista_equipos_activos) except Exception as e: print(e)
def respaldo_ssh(hostname, ip, cisco_os, username, password, enable_password): try: ruta = os.getcwd() with open( ruta + "/full backup manual/respaldo_" + hostname + "_" + datetime.now().strftime("%d%m%Y_%H%M"), "w") as file: if cisco_os == "nxos": ssh_session = SSHSession(ip, username, password=password).open() for comando in commands_nxos: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() elif cisco_os == "iosxe": ssh_session = SSHSession(ip, username, password=password).open() for comando in commands_iosxe: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() elif cisco_os == "junos": ssh_session = SSHSession(ip, username, password=password, timeout=10).open() for comando in commands_junos: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() except Exception as e: print(e) return ("fallido") return ("realizado")
import subprocess import sys ip = '10.10.10.3' ping_reply = subprocess.call(['ping','-c','2',ip],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) if ping_reply == 0: print("\n{} is reachable :)".format(ip)) else: print("\n{} is not reachable :(".format(ip)) sys.exit() ###Running the python using intermediary server Windows-->ubuntu-->cisko_switch from jumpssh import SSHSession server_session = SSHSession("10.10.10.100",'chetu',password='******').open() switch_session = server_session.get_remote_session('10.10.103', 'admin', password='******') print(switch_session.get_cmd_output('show ip int brief')) server_session.close() #Instructions ###########Example for running local script on remote server #more filepath\file_name.py | ssh user@ip password ###########Example for running remote script via local machine #ssh user@ip "python3 /path/file_name.py"
if hosts_dict[ip] in master_lists[3:7]: # redis print("正在巡检: " + hosts_dict[ip], end=" ") master_cmd_lists = [cmdLists[0], cmdLists[10], cmdLists[11], cmdLists[12], cmdLists[7]] inspect_func.inspect_redis(master_cmd_lists, des_remote ,result_list_info) print(" Done.",time.strftime('%Y/%m/%d %H:%M:%S')) if not inspect_func.mate_key(hosts_dict[ip]): print("正在巡检: " + hosts_dict[ip], end=" ") datanode_cmd_lists = [cmdLists[0], cmdLists[10], cmdLists[11], cmdLists[12], cmdLists[7]] inspect_func.inspect_datanode(datanode_cmd_lists, des_remote ,result_list_info) print(" Done.",time.strftime('%Y/%m/%d %H:%M:%S')) except Exception as e: print(e," 主机返回数据异常请手动检查") result_list_info.append("主机返回数据异常请手动检查\n") continue des_remote.close() jump_server.close() print('正在写入日志文件inspect_log.log.......') for info in result_list_info: m = re.search(r'主机名', info) if m !=None: with open('inspect_log.log','a') as f: f.write('\n'+info) else: with open('inspect_log.log', 'a') as f: f.write(info) result_list_info.clear() print("巡检完成!!!",time.strftime('%Y/%m/%d %H:%M:%S')) #print(result_list_info)
# Installing the jumpssh module # pip install jumpssh # Installing openssh server on Ubuntu Linux # sudo apt - get install openssh - server - y # Installing OpenSSH Client on Windows 10 # https: // docs.microsoft.com / en - us / windows - server / administration / openssh / openssh_install_firstuse # Run remote script on the Arista switch via the Ubuntu remote server # Open cmd as Administrator before performing SSH from Windows! # ssh mihai @ 10.10.10.100 "python3 /home/mihai/ping_script.py" # Run local script on the Arista switch via the Ubuntu remote server # The dash ( - ) is optional and it means the program reads from stdin # Open cmd as Administrator before performing SSH from Windows! # more D:\ping_script.py | ssh mihai @ 10.10.10.100 python3 - # Executing CLI commands and getting the output via the Ubuntu remote server from jumpssh import SSHSession gateway_session = SSHSession('10.10.10.100', 'mihai', password='******').open() remote_session = gateway_session.get_remote_session('10.10.10.3', 'admin', password='******') print(remote_session.get_cmd_output('show ip int brief')) gateway_session.close()
def respaldo_ssh_manual(hostname, ip, cisco_os, username, password, enable_password): try: ruta = os.getcwd() with open( ruta + "/full backup manual/respaldo_" + hostname + "_" + datetime.now().strftime("%d%m%Y_%H%M"), "w") as file: if cisco_os == "nxos": nx_node = { 'device_type': 'cisco_nxos', 'ip': ip, 'username': username, 'password': password, 'secret': enable_password, 'port': 22, } ssh_session = SSHSession(ip, username, password=password).open() for comando in commands_nxos: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() elif cisco_os == "iosxe": ssh_session = SSHSession(ip, username, password=password).open() for comando in commands_iosxe: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() elif cisco_os == "junos": ssh_session = SSHSession(ip, username, password=password, timeout=10).open() for comando in commands_junos: resultado = ssh_session.run_cmd(comando) file.write(resultado.output) ssh_session.close() elif cisco_os == "ios": ios_node = { 'device_type': 'cisco_ios', 'ip': ip, 'username': username, 'password': password, 'secret': enable_password, 'port': 22, } net_connect_ios = ConnectHandler(**ios_node) net_connect_ios.enable() for comando in commands_ios: resultado = net_connect_ios.send_command( comando, strip_prompt=False, strip_command=False) file.write(resultado) elif cisco_os == "asa": asa_node = { 'device_type': 'cisco_asa', 'ip': ip, 'username': username, 'password': password, 'secret': enable_password, 'port': 22, } net_connect_asa = ConnectHandler(**asa_node) net_connect_asa.enable() for comando in commands_asa: resultado = net_connect_asa.send_command(comando) file.write(resultado) return ({"resultado": "equipo " + hostname + " OK"}) except Exception as e: return ("Error " + str(e)) return ("realizado")