Last active
September 30, 2016 23:06
-
-
Save mathrick/1b2ead63553f2bfc8d3e129e1d4512e2 to your computer and use it in GitHub Desktop.
Paramiko rekeying failure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import argparse | |
import paramiko | |
import sys | |
import time | |
DATAFILE = '/tmp/file.txt' | |
class AcceptPolicy(paramiko.client.MissingHostKeyPolicy): | |
def missing_host_key(*args): | |
return | |
parser = argparse.ArgumentParser() | |
parser.add_argument("--sftp", action='store_true', help="Use SFTP channel (default is session)") | |
parser.add_argument("host", type=str, help="Hostname to connect to") | |
parser.add_argument("--username", "-u", type=str, help="Username to use") | |
parser.add_argument("--rekey", type=int, default=100, help="Rekey interval in kilobytes (default 100)") | |
args = parser.parse_args() | |
client = paramiko.SSHClient() | |
client.set_missing_host_key_policy(AcceptPolicy()) | |
client.connect(hostname=args.host, username=args.username) | |
transport = client.get_transport() | |
packetizer = transport.packetizer | |
packetizer.REKEY_BYTES = 1024 * args.rekey | |
print "REKEY_BYTES: {}".format(packetizer.REKEY_BYTES) | |
print "REKEY_PACKETS: {}".format(packetizer.REKEY_PACKETS) | |
if not args.sftp: | |
print "Using SSHClient, which should fail in rekeying" | |
count = 0 | |
while True: | |
stdin, stdout, stderr = client.exec_command('cat {}'.format(DATAFILE)) | |
rekey = False | |
for line in stdout: | |
if not rekey: | |
if transport.packetizer.need_rekey(): | |
print "Need rekey" | |
rekey = True | |
count += 1 | |
print "Read file {} times".format(count) | |
time.sleep(2) | |
else: | |
print "Using SFTPClient, which should succeed in rekeying" | |
sftp = paramiko.sftp_client.SFTPClient.from_transport(transport) | |
count = 0 | |
while True: | |
with sftp.file(DATAFILE) as stdout: | |
rekey = False | |
for line in stdout: | |
if not rekey: | |
if transport.packetizer.need_rekey(): | |
print "Need rekey" | |
rekey = True | |
count += 1 | |
print "Read file {} times".format(count) | |
time.sleep(2) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment