Created
April 27, 2018 02:45
-
-
Save tintoy/443c42ea3865680cd624039c4bb46219 to your computer and use it in GitHub Desktop.
SSH via jump-hosts using Paramiko
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import os | |
| import paramiko | |
| ssh_key_filename = os.getenv('HOME') + '/.ssh/id_rsa' | |
| jumpbox_public_addr = '168.128.52.199' | |
| jumpbox_private_addr = '10.0.5.10' | |
| target_addr = '10.0.5.20' | |
| jumpbox=paramiko.SSHClient() | |
| jumpbox.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
| jumpbox.connect(jumpbox_public_addr, username='root', key_filename=ssh_key_filename) | |
| jumpbox_transport = jumpbox.get_transport() | |
| src_addr = (jumpbox_private_addr, 22) | |
| dest_addr = (target_addr, 22) | |
| jumpbox_channel = jumpbox_transport.open_channel("direct-tcpip", dest_addr, src_addr) | |
| target=paramiko.SSHClient() | |
| target.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
| target.connect(target_addr, username='root', key_filename=ssh_key_filename, sock=jumpbox_channel) | |
| stdin, stdout, stderr = target.exec_command("ifconfig") | |
| for line in stdout.read().split(b'\n'): | |
| print(str(line)) | |
| target.close() | |
| jumpbox.close() |
When I tried to run multiple commands, the ssh session close at the second command:
I only add this code:
command_list = ["show ver", "show run"]
for command in command_list:
stdin, stdout, stderr = target.exec_command(command)
for line in stdout.read().split(b'\n'):
print(str(line))
I got the error:
raise SSHException("SSH session not active")
paramiko.ssh_exception.SSHException: SSH session not active
Any ideas guys?
I am trying jumpssh library:
https://pypi.org/project/jumpssh/
Thank you for your response : )
Is it possible to do the jump host without authentication on the first host?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have the same problem with a Nokia OLT and ZTE LTE I do not know what happened this is my logging
DEBUG:invoke:Collection-driven: {}
DEBUG:invoke:System-wide config file has not been loaded yet, skipping
DEBUG:invoke:Per-user config file (C:\Users\Erik/.fabric.py): {}
DEBUG:invoke:Per-project config file has not been loaded yet, skipping
DEBUG:invoke:Environment variable config: {}
DEBUG:invoke:Runtime config file has not been loaded yet, skipping
DEBUG:invoke:Overrides: {}
DEBUG:invoke:Modifications: {'inline_ssh_env': True}
DEBUG:invoke:Deletions: {}
DEBUG:paramiko.transport:[chan 5] Max packet in: 32768 bytes
DEBUG:paramiko.transport:[chan 5] Max packet out: 32768 bytes
DEBUG:paramiko.transport:Secsh channel 5 opened.
DEBUG:paramiko.transport:starting thread (client mode): 0x3ff0c9a0
DEBUG:paramiko.transport:Local version/idstring: SSH-2.0-paramiko_3.0.0
DEBUG:paramiko.transport:Remote version/idstring: SSH-2.0-IPSSH-1.12.0
INFO:paramiko.transport:Connected (version 2.0, client IPSSH-1.12.0)
DEBUG:paramiko.transport:=== Key exchange possibilities ===
DEBUG:paramiko.transport:kex algos: ecdh-sha2-nistp256, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
DEBUG:paramiko.transport:server key: ssh-rsa
DEBUG:paramiko.transport:client encrypt: aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, aes192-cbc, aes256-cbc, 3des-cbc, cast128-cbc, blowfish-cbc, arcfour, des-cbc
DEBUG:paramiko.transport:server encrypt: aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, aes192-cbc, aes256-cbc, 3des-cbc, cast128-cbc, blowfish-cbc, arcfour, des-cbc
DEBUG:paramiko.transport:client mac: hmac-sha2-256, hmac-sha2-512, hmac-sha1-96, hmac-sha1, hmac-md5-96, hmac-md5
DEBUG:paramiko.transport:server mac: hmac-sha2-256, hmac-sha2-512, hmac-sha1-96, hmac-sha1, hmac-md5-96, hmac-md5
DEBUG:paramiko.transport:client compress: none
DEBUG:paramiko.transport:server compress: none
DEBUG:paramiko.transport:client lang:
DEBUG:paramiko.transport:server lang:
DEBUG:paramiko.transport:kex follows: False
DEBUG:paramiko.transport:=== Key exchange agreements ===
DEBUG:paramiko.transport:Kex: ecdh-sha2-nistp256
DEBUG:paramiko.transport:HostKey: ssh-rsa
DEBUG:paramiko.transport:Cipher: aes128-ctr
DEBUG:paramiko.transport:MAC: hmac-sha2-256
DEBUG:paramiko.transport:Compression: none
DEBUG:paramiko.transport:=== End of kex handshake ===
DEBUG:paramiko.transport:kex engine KexNistp256 specified hash_algo
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-rsa host key for 172.30.61.25: b'8851ea3fddfa8ad6e2b0b202d7234016'
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:Auth banner: b'NOKIA iSAM 7360FX NAC-BOY.CHIQUIN2-B1-7360\n\n'
INFO:paramiko.transport:Authentication (password) successful!
DEBUG:paramiko.transport:[chan 0] Max packet in: 32768 bytes
DEBUG:paramiko.transport:[chan 0] Max packet out: 4096 bytes
DEBUG:paramiko.transport:Secsh channel 0 opened.
DEBUG:paramiko.transport:[chan 0] Sesch channel 0 request ok
DEBUG:paramiko.transport:[chan 0] EOF sent (0)
Error al ejecutar comando en equipo 172.30.61.25: Channel closed.
(False, 'Error al ejecutar comando en equipo 172.30.61.25: Channel closed.', '172.30.61.25')
DEBUG:paramiko.transport:EOF in transport thread
DEBUG:paramiko.transport:[chan 5] EOF sent (5)
DEBUG:paramiko.transport:Dropping user packet because connection is dead.
DEBUG:paramiko.transport:EOF in transport thread
DEBUG:paramiko.transport:Dropping user packet because connection is dead.