How to use python paramiko connect ssh server

Posted on Edited on In , , , , , , , , , , , Word count in article: 4k Reading time ≈ 4 mins.
How to use python paramiko connect ssh server

How to use python paramiko connect ssh server

Python Paramiko

Paramiko is a Python (2.7, 3.4+) implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low-level cryptography (Cryptography), Paramiko itself is a pure Python interface around SSH networking concepts.

Install Paramiko

1
pip install paramiko

Connect SSH Server

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# -*- coding: utf-8 -*-
# This is a small tool to report on successful logins
# to accounts other than those listed in the variable
# expected.  Such a report might lead to an investigation
# into how and why those other accounts were logging in.

import paramiko
import os

# connection the agent host use user and password or use private key and publish key
def connect(host, port, user, password):
    try:
        ssh = paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        ssh.connect(host, port, user, password)
        return ssh
    except Exception as e:
        print('[-] Error connecting to host: ' + str(e))
        return None

# connection the agent host use private key and publish key
def connect_key(host, port, user, key):
    try:
        ssh = paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        ssh.connect(host, port, user, key_filename=key)
        return ssh
    except Exception as e:
        print('[-] Error connecting to host: ' + str(e))
        return None

    
# execute command
def execute(ssh, command):
    try:
        stdin, stdout, stderr = ssh.exec_command(command)
        return stdout.read()
    except Exception as e:
        print('[-] Error executing command: ' + str(e))
        return None
    
# close connection
def close(ssh):
    ssh.close()

# main function
def main():
    host = ''
    port = 22
    user = "root"
    password = ""
    ssh = connect(host, port, user, password)
    if ssh:
        print(execute(ssh, 'ls -l'))

        # push server publish key to remote server
        
        # if the private key and publish key is not exist, generate it

        if os.path.exists(host + '_private.key') and os.path.exists(host + '_public.key'):
            print('[-] The private key and publish key is exist')
            return

        # generate the private key and publish key
        key = paramiko.RSAKey.generate(2048)
        public_key = key.get_base64()
        private_key = key.get_base64()

        # push the public key to remote server

        public_key = f"ssh-rsa {public_key} {user}@{host}"

        execute(ssh, 'echo ' + public_key + ' >> ~/.ssh/authorized_keys')

        print(public_key)

        # save the private key to local
        key.write_private_key_file(host + '_private.key')
        # save the public key to local
        with open(host + '_public.key', 'w') as public_key_file:
            public_key_file.write(public_key)

        close(ssh)
    else:
        print('[-] Connection failed')

def main_key():
    host = ''
    port = 22
    user = "root"
    ssh = connect_key(host, port, user, key= host + '_private.key')
    if ssh:
        print(execute(ssh, 'ls -l'))

        # check the public key is exist in remote server
        public_key = open(host + '_public.key', 'r').read()
        public_key = public_key.strip()
        print(public_key)
        authorized_keys = execute(ssh, 'cat ~/.ssh/authorized_keys')
        print(authorized_keys)
        if public_key in authorized_keys.decode("utf-8"):
            print('[-] The public key is exist')
        else:
            # push the public key to remote server
            execute(ssh, 'echo ' + public_key + ' >> ~/.ssh/authorized_keys')

        # install the agent to remote server

        # check the agent is exist in remote server

        # if not exist, push the agent to remote server

        # generate the agent config file

        # push the agent config file to remote server

        # start the agent


        close(ssh)
    else:
        print('[-] Connection failed')

if __name__ == '__main__':
    # main()
    main_key()

When you have managed to connect to the server, you can execute commands on the server. You can also push the public key to the server and install the agent on the server.

The agent is a small tool to report on successful logins to accounts other than those listed in the variable expected. Such a report might lead to an investigation into how and why those other accounts were logging in.

Conclusion

In this article, we introduce how to use python paramiko connect ssh server.

Reference