Python wrapper around OpenSSH client intended to execute commands on remote servers. NetAngels/openssh-wrapper. Welcome to pyOpenSSL’s documentation!¶ Release v20.0.1 (What’s new?pyOpenSSL is a rather thin wrapper around (a subset of) the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Elliptic curves¶ OpenSSL.crypto.getellipticcurves ¶ Return a set of objects representing the elliptic curves supported in the OpenSSL build in use. The curve objects have a unicode name attribute by which they identify themselves. The curve objects are useful as values for the argument accepted by Context.settmpecdh to specify which elliptical curve should be used for ECDHE key exchange.
There are multiple options to use SSH in Python but Paramiko is the most popular one. Paramiko is an SSHv2 protocol library for Python. In this lesson, I’ll show you how to use Paramiko to connect to a Cisco IOS router, run a show command, and return the output to us.
Configuration
Here is the topology:
I’ll use a Cisco IOS router running IOS Version 15.7(3)M3 and I’ll run the Python code from my computer.
Router
On the router, we need to enable SSH:
I configured an “admin” user with privilege level 15 so that we have full access to the router once we log in.
Python
We need to install Paramiko, which is easy with PIP:
We are now ready to try some code.
Sample Code
In our first example, here’s what we try to accomplish:
- Connect to the router with username/password authentication.
- Run the
show ip route
command. - Look for the default route in the output and show it to us.
Here is my code:
When we run this code, here’s what we get:
This is nice. We managed to connect to the router, run the show ip route
command, and look for the default route.
Improved Sample Code
How could we improve this script with some of the things we learned? For example:
- Our code runs a single command. How about we use a function so we can use our code to connect to different devices and run different commands?
- What if our SSH connection fails? It would be nice to deal with this with a try/except block. How about we try to attempt to connect multiple times?
Let’s see what we can do. Here is my improved code:
What did I change?
- I created a function to contain the code used to connect to the router.
- I added a
try/except
block for the connection with multiple attempts. When the connection fails, it shows the reason. - An extra check to see if the router output contains any information.
Verification
Let’s run our code again to see if it works.
Wrong Password
When you supply a wrong password, you get this output:
This looks good. Our code attempted to connect three times and showed the reason why it was unable to connect.
Host unavailable
When your host is unavailable, you get this output:
Once again, three attempts to connect and it shows the reason why our script failed.
Conclusion
You have now learned how you can connect to a device using SSH and Python. Although this works, it might not be the best solution. In this example, I ran the show ip route
command and looked for the default route. This is simple, but what if you want to parse show commands that have a lot of information?
It’s possible to parse the output of show commands like this using regular expressions but it’s a pain. Instead, if possible, it’s better to use a REST API where the device returns the output in JSON format. Parsing JSON in Python is much easier.
I hope you enjoyed this lesson. If you have any questions feel free to leave a comment!
Python Openssh Server
How to install openssh-wrapper
- Download and install ActivePython
- Open Command Prompt
- Type
pypm install openssh-wrapper
Python 2.7 | Python 3.2 | Python 3.3 | ||||||||
---|---|---|---|---|---|---|---|---|---|---|
Windows (32-bit) |
| |||||||||
Windows (64-bit) |
| |||||||||
Mac OS X (10.5+) |
| |||||||||
Linux (32-bit) |
| |||||||||
Linux (64-bit) |
|
Links
Author
License
Imports
Lastest release
Under some circumstances simple wrapper around OpenSSH ssh command-lineutility seems more preferable than paramiko machinery.
This project proposes yet another hopefully thin wrapper around ssh toexecute commands on remote servers. All you need thereis to make sure thatOpenSSH client and Python interpreter are installed, and then installopenssh-wrapper package.
Usage sample
Simple command execution
If python interpreter is installed on a remote machine, you can also run piecesof python code remotely. The same is true for any other interpreter which canexecute code from stdin
Yet another userful run method option is forward_ssh_agent (the featurewhich paramiko doesn't yet have). Suppose you have access as support to foobarserver while root@localhost does not, so you can take advantage of SSH agentforwarding
Python Openssl Wrapper
There is a sample which shows how to copy a file from local toremote machine. You can also define owner and mode of the target
Python Openssh Sftp
You can also pass file-like objects instead of filenames to scp method. Behindthe scenes the method creates temporary files for you, send them to remotetarget and then removes everything which has been created: