SSH is the defacto tool for connecting to Unix and Linux servers securely. Even though we can use the subprocess or OS modules to trigger commands for python its not the best practise. With the Python Paramiko module you don’t even need ssh installed on the system so it even works with windows system. You can find all the code over in my github page
In this blog post we will cover using paramiko to
- Connect to servers
- Copy some files
- Run some commands
Set up
For this post I will use two systems, one is my WSL (kali) Linux host and my Black Arch Linux host. You can find my installation guide to BlackArch on my blog.
| ssh server (BlackArch) | 192.168.186.150 |
| ssh client (kali on wsl) | 192.168.1.150 |
| Username | testuser |
| Password | testuserPassword |
Install Paramiko
The Python Paramiko moduel can be easily installed with pip
pip3 install paramiko
Client SSH Connections
Ssh client connections can be created with just three functions from the parmiko.SSHClient module .
| SSHClient | Creates an object for connections |
| set_missing_host_key_policy | Adds the host key so we can use it |
| connect | Connects to the system so we can run some stuff |
Connect with a password
You can use the below code to connect to a ssh server with a username and a password.
import paramiko
hostname = '192.168.186.150'
username = 'testuser'
password = 'testuserpassword'
#Return an ssh connection
def SSHClient():
sshClient = paramiko.SSHClient()
#Auto approve Adding the Hostkey.
sshClient.set_missing_host_key_policy(
paramiko.AutoAddPolicy()
)
sshClient.connect(
hostname=hostname,
username=username,
password=password
)
return sshClient
Connect with a ssh key
Paramiko also allows the connection to a remote system using a ssh key. Use the below code to connect with a ssh key.
import paramiko
hostname = '192.168.186.150'
username = 'testuser'
ssh_priv_key = '/home/tomkraz/.ssh/id_rsa'
#Return an ssh connection
def SSHClient():
sshClient = paramiko.SSHClient()
#Auto approve Adding the Hostkey.
sshClient.set_missing_host_key_policy(
paramiko.AutoAddPolicy()
)
sshClient.connect(
hostname=hostname,
username=username,
key_filename=ssh_priv_key
)
return sshClient
For the rest of this post I will use the the above code with the ssh public key.
Running a command with Paramiko
In order to run a remote command we will use a new function of the SSHClient class called “exec_command” . This function runs a command and returns a tuple with stdin, stdout and stderr. Below you will find some example of it in use.
def runRemoteCommand(command):
sshClient = SSHClient()
stdin, stdout, stderr = sshClient.exec_command(command)
return stdout.readlines()
cmdOutput = runRemoteCommand('cat /etc/passwd | head')
for i in cmdOutput:
print(i.strip())
Copying Files with Paramiko
Here we use a function from Paramiko.SSHClient called SFTPClient. This is used to open an SFTP session across an open SSH connection and allows to copy files too or from our server.
Get a file from a remote server.
To copy a file from a remote server to our local system we have to use a existing SSHClient connection like we created above, called sshClient.
sftpClient = sshClient.open_sftp()
sftpClient.get('/etc/hosts', '/tmp/hosts_get_test')
This will copy the file ‘/etc/hosts’ from the remote server into our system in ‘/tmp/hosts_get_test’.
Put a file onto a remote server
To copy a file from our local system to a remote server we have to use a existing SSHClient connection like we created above, called sshClient.
sftpClient = sshClient.open_sftp()
sftpClient.put('/etc/hosts', '/tmp/hosts_put_test')
This will copy the file ‘/etc/hosts’ from our local system to the remote server under ‘/tmp/hosts_put_test’.
This SFTPClient object that was create has more options than just copying. Once you get beyond the basics take a look over at the Paramiko document site for sftp
Windows Hosts
99% of windows hosts do not have ssh clients installed. Luckily the Python Paramiko module does not need it installed to function. The code above works in windows as well as Linux. Take a look at the screen of of idle running from windows, using the code above and running the command ‘uname -a’ on a remote Linux server.
Wrap-Up
The Python Paramiko module is a great tool for using ssh to run command or copy files to and from remote servers. If you found this useful or would like to add a comment use the comment section below.
Be First to Comment