Home > PYTHON > Paramiko: SSH and SFTP With Python

Paramiko: SSH and SFTP With Python

March 17th, 2010

pythonParamiko is a module for python 2.2 (or higher) that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines.

Emphasis is on using SSH2 as an alternative to SSL for making secure connections between python scripts. All major ciphers and hash methods are supported. SFTP client and server mode are both supported too.

Installing paramiko

First, we need to install paramiko, if you don’t have it already.

On Ubuntu/Debian:

$ sudo apt-get install python-paramiko

On Gentoo Linux:

$ emerge paramiko

Or install from source:

$ wget http://www.lag.net/paramiko/download/paramiko-1.7.6.tar.gz
$ tar xzf paramiko-1.7.6.tar.gz
$ cd paramiko-1.7.6
$ python setup.py build
$ su -c "python setup.py install"

Working with paramiko

SSHClient is the main class provided by the paramkio module. It provides the basic interface you are going to want to use to instantiate server connections. The above code creates a new SSHClient object, and then calls ”connect()” to connect us to the local SSH server.

Here’s a simple example:

import paramiko
ssh = paramiko.SSHClient()
ssh.connect('192.168.1.2', username='vinod', password='screct')

Another way is to use an SSH key:

import paramiko
import os
privatekeyfile = os.path.expanduser('~/.ssh/id_rsa')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)
ssh.connect('192.168.1.2', username = 'vinod', pkey = mykey)

Running Simple Commands

Lets run some simple commands on a remote machine.

import paramiko
 
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('beastie', username='vinod', password='secret')
stdin, stdout, stderr = ssh.exec_command('df -h')
print stdout.readlines()
ssh.close()

“paramiko.AutoAddPolicy()” which will auto-accept unknown keys.

Using sudo in running commands:

import paramiko
 
cmd    = "sudo /etc/rc.d/apache2 restart"
 
ssh    = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('beastie', username='vinod', password='secret')
stdin, stdout, stderr = ssh.exec_command(cmd)
stdin.write('secret\n')
stdin.flush()
print stdout.readlines()
ssh.close()

Secure File Transfer Using SFTPClient

SFTPClient is used to open an sftp session across an open ssh Transport and do remote file operations.

An SSH Transport attaches to a stream (usually a socket), negotiates an encrypted session, authenticates, and then creates stream tunnels, called Channels, across the session. Multiple channels can be multiplexed across a single session (and often are, in the case of port forwardings).

First we will create a Transport

import paramiko
import os
privatekeyfile = os.path.expanduser('~/.ssh/id_rsa')
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)
username = 'vinod'
transport.connect(username = username, pkey = mykey)

Now we can start the SFTP client:

sftp = paramiko.SFTPClient.from_transport(transport)

Now lets pull a file across from the remote to the local system:

remotepath='/var/log/system.log'
localpath='/tmp/system.log'
sftp.get(remotepath, localpath)

Now lets push a file to remote system:

remotepath='/var/www/images/file.png'
localpath='/tmp/file.png'
sftp.put(remotepath, localpath)

Finally, close the SFTP connection and the transport:

sftp.close()
transport.close()

Happy SSHing :-)

Categories: PYTHON Tags: ,
  1. February 18th, 2011 at 08:28 | #1

    Thanks for the concise tutorial vind! This was all I needed to write a simple python script which runs some remote commands over SSH.

  2. grillermo
    April 20th, 2011 at 03:52 | #2

    These code does not work with python 2.7 and the latest paramiko 1.7.4, in windows.

  1. March 18th, 2010 at 23:48 | #1
  2. March 20th, 2010 at 20:35 | #2
  3. March 22nd, 2010 at 19:09 | #3
  4. March 23rd, 2010 at 13:40 | #4
Comments are closed.