将 Paramiko AutoAddPolicy 与 pysftp 结合使用
Use Paramiko AutoAddPolicy with pysftp
此代码无效:
def sftp_connection(self):
import pysftp
connection = pysftp.Connection(self.host, username=self.system_name,
private_key=os.path.join(HOME, '.ssh', 'id_rsa'))
# in the next lines I try to use AutoAddPolicy
client = connection.sftp_client()
client.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
client.set_missing_host_key_policy(paramiko.client.AutoAddPolicy)
return connection
这是例外情况:
Traceback (most recent call last):
File "/home/u/src/myapp-glo/myapp_doxis_archiv/tests/test_doxis_archiv.py", line 85, in test_beleg_to_archiv__ftpservercontext
info_dict = beleg_to_archiv(beleg, self.archiv_belegart)
File "/home/u/src/myapp-glo/myapp_doxis_archiv/beleg_to_archiv.py", line 28, in beleg_to_archiv
transfer_log=send_data_via_ftp(temp_directory, archiv_belegart.doxis_archiv)
File "/home/u/src/myapp-glo/myapp_doxis_archiv/beleg_to_archiv.py", line 71, in send_data_via_ftp
with doxis_archiv.sftp_connection() as sftp:
File "/home/u/src/myapp-glo/myapp_doxis_archiv/models.py", line 43, in sftp_connection
private_key=os.path.join(HOME, '.ssh', 'id_rsa'))
File "/home/u/local/lib/python2.7/site-packages/pysftp/__init__.py", line 132, in __init__
self._tconnect['hostkey'] = self._cnopts.get_hostkey(host)
File "/home/u/local/lib/python2.7/site-packages/pysftp/__init__.py", line 71, in get_hostkey
raise SSHException("No hostkey for host %s found." % host)
SSHException: No hostkey for host localhost found.
我在尝试设置 host_key_policy 之前收到异常。
我找不到通过 pysftp 访问客户端实例的不同方法。
有没有办法在我得到异常之前设置 AutoAddPolicy?
有一个相关的question。我的问题是关于如何应用旧问题中提供的几种解决方案之一。
pysftp 不使用 SSHClient 的 Paramiko SSHClient class at all, it uses more low-level Transport class. So it does not have the MissingHostKeyPolicy 功能。
您必须自己实施。
一种可能的实现可以是:
host = 'example.com'
# Loads .ssh/known_hosts
cnopts = CnOpts()
hostkeys = None
if cnopts.hostkeys.lookup(host) == None:
print("New host - will accept any host key")
# Backup loaded .ssh/known_hosts file
hostkeys = cnopts.hostkeys
# And do not verify host key of the new host
cnopts.hostkeys = None
with Connection(host, username=user, private_key=pkey, cnopts=cnopts) as sftp:
if hostkeys != None:
print("Connected to new host, caching its hostkey")
hostkeys.add(
host, sftp.remote_server_key.get_name(), sftp.remote_server_key)
hostkeys.save(pysftp.helpers.known_hosts())
我已经在 pysftp github fork 中实现了 auto_add_key。
auto_add_key 将把密钥添加到 known_hosts 如果 auto_add_key=True
一旦 known_hosts 中的主机存在密钥,将检查此密钥。
请参考 Martin Prikryl -> answer 安全问题。
Though for an absolute security, you should not retrieve the host key remotely, as you cannot be sure, if you are not being attacked already.
import pysftp as sftp
def push_file_to_server():
s = sftp.Connection(host='138.99.99.129', username='root', password='pass', auto_add_key=True)
local_path = "testme.txt"
remote_path = "/home/testme.txt"
s.put(local_path, remote_path)
s.close()
push_file_to_server()
此代码无效:
def sftp_connection(self):
import pysftp
connection = pysftp.Connection(self.host, username=self.system_name,
private_key=os.path.join(HOME, '.ssh', 'id_rsa'))
# in the next lines I try to use AutoAddPolicy
client = connection.sftp_client()
client.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
client.set_missing_host_key_policy(paramiko.client.AutoAddPolicy)
return connection
这是例外情况:
Traceback (most recent call last):
File "/home/u/src/myapp-glo/myapp_doxis_archiv/tests/test_doxis_archiv.py", line 85, in test_beleg_to_archiv__ftpservercontext
info_dict = beleg_to_archiv(beleg, self.archiv_belegart)
File "/home/u/src/myapp-glo/myapp_doxis_archiv/beleg_to_archiv.py", line 28, in beleg_to_archiv
transfer_log=send_data_via_ftp(temp_directory, archiv_belegart.doxis_archiv)
File "/home/u/src/myapp-glo/myapp_doxis_archiv/beleg_to_archiv.py", line 71, in send_data_via_ftp
with doxis_archiv.sftp_connection() as sftp:
File "/home/u/src/myapp-glo/myapp_doxis_archiv/models.py", line 43, in sftp_connection
private_key=os.path.join(HOME, '.ssh', 'id_rsa'))
File "/home/u/local/lib/python2.7/site-packages/pysftp/__init__.py", line 132, in __init__
self._tconnect['hostkey'] = self._cnopts.get_hostkey(host)
File "/home/u/local/lib/python2.7/site-packages/pysftp/__init__.py", line 71, in get_hostkey
raise SSHException("No hostkey for host %s found." % host)
SSHException: No hostkey for host localhost found.
我在尝试设置 host_key_policy 之前收到异常。
我找不到通过 pysftp 访问客户端实例的不同方法。
有没有办法在我得到异常之前设置 AutoAddPolicy?
有一个相关的question。我的问题是关于如何应用旧问题中提供的几种解决方案之一。
pysftp 不使用 SSHClient 的 Paramiko SSHClient class at all, it uses more low-level Transport class. So it does not have the MissingHostKeyPolicy 功能。
您必须自己实施。
一种可能的实现可以是:
host = 'example.com'
# Loads .ssh/known_hosts
cnopts = CnOpts()
hostkeys = None
if cnopts.hostkeys.lookup(host) == None:
print("New host - will accept any host key")
# Backup loaded .ssh/known_hosts file
hostkeys = cnopts.hostkeys
# And do not verify host key of the new host
cnopts.hostkeys = None
with Connection(host, username=user, private_key=pkey, cnopts=cnopts) as sftp:
if hostkeys != None:
print("Connected to new host, caching its hostkey")
hostkeys.add(
host, sftp.remote_server_key.get_name(), sftp.remote_server_key)
hostkeys.save(pysftp.helpers.known_hosts())
我已经在 pysftp github fork 中实现了 auto_add_key。
auto_add_key 将把密钥添加到 known_hosts 如果 auto_add_key=True
一旦 known_hosts 中的主机存在密钥,将检查此密钥。
请参考 Martin Prikryl -> answer 安全问题。
Though for an absolute security, you should not retrieve the host key remotely, as you cannot be sure, if you are not being attacked already.
import pysftp as sftp
def push_file_to_server():
s = sftp.Connection(host='138.99.99.129', username='root', password='pass', auto_add_key=True)
local_path = "testme.txt"
remote_path = "/home/testme.txt"
s.put(local_path, remote_path)
s.close()
push_file_to_server()