使用 paramiko 运行 Sudo 命令

问题描述 投票:0回答:5

我试图使用 python-paramiko 在远程计算机上执行 sudo 命令,当我执行该命令时,我将它与 3 个流绑定,并且我使用输入流来传递密码,但它不起作用,这是回溯结果:

Traceback (most recent call last):
File "<input>", line 1, in <module>
File "/usr/local/lib/python2.7/dist-packages/paramiko/file.py", line 314, in write
self._write_all(data)
File "/usr/local/lib/python2.7/dist-packages/paramiko/file.py", line 439, in _write_all
count = self._write(data)
File "/usr/local/lib/python2.7/dist-packages/paramiko/channel.py", line 1263,in _write
self.channel.sendall(data)
File "/usr/local/lib/python2.7/dist-packages/paramiko/channel.py", line 796, in sendall
raise socket.error('Socket is closed')
error: Socket is closed

这是我的Python代码:

import paramiko
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('192.168.0.104', username='cdc',password='123456')
stdin, stdout, stderr = ssh.exec_command("sudo dmesg")
stdin.write("123456\n")
stdin.flush()
print stdout.readlines()
ssh.close()

有什么帮助吗?预先感谢

python sockets ssh paramiko
5个回答
17
投票

首先,您是否在控制台中尝试过使用

ssh [email protected] "sudo -S -p '' dmesg"
。如果也失败,那么您可以检查 
sshd
设置和 
sudoer
设置。

如果运行良好,请在行与行之间添加一些回显,以便我们可以准确地知道异常何时抛出。我非常怀疑您是否应该将 

sudo dmesg
更改为 
sudo -S -p '' dmesg

你也可以尝试我的帕里科包装。我可以使用它顺利地访问任何 CentOS/SuSE 节点并执行任何命令(w/wo sudo 权限):

#!/usr/bin/python

from StringIO import StringIO
import paramiko 

class SshClient:
    "A wrapper of paramiko.SSHClient"
    TIMEOUT = 4

    def __init__(self, host, port, username, password, key=None, passphrase=None):
        self.username = username
        self.password = password
        self.client = paramiko.SSHClient()
        self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        if key is not None:
            key = paramiko.RSAKey.from_private_key(StringIO(key), password=passphrase)
        self.client.connect(host, port, username=username, password=password, pkey=key, timeout=self.TIMEOUT)

    def close(self):
        if self.client is not None:
            self.client.close()
            self.client = None

    def execute(self, command, sudo=False):
        feed_password = False
        if sudo and self.username != "root":
            command = "sudo -S -p '' %s" % command
            feed_password = self.password is not None and len(self.password) > 0
        stdin, stdout, stderr = self.client.exec_command(command)
        if feed_password:
            stdin.write(self.password + "\n")
            stdin.flush()
        return {'out': stdout.readlines(), 
                'err': stderr.readlines(),
                'retval': stdout.channel.recv_exit_status()}

if __name__ == "__main__":
    client = SshClient(host='host', port=22, username='username', password='password') 
    try:
       ret = client.execute('dmesg', sudo=True)
       print "  ".join(ret["out"]), "  E ".join(ret["err"]), ret["retval"]
    finally:
      client.close()
11
投票

抱歉,我没有时间详细回答,但我能够使用 this 建议

在 paramiko 上实施 sudo 命令 
#!/usr/bin/env python
import paramiko
l_password = "yourpassword"
l_host = "yourhost"
l_user = "yourusername"
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(l_host, username=l_user, password=l_password)    
transport = ssh.get_transport()
session = transport.open_session()
session.set_combine_stderr(True)
session.get_pty()
#for testing purposes we want to force sudo to always to ask for password. because of that we use "-k" key
session.exec_command("sudo -k dmesg")
stdin = session.makefile('wb', -1)
stdout = session.makefile('rb', -1)
#you have to check if you really need to send password here 
stdin.write(l_password +'\n')
stdin.flush()
for line in stdout.read().splitlines():        
    print 'host: %s: %s' % (l_host, line)
4
投票

我知道这个问题有点老了,但我也想一起使用 sudo 和 paramiko 。我花了一段时间才找到这个解决方案。它可能并不适合所有人,但我认为值得添加。

def ssh_handler(hostname, username=USER, password=PASS, command=CMD): 
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    ssh.connect(hostname,
                username=username,
                password=password) 
    # set get_pty to True to get a pseudo terminal
    stdin, stdout, stderr = ssh.exec_command(prepare_command(command), get_pty=True)
    # write and flush the password to the remote terminal
    # note that the password will also be written to the terminal from where the script is executed.
    stdin.write(password+'\n')
    stdin.flush()

    response = stdout.read()   
    ssh.close()
    print(response)
             
     
def prepare_command(command):  
    if (not isinstance(command, basestring)): 
        command = ' ; '.join(command)  
    command = command.replace('"','\"') 
    command = 'sudo -s -- " '+command+' " \n'
    return command


# kind of a dumb example but you get the point 
mycmd = []; 
mycmd.append('cd /dir/this/user/doesnt/have/access/to')
mycmd.append('ls -las')
mycmd.append('cat file_in_dir.txt')

ssh_handler(server, command=mycmd)
0
投票

我能够实现这个在其他 Stackoverflow 线程中找到的解决方案。

https://www.reddit.com/r/learnpython/comments/60taz7/execute_sudo_su_and_input_password_with_paramiko/df94q7s/

我的解决方案是在需要使用带有 

invoke_shell()
的命令时使用 
sudo

0
投票

当我结合上面提到的两个建议时,它对我有用:

  1. 将“-S -p ''”放入 sudo 命令:“sudo -S -p '' dmesg”
  2. 在标准输入上设置密码: stdin.write(密码+' ') stdin.flush()
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.