使用Paramiko从字符串中读取私钥

key_blob

不是字符串，不是

StringIO(key_str)

，...我认为当我通过时它会起作用

msg = paramiko.message.Message()

作为

key_blob

为什么它需要一个

msg

，知道如何正确地做到这一点吗？ 导入时间

from paramiko.dsskey import DSSKey
from paramiko.ecdsakey import ECDSAKey
from paramiko.rsakey import RSAKey

from taf.transport.ssh.proxy_keys.key_creators import RSA_creator, DSA_creator, ECDSA_creator

from taf.transport.ssh.proxy import ParaProxy
import paramiko

from paramiko.ssh_exception import SSHException

key_filename = '/home/meretricula/.ssh/id_ecdsa'


def OPENSSH_creator(key_blob, password):
    for key_class in (RSAKey, DSSKey, ECDSAKey):
        try:
            key = key_class(key_blob, password)
            return key
        except SSHException:
            pass


host = "x.x.x.x"
port = xx
username = "x"

key_str = """-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQTi93gxjjkp11zoYRTdY64XRKDCU4cA
ROV6OZgs2r/IEgPFZbgIDD5Cg3DVXWSKGYg0Awp0BdHdddE3o03+5/OBAAAAsCIYXAEiGF
wBAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOL3eDGOOSnXXOhh
FN1jrhdEoMJThwBE5Xo5mCzav8gSA8VluAgMPkKDcNVdZIoZiDQDCnQF0d110TejTf7n84
EAAAAge77Vq17w51ECz3mhdaevCKIgJv42THc9T3eGy+8SdFQAAAAXbWVyZXRyaWN1bGFA
bWVyZXRyaWN1bGEB
-----END OPENSSH PRIVATE KEY-----"""

print(OPENSSH_creator(key_blob=key_str, password=None))
mid_cli = paramiko.SSHClient()
mid_cli.set_missing_host_key_policy(paramiko.AutoAddPolicy())
mid_cli.connect(hostname=host, username=username,
                key_filename=key_filename)

io_tupple = mid_cli.exec_command('nc {} {}'.format(host, port))

proxy = ParaProxy(*io_tupple)

end_cli = paramiko.SSHClient()
end_cli.set_missing_host_key_policy(paramiko.AutoAddPolicy())
end_cli.connect(hostname=host, username=username, sock=proxy,
                key_filename=key_filename)

commands = ['ls', 'echo $USER', 'hostname', 'echo almost closing', 'bad_command']
for command in commands:
    print("Executing command:  ", command)
    end_cli_stdin, end_cli_stdout, end_cli_stderr = end_cli.exec_command(command)
    output = end_cli_stdout.read().decode()
    err = end_cli_stderr.read().decode()
    if err:
        print('Error:', err)
    else:
        print("Output:")
        print(output)

proxy.close()
time.sleep(.1)
mid_cli.close()
end_cli.close()

在调试时，我们发现这里尝试尝试每种我们也想获得该信息的加密算法。 724-732（行号）paramiko==3.3.1 client.py：

if not two_factor:
    for key_filename in key_filenames:
        # TODO 4.0: leverage PKey.from_path() if we don't end up just
        # killing SSHClient entirely
        for pkey_class in (RSAKey, DSSKey, ECDSAKey, Ed25519Key):
            try:
                key = self._key_from_filepath(
                    key_filename, pkey_class, passphrase
                )

追溯：

Traceback (most recent call last):
  File "/home/meretricula/work/taf.transport.ssh/taf/transport/ssh/local.py", line 40, in <module>
    print(OPENSSH_creator(key_blob=key_str, password=None))
  File "/home/meretricula/work/taf.transport.ssh/taf/transport/ssh/local.py", line 20, in OPENSSH_creator
    key = key_class(key_blob, password)
  File "/home/meretricula/.pyenv/versions/taf.transport.ssh_3.9.18/lib/python3.9/site-packages/paramiko/rsakey.py", line 71, in __init__
    self._check_type_and_load_cert(
  File "/home/meretricula/.pyenv/versions/taf.transport.ssh_3.9.18/lib/python3.9/site-packages/paramiko/pkey.py", line 792, in _check_type_and_load_cert
    msg.rewind()
AttributeError: 'str' object has no attribute 'rewind'

Process finished with exit code 1

data

key = key_class(data: key_blob, password)

key_class(Message(key_blob), password)