使用 paramiko 进行 ssh 连接时,会发生身份验证错误。 通过命令提示符使用 putty 和 openssh,通信工作完美。 使用帕里科时。我尝试了简单甚至更复杂的功能。
import paramiko
host = ""
user = ""
keyfile = ""
command = ""
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_polic(paramiko.AutoAddPolicy())
#ssh.set_missing_host_key_polic(paramiko.WarningPolicy())
#ssh.set_missing_host_key_polic(paramiko.MissingHostKeyPolicy())
#ssh.set_missing_host_key_polic(paramiko.RejectPolicy())
ssh.connect(hostname=host, username=user, password=None, port=22)
#, look_for_keys=False, disable_algorithms={'keys':['rsa-sha2-256', 'rsa-sha2-512']}, allow_agent=False)
stdin, stdout, stderr = ssh.exec_comand('cd')
在Python中记录执行Paramiko。
: starting thread (client mode): 0xe4051010
:
Local version/idstring: SSH-2.0-paramiko_3.1.0
: Remote version/idstring: SSH-2.0-dropbear_2017.75
: Connected (version 2.0, client dropbear_2017.75)
Key exchange possibilities ===
: kex algos: [email protected], ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group14-shal, diffie-he
: server key: ssh-rsa
:
client encrypt: aes128-ctr, aes256-ctr, aes128-cbc, aes256-cbc, twofish256-cbc, twofish-cbc, twofish128-cbc, 3des-ctr, 3des-cbc
: server encrypt: aes128-ctr, aes256-ctr, aes128-cbc, aes256-cbc, twofish256-cbc, twofish-cbc, twofish128-cbc, 3des-ctr, 3des-cbc
: client mac: hmac-sha1-96, hmac-shal, hmac-sha2-256, hmac-sha2-512, hmac-md5 : server mac: hmac-sha1-96, hmac-sha1, hmac-sha2-256, hmac-sha2-512, hmac-md5
: client compress: [email protected], none
: server compress: [email protected], none
: client lang: <none>
: server lang: <none>
: kex follows: False
Key exchange agreements ---
: Kex: [email protected]
: HostKey: ssh-rsa
: Cipher: aes128-ctr
: MAC: hmac-sha2-256
: Compression: none
: --- End of kex handshake ===
: kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256> : Switch to new keys ...
: Adding ssh-rsa host key for fe:7:383:4::67: b'0366f1abed7f1a4625c3abd6185944bf : Trying discovered key b'3e418e1455f5113caeca987a320c0f4a in C:\Users\NV_VwdB/.ssh/id_rsa
: userauth is OK
: Finalizing pubkey algorithm for key of type 'ssh-rsa'
: Our pubkey algorithm list: ['rsa-sha2-512', 'rsa-sha2-256", ssh-rsa']
: Server did not send a server-sig-algs list; defaulting to our first preferred algo ('rsa-sha2-512')
: NOTE: you may use the 'disabled_algorithms SSHClient/Transport init kwarg to disable that or other algorithms if your server does not supp
: Authentication (publickey) failed.
: EOF in transport thread
我收集了应用程序日志来寻找解决方法。 使用 Plink 应用程序它可以通过命令提示符完美运行 - 日志:
plink -ssh -v -l 用户“主机”
C:\Users\NV_VwdB>plink -ssh -v -1 root "f!. 383:4::67"
Looking up host "f.:7:383:4::67" for SSH connection
Connecting to f":7 :383:4::67 port 22
We claim version: SSH-2.0-PuTTY_Release_0.78
Connected to f:7 :383:4::67
Remote version: SSH-2.0-dropbear_2017.75
Using SSH protocol version 2
No GSSAPI security context available
Doing ECDH key exchange with curve Curve25519, using hash SHA-256 (unaccelerated)
Host key fingerprint is:
ssh-rsa 2048 SHA256:20IgeSG/smq4GN17z1jLMBEaMw4peSXOWGZ1w9aZUaY
Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
Using username "root".
Access granted
Access granted. Press Return to begin session.
Opening main session channel
Opened main channel
Allocated pty
Started a shell/command
root@swi-mdm9x40-03hmqcsop1buevxxrel:~# pwd
/home/root
使用 OpenSSH - Windows 应用程序它可以完美运行通过命令提示符 - 日志:
ssh -v 用户@主机
C:\Users\NV_VWdB>ssh -v root@fr :7c :383:4::67
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Connecting to f...:7:383:4::67 [fd** 4::67] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_rsa type >
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\NV_VWdB/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version dropbear_2017.75
debug1: no match: dropbear_2017.75
debug1: Authenticating to f :7c. 383:4::67:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected] debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:20IgeSG/smq4GN17z1jLMBEaMw4peSXOWGZ1W9aZUAY
debug1: Host 'f' :7:383:4::67' is known and matches the RSA host key.
debug1: Found key in C:\\Users\\NV_VWdB/.ssh/known_hosts:1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 4294967296 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: C:\\Users\\NV_VWdB/.ssh/id_rsa RSA SHA256:mWX1DkzfUCV5yZAKYS1tLPkTGqTtVxcOHDJqFhi7Aac
debug1: Will attempt key: C:\\Users\\NV_VWdB/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\NV_VWdB/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\NV_VWdB/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\NV_VWdB/.ssh/id_xmss
debug1: SSH2_MSG_SERVICE_ACCEPT received debug1 : Authentication succeeded (none).
Authenticated to f :7:383:4::67 ([f :7 :383:4::67]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: ENABLE_VIRTUAL TERMINAL_INPUT is supported. Reading the VTSequence from console
root@swi-mu....... evxxrel:~#
debug1: ENABLE_VIRTUAL TERMINAL PROCESSING is
我可以利用你的帮助来理解和寻找解决方案,因为连接可以通过 Putty、Plink 和 Openssh 程序进行,但不能通过 Python 通过 Paramiko 进行。
你好马丁。 完美!
共享解决方案解决了问题。 服务器端使用dropbear,无需密码即可访问,因此实施Martin的建议效果非常好。 非常感谢大家的帮助。
这是我修改后使用的代码。
import paramiko
host = "192.168.56.101"
port = 22
password = "123456"
user = "tester"
paramiko.util.log_to_file("C:/tmp/paramiko.txt", level = "DEBUG")
ssh_client =paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh_client.connect(hostname=host,port=22 ,username=user ,password=password)
except paramiko.ssh_exception.AuthenticationException as e:
if not password:
ssh_client.get_transport().auth_none(user)
else:
raise e
channel = ssh_client.invoke_shell()
#stdin = channel.makefile('wb')
#stdout = channel.makefile('r')
channel.send('cm' + '\n')
resp = channel.recv(4096)
print(resp)
stdin, stdout, stderr = ssh_client.exec_command('devtest-1', timeout = 60)
lines = stdout.readlines()
print(lines)