sftp的服务器实现效果很好,但现在我想将其用于从客户端执行命令的附加条件
该代码可以很好地用作sftp服务器,但是我不知道如何扩展它以执行命令...
正在使用:set_subsystem_handler正在使用sftp,使用命令失败...
想法?
工作示例:sftp -P 3376 -i key.file user1 @ localhost
失败的示例:ssh -p 3376 -i key.file user1 @ localhost ls
class StubServer (ServerInterface, ):
def check_auth_publickey(self, username, key):
return paramiko.AUTH_SUCCESSFUL
def check_channel_request(self, kind, chanid):
return OPEN_SUCCEEDED
def get_allowed_auths(self, username):
return "publickey"
def check_channel_exec_request ( self, channel, command ):
print ( f'....> check_channel_exec_request commmand: {command}' )
return True
class ConnHandlerThd(threading.Thread):
def __init__(self, conn, addr, serverkeyfile ):
threading.Thread.__init__(self)
self._conn = conn
self._addr = addr
self._serverkeyfile = serverkeyfile
def run(self):
server_key = paramiko.RSAKey.from_private_key_file(self._serverkeyfile)
name = server_key.get_name()
transport = paramiko.Transport(self._conn)
transport.add_server_key(server_key)
transport.set_subsystem_handler( 'sftp', paramiko.SFTPServer, StubSFTPServer)
server = StubServer()
transport.start_server(server=server)
channel = transport.accept()
while transport.is_active():
time.sleep(1)
def start_server(host, port, serverkeyfile, logfile=logfile, level=level, backlog=backlog ):
paramiko_level = getattr(paramiko.common, level)
paramiko.common.logging.basicConfig(level=paramiko_level)
paramiko.util.log_to_file ( logfile, level = level )
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, True)
server_socket.bind((host, port))
server_socket.listen(backlog)
while True:
conn, addr = server_socket.accept()
srv_thd = ConnHandlerThd(conn, addr, serverkeyfile )
srv_thd.setDaemon(True)
srv_thd.start()
start_server(host=host, port=port, serverkeyfile=keyfile, level=level, logfile=logfile, backlog=backlog)
ssh ... command使用exec SSH通道,而不是sftp。所以您也需要处理exec通道。