带有 Paramiko 和 RSA 密钥文件的嵌套 SSH [英] Nested SSH with Paramiko and RSA key file
问题描述
我正在尝试使用 Paramiko 嵌套 SSH,我将从本地计算机连接到服务器 X,然后从那里连接到服务器 Y.这里连接到服务器 XI 使用用户名、密码身份验证并连接到服务器 Y使用用户名和 RSA 密钥.问题是 RSA 密钥托管在用于连接服务器 Y 的 System X 中.如果我将密钥文件托管在本地 PC 中并将本地 pc 目录路径提供给 Paramiko SSH 客户端,我就能够成功运行脚本.但我想直接从服务器 X 读取密钥文件.我该怎么做,请帮帮我.
I am trying to nested SSH using Paramiko where I will connect to Server X from my local machine and from there I will connect to Server Y. Here to connect to Server X I am using username, password authentication and to connect to Server Y using username and RSA key. The thing is that the RSA key is hosted in System X which is used to connect Server Y. I was able to run the script successfully if I hosted the keyfile in my local PC and gave the local pc directory path to Paramiko SSH client. But I want to read key file from Server X directly. How can I do that please help me.
服务器 X 密钥文件 =/home/test/keys/id_rsa"
Server X key file = "/home/test/keys/id_rsa"
import time
import paramiko,io
import csv
import sys
import subprocess
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('X',22, username='subhash', password='mit@12345')
vmtransport = ssh.get_transport()
dest_addr = ('Y', 22)
local_addr = ('X', 22)
vmchannel = vmtransport.open_channel("direct-tcpip", dest_addr, local_addr)
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
remote_file = paramiko.RSAKey.from_private_key_file('C:/Users/test/Documents/hindi/id_rsa')
client.connect('Y', username='root',pkey=remote_file,sock=vmchannel)
client_stdin ,client_stdout, client_stderr = client.exec_command("pwd")
推荐答案
如果需要使用存储在跳转服务器上的私钥,则不能使用端口转发来实现跳转.
You cannot use port forwarding to implement the jump, if you need to use a private key stored on the jump server.
要么下载密钥到本地机器.如果您不想将密钥物理存储在本地计算机上,则可以仅在 Python 代码中将其下载到内存中.请参阅使用 Paramiko 从 SSH 跳转主机加载密钥.
否则,您必须通过在跳转服务器上运行 ssh
客户端来实现跳转,这将获取存储在那里的私钥(这通常是一个蹩脚的解决方案):>
Otherwise you would have to implement the jump by running ssh
client on the jump server, which will pick up the private key stored there (what is normally a lame solution):
ssh.exec_command("ssh root@Y pwd")
这篇关于带有 Paramiko 和 RSA 密钥文件的嵌套 SSH的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!