使用 Python Paramiko 连接到 SSH 服务器,除了密码提示外,还需要使用 Enter 键提交键盘交互横幅 [英] Connect with Python Paramiko to SSH server that in addition to password prompt requires submitting an keyboard interactive banner with Enter key
问题描述
使用 PuTTY 命令行,我连接到 PAM 上下文下的 unix 主机.
Using PuTTY command line, I connect with unix host which is under PAM context.
连接字符串是
domain/user-name@pam-functional-account@unix-host@pam-load-balancer-address:4422
在 PuTTY 命令行中,我使用了以下内容
in PuTTY command line I have used the below
putty.exe -ssh domain/user-name@pam-functional-account@unix-host@pam-load-balancer-address 4422 -pw xxx
这将打开 PuTTY SSH 会话到主机并登录.在 PuTTY 控制台中,它将用户名显示为域/用户名@pam-functional-account@unix-host
This will open the PuTTY SSH Session to an host and logins. In PuTTY console it shows the username as
domain/user-name@pam-functional-account@unix-host
我想通过 SSH 库 Paramiko 执行相同的操作.我将 pam-load-balancer-address 作为我的主机,4422 作为端口,domain/user-name@pam-functional-account@unix-host 作为我的用户名.在 Paramiko 中,它给出了一条错误消息
I want to perform the same through SSH library Paramiko. I have kept pam-load-balancer-address as my host and 4422 as port and domain/user-name@pam-functional-account@unix-host as my username. In Paramiko it gives an error message
AuthenticationException:身份验证失败.
AuthenticationException: Authentication failed.
在 PuTTY ssh 中它成功了,但在 Paramiko 或 robotsframework-sshlibrary 中我无法登录主机.请建议如何登录用户名有很多@ 的主机.谢谢
In PuTTY ssh it was successful and in Paramiko or robotframework-sshlibrary I can't login the host. Please advice on how to login the host where the username has many @. Thanks
PuTTY 会话
PuTTY 事件日志:
PuTTY Event log:
Paramiko 日志:
Paramiko log:
DEB [20210330-17:27:49.113] thr=1 paramiko.transport: starting thread (client mode): 0x3d82d30
DEB [20210330-17:27:49.113] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.7.2
DEB [20210330-17:27:49.113] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-PBPS-SM-1.0.0
INF [20210330-17:27:49.113] thr=1 paramiko.transport: Connected (version 2.0, client PBPS-SM-1.0.0)
DEB [20210330-17:27:49.217] thr=1 paramiko.transport: kex algos:['curve25519-sha256', 'ecdh-sha2-nistp256', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp521', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group14-sha1'] server key:['ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521', 'ssh-ed25519', 'rsa-sha2-512', 'rsa-sha2-256', 'ssh-rsa'] client encrypt:['aes256-ctr', 'aes192-ctr', 'aes128-ctr'] server encrypt:['aes256-ctr', 'aes192-ctr', 'aes128-ctr'] client mac:['hmac-sha2-256', 'hmac-sha2-512', 'hmac-sha1'] server mac:['hmac-sha2-256', 'hmac-sha2-512', 'hmac-sha1'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
DEB [20210330-17:27:49.218] thr=1 paramiko.transport: Kex agreed: ecdh-sha2-nistp256
DEB [20210330-17:27:49.218] thr=1 paramiko.transport: HostKey agreed: ssh-ed25519
DEB [20210330-17:27:49.218] thr=1 paramiko.transport: Cipher agreed: aes128-ctr
DEB [20210330-17:27:49.218] thr=1 paramiko.transport: MAC agreed: hmac-sha2-256
DEB [20210330-17:27:49.218] thr=1 paramiko.transport: Compression agreed: none
DEB [20210330-17:27:49.225] thr=1 paramiko.transport: kex engine KexNistp256 specified hash_algo <built-in function openssl_sha256>
DEB [20210330-17:27:49.225] thr=1 paramiko.transport: Switch to new keys ...
DEB [20210330-17:27:49.226] thr=2 paramiko.transport: Adding ssh-ed25519 host key for [xxx-pam2.xxx.co.uk]:4422: b'3f537ba214609f1911ba04226de23df7'
DEB [20210330-17:27:49.246] thr=1 paramiko.transport: userauth is OK
INF [20210330-17:27:49.246] thr=1 paramiko.transport: Authentication (password) failed.
DEB [20210330-17:27:49.253] thr=1 paramiko.transport: EOF in transport thread
没有 -pw 的 PuTTY 事件日志:
PuTTY Event Log without -pw:
2021-03-30 17:39:43 Looking up host "xxx-pam1.xxx.co.uk" for SSH connection
2021-03-30 17:39:43 Connecting to 10.34.37.244 port 4422
2021-03-30 17:39:43 We claim version: SSH-2.0-PuTTY_Release_0.74
2021-03-30 17:39:43 Remote version: SSH-2.0-PBPS-SM-1.0.0
2021-03-30 17:39:43 Using SSH protocol version 2
2021-03-30 17:39:43 No GSSAPI security context available
2021-03-30 17:39:43 Doing ECDH key exchange with curve nistp256 and hash SHA-256 (unaccelerated)
2021-03-30 17:39:43 Server also has ecdsa-sha2-nistp256/ecdsa-sha2-nistp384/ecdsa-sha2-nistp521/ssh-rsa host keys, but we don't know any of them
2021-03-30 17:39:43 Host key fingerprint is:
2021-03-30 17:39:43 ssh-ed25519 255 32:2f:d2:0b:ba:f4:50:7f:01:42:59:bd:47:17:d3:91
2021-03-30 17:39:43 Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
2021-03-30 17:39:43 Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
2021-03-30 17:39:43 Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
2021-03-30 17:39:43 Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
2021-03-30 17:39:43 Attempting keyboard-interactive authentication
2021-03-30 17:40:01 Access granted
2021-03-30 17:40:01 Opening main session channel
2021-03-30 17:40:02 Opened main channel
2021-03-30 17:40:02 Allocated pty
2021-03-30 17:40:02 Started a shell/command
源代码
import paramiko
import logging
import Interactive
def connect_pam_host():
logging.basicConfig();
# logging.getLogger('Paramiko').setLevel(logging.INFO);
paramiko.util.log_to_file('paramiko.log', logging.WARNING);
ssh = paramiko.SSHClient();
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy());
ssh.connect(hostname='xxx-pam2.xxx.co.uk', port=4422, username='netdom\\tpukrisi@XXuladm@utvweccn03',
password='mypwd@03');
print('Success');
# This is a sample Python script.
# Press Shift+F10 to execute it or replace it with your code.
# Press Double Shift to search everywhere for classes, files, tool windows, actions, and settings.
def print_hi(name):
# Use a breakpoint in the code line below to debug your script.
print(f'Hi, {name}') # Press Ctrl+F8 to toggle the breakpoint.
# Press the green button in the gutter to run the script.
if __name__ == '__main__':
print_hi('PyCharm')
connect_pam_host()
推荐答案
您的服务器似乎发出两个键盘交互身份验证质询
Your server seems to issue two keyboard-interactive authentication challenges
- 首先,提示输入密码
- 其次,没有提示的横幅.
所以你必须像这样做一些:
def handler(title, instructions, fields):
if len(fields) == 1:
return [password]
else:
return []
transport = paramiko.Transport('example.com')
transport.connect(username='myuser')
transport.auth_password(username, password)
transport.auth_interactive(username, handler)
一些参考:
此外,正如您所发现的,您需要对用户名中的 \ 进行转义.
Further, as you have find out, you need to escape the \ in the username.
这篇关于使用 Python Paramiko 连接到 SSH 服务器,除了密码提示外,还需要使用 Enter 键提交键盘交互横幅的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
