day13 paramiko、数据库表操作
Paramiko
paramiko 模块官方网站:
http://www.paramiko.org/
paramiko 模块功能概述:
Paramiko 是一个python(2.6+,3.3+)的实现SSHv2协议的模块,它提供了客户端和服务器端的功能。虽然利用Python C扩展为低水平加密(加密),Paramiko本身就是一个纯Python接口在SSH网络概念。
paramiko 模块安装方式:
pip3 install paramiko
sshclient
用于连接远程服务器并执行相应的命令
sshclien连接服务器的两种方式:
1、基于用户名密码连接:
import paramiko # 创建SSH对象 ssh = paramiko.SSHClient() # 允许连接不在know_hosts文件中的主机 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # 连接服务器 ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', password='123') # 执行命令 stdin, stdout, stderr = ssh.exec_command('ls') # 获取命令结果 result = stdout.read() # 关闭连接 ssh.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 3 # 创建SSH对象 4 ssh = paramiko.SSHClient() 5 # 允许连接不在know_hosts文件中的主机 6 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 7 # 连接服务器 8 ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', password='123') 9 10 # 执行命令 11 stdin, stdout, stderr = ssh.exec_command('ls') 12 # 获取命令结果 13 result = stdout.read() 14 15 # 关闭连接 16 ssh.close()
2、基于公钥秘钥连接:
import paramiko private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa') # 创建SSH对象 ssh = paramiko.SSHClient() # 允许连接不在know_hosts文件中的主机 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # 连接服务器 ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', key=private_key) # 执行命令 stdin, stdout, stderr = ssh.exec_command('df') # 获取命令结果 result = stdout.read() # 关闭连接 ssh.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 3 private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa') 4 5 transport = paramiko.Transport(('hostname', 22)) 6 transport.connect(username='wupeiqi', pkey=private_key) 7 8 ssh = paramiko.SSHClient() 9 ssh._transport = transport 10 11 stdin, stdout, stderr = ssh.exec_command('df') 12 13 transport.close()
sftpclient:
用于连接远程服务器并执行上传下载
1、基于用户名密码上传下载:
import paramiko transport = paramiko.Transport(('hostname',22)) transport.connect(username='wupeiqi',password='123') sftp = paramiko.SFTPClient.from_transport(transport) # 将location.py 上传至服务器 /tmp/test.py sftp.put('/tmp/location.py', '/tmp/test.py') # 将remove_path 下载到本地 local_path sftp.get('remove_path', 'local_path') transport.close()
2、基于公钥密钥上传下载:
import paramiko private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa') transport = paramiko.Transport(('hostname', 22)) transport.connect(username='wupeiqi', pkey=private_key ) sftp = paramiko.SFTPClient.from_transport(transport) # 将location.py 上传至服务器 /tmp/test.py sftp.put('/tmp/location.py', '/tmp/test.py') # 将remove_path 下载到本地 local_path sftp.get('remove_path', 'local_path') transport.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 import paramiko 4 import uuid 5 6 class SSHConnection(object): 7 8 def __init__(self, host='172.16.103.191', port=22, username='wupeiqi',pwd='123'): 9 self.host = host 10 self.port = port 11 self.username = username 12 self.pwd = pwd 13 self.__k = None 14 15 def create_file(self): 16 file_name = str(uuid.uuid4()) 17 with open(file_name,'w') as f: 18 f.write('sb') 19 return file_name 20 21 def run(self): 22 self.connect() 23 self.upload('/home/wupeiqi/tttttttttttt.py') 24 self.rename('/home/wupeiqi/tttttttttttt.py', '/home/wupeiqi/ooooooooo.py) 25 self.close() 26 27 def connect(self): 28 transport = paramiko.Transport((self.host,self.port)) 29 transport.connect(username=self.username,password=self.pwd) 30 self.__transport = transport 31 32 def close(self): 33 34 self.__transport.close() 35 36 def upload(self,target_path): 37 # 连接,上传 38 file_name = self.create_file() 39 40 sftp = paramiko.SFTPClient.from_transport(self.__transport) 41 # 将location.py 上传至服务器 /tmp/test.py 42 sftp.put(file_name, target_path) 43 44 def rename(self, old_path, new_path): 45 46 ssh = paramiko.SSHClient() 47 ssh._transport = self.__transport 48 # 执行命令 49 cmd = "mv %s %s" % (old_path, new_path,) 50 stdin, stdout, stderr = ssh.exec_command(cmd) 51 # 获取命令结果 52 result = stdout.read() 53 54 def cmd(self, command): 55 ssh = paramiko.SSHClient() 56 ssh._transport = self.__transport 57 # 执行命令 58 stdin, stdout, stderr = ssh.exec_command(command) 59 # 获取命令结果 60 result = stdout.read() 61 return result 62 63 64 65 ha = SSHConnection() 66 ha.run()
# 对于更多限制命令,需要在系统中设置 /etc/sudoers Defaults requiretty Defaults:cmdb !requiretty
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 import uuid 3 4 class SSHConnection(object): 5 6 def __init__(self, host='192.168.11.61', port=22, username='alex',pwd='alex3714'): 7 self.host = host 8 self.port = port 9 self.username = username 10 self.pwd = pwd 11 self.__k = None 12 13 def run(self): 14 self.connect() 15 pass 16 self.close() 17 18 def connect(self): 19 transport = paramiko.Transport((self.host,self.port)) 20 transport.connect(username=self.username,password=self.pwd) 21 self.__transport = transport 22 23 def close(self): 24 self.__transport.close() 25 26 def cmd(self, command): 27 ssh = paramiko.SSHClient() 28 ssh._transport = self.__transport 29 # 执行命令 30 stdin, stdout, stderr = ssh.exec_command(command) 31 # 获取命令结果 32 result = stdout.read() 33 return result 34 35 def upload(self,local_path, target_path): 36 # 连接,上传 37 sftp = paramiko.SFTPClient.from_transport(self.__transport) 38 # 将location.py 上传至服务器 /tmp/test.py 39 sftp.put(local_path, target_path) 40 41 ssh = SSHConnection() 42 ssh.connect() 43 r1 = ssh.cmd('df') 44 ssh.upload('s2.py', "/home/alex/s7.py") 45 ssh.close()
堡垒机:
堡垒机模型:
堡垒机原理和执行流程:
1、管理员为用户在服务器上创建账号(将公钥放置服务器,或者使用用户名密码)
2、用户登入堡垒机,输入堡垒机用户名密码,实现当前用户管理的服务器列表
3、用户选择服务器,并自动登入
4、执行操作并同时将用户操作记录
实现过程:
前奏
import paramiko import sys import os import socket import select import getpass tran = paramiko.Transport(('10.211.55.4', 22,)) tran.start_client() tran.auth_password('wupeiqi', '123') # 打开一个通道 chan = tran.open_session() # 获取一个终端 chan.get_pty() # 激活器 chan.invoke_shell() ######### # 利用sys.stdin,肆意妄为执行操作 # 用户在终端输入内容,并将内容发送至远程服务器 # 远程服务器执行命令,并将结果返回 # 用户终端显示内容 ######### chan.close() tran.close()
2、终极版本:
import paramiko import sys import os import socket import select import getpass from paramiko.py3compat import u tran = paramiko.Transport(('10.211.55.4', 22,)) tran.start_client() tran.auth_password('wupeiqi', '123') # 打开一个通道 chan = tran.open_session() # 获取一个终端 chan.get_pty() # 激活器 chan.invoke_shell() while True: # 监视用户输入和服务器返回数据 # sys.stdin 处理用户输入 # chan 是之前创建的通道,用于接收服务器返回信息 readable, writeable, error = select.select([chan, sys.stdin, ],[],[],1) if chan in readable: try: x = u(chan.recv(1024)) if len(x) == 0: print('\r\n*** EOF\r\n') break sys.stdout.write(x) sys.stdout.flush() except socket.timeout: pass if sys.stdin in readable: inp = sys.stdin.readline() chan.sendall(inp) chan.close() tran.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 4 import paramiko 5 import sys 6 import os 7 import socket 8 import select 9 import getpass 10 from paramiko.py3compat import u 11 12 13 default_username = getpass.getuser() 14 username = input('Username [%s]: ' % default_username) 15 if len(username) == 0: 16 username = default_username 17 18 19 hostname = input('Hostname: ') 20 if len(hostname) == 0: 21 print('*** Hostname required.') 22 sys.exit(1) 23 24 tran = paramiko.Transport((hostname, 22,)) 25 tran.start_client() 26 27 default_auth = "p" 28 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth) 29 if len(auth) == 0: 30 auth = default_auth 31 32 if auth == 'r': 33 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa') 34 path = input('RSA key [%s]: ' % default_path) 35 if len(path) == 0: 36 path = default_path 37 try: 38 key = paramiko.RSAKey.from_private_key_file(path) 39 except paramiko.PasswordRequiredException: 40 password = getpass.getpass('RSA key password: ') 41 key = paramiko.RSAKey.from_private_key_file(path, password) 42 tran.auth_publickey(username, key) 43 else: 44 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname)) 45 tran.auth_password(username, pw) 46 47 48 49 # 打开一个通道 50 chan = tran.open_session() 51 # 获取一个终端 52 chan.get_pty() 53 # 激活器 54 chan.invoke_shell() 55 56 while True: 57 # 监视用户输入和服务器返回数据 58 # sys.stdin 处理用户输入 59 # chan 是之前创建的通道,用于接收服务器返回信息 60 readable, writeable, error = select.select([chan, sys.stdin, ],[],[],1) 61 if chan in readable: 62 try: 63 x = u(chan.recv(1024)) 64 if len(x) == 0: 65 print('\r\n*** EOF\r\n') 66 break 67 sys.stdout.write(x) 68 sys.stdout.flush() 69 except socket.timeout: 70 pass 71 if sys.stdin in readable: 72 inp = sys.stdin.readline() 73 chan.sendall(inp) 74 75 chan.close() 76 tran.close()
3、终极版本二
import paramiko import sys import os import socket import select import getpass import termios import tty from paramiko.py3compat import u tran = paramiko.Transport(('10.211.55.4', 22,)) tran.start_client() tran.auth_password('wupeiqi', '123') # 打开一个通道 chan = tran.open_session() # 获取一个终端 chan.get_pty() # 激活器 chan.invoke_shell() # 获取原tty属性 oldtty = termios.tcgetattr(sys.stdin) try: # 为tty设置新属性 # 默认当前tty设备属性: # 输入一行回车,执行 # CTRL+C 进程退出,遇到特殊字符,特殊处理。 # 这是为原始模式,不认识所有特殊符号 # 放置特殊字符应用在当前终端,如此设置,将所有的用户输入均发送到远程服务器 tty.setraw(sys.stdin.fileno()) chan.settimeout(0.0) while True: # 监视 用户输入 和 远程服务器返回数据(socket) # 阻塞,直到句柄可读 r, w, e = select.select([chan, sys.stdin], [], [], 1) if chan in r: try: x = u(chan.recv(1024)) if len(x) == 0: print('\r\n*** EOF\r\n') break sys.stdout.write(x) sys.stdout.flush() except socket.timeout: pass if sys.stdin in r: x = sys.stdin.read(1) if len(x) == 0: break chan.send(x) finally: # 重新设置终端属性 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty) chan.close() tran.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 import sys 3 import os 4 import socket 5 import select 6 import getpass 7 import termios 8 import tty 9 from paramiko.py3compat import u 10 11 12 default_username = getpass.getuser() 13 username = input('Username [%s]: ' % default_username) 14 if len(username) == 0: 15 username = default_username 16 17 18 hostname = input('Hostname: ') 19 if len(hostname) == 0: 20 print('*** Hostname required.') 21 sys.exit(1) 22 23 tran = paramiko.Transport((hostname, 22,)) 24 tran.start_client() 25 26 default_auth = "p" 27 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth) 28 if len(auth) == 0: 29 auth = default_auth 30 31 if auth == 'r': 32 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa') 33 path = input('RSA key [%s]: ' % default_path) 34 if len(path) == 0: 35 path = default_path 36 try: 37 key = paramiko.RSAKey.from_private_key_file(path) 38 except paramiko.PasswordRequiredException: 39 password = getpass.getpass('RSA key password: ') 40 key = paramiko.RSAKey.from_private_key_file(path, password) 41 tran.auth_publickey(username, key) 42 else: 43 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname)) 44 tran.auth_password(username, pw) 45 46 # 打开一个通道 47 chan = tran.open_session() 48 # 获取一个终端 49 chan.get_pty() 50 # 激活器 51 chan.invoke_shell() 52 53 54 # 获取原tty属性 55 oldtty = termios.tcgetattr(sys.stdin) 56 try: 57 # 为tty设置新属性 58 # 默认当前tty设备属性: 59 # 输入一行回车,执行 60 # CTRL+C 进程退出,遇到特殊字符,特殊处理。 61 62 # 这是为原始模式,不认识所有特殊符号 63 # 放置特殊字符应用在当前终端,如此设置,将所有的用户输入均发送到远程服务器 64 tty.setraw(sys.stdin.fileno()) 65 chan.settimeout(0.0) 66 67 while True: 68 # 监视 用户输入 和 远程服务器返回数据(socket) 69 # 阻塞,直到句柄可读 70 r, w, e = select.select([chan, sys.stdin], [], [], 1) 71 if chan in r: 72 try: 73 x = u(chan.recv(1024)) 74 if len(x) == 0: 75 print('\r\n*** EOF\r\n') 76 break 77 sys.stdout.write(x) 78 sys.stdout.flush() 79 except socket.timeout: 80 pass 81 if sys.stdin in r: 82 x = sys.stdin.read(1) 83 if len(x) == 0: 84 break 85 chan.send(x) 86 87 finally: 88 # 重新设置终端属性 89 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty) 90 91 92 chan.close() 93 tran.close()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 import sys 3 import os 4 import socket 5 import getpass 6 7 from paramiko.py3compat import u 8 9 # windows does not have termios... 10 try: 11 import termios 12 import tty 13 has_termios = True 14 except ImportError: 15 has_termios = False 16 17 18 def interactive_shell(chan): 19 if has_termios: 20 posix_shell(chan) 21 else: 22 windows_shell(chan) 23 24 25 def posix_shell(chan): 26 import select 27 28 oldtty = termios.tcgetattr(sys.stdin) 29 try: 30 tty.setraw(sys.stdin.fileno()) 31 tty.setcbreak(sys.stdin.fileno()) 32 chan.settimeout(0.0) 33 log = open('handle.log', 'a+', encoding='utf-8') 34 flag = False 35 temp_list = [] 36 while True: 37 r, w, e = select.select([chan, sys.stdin], [], []) 38 if chan in r: 39 try: 40 x = u(chan.recv(1024)) 41 if len(x) == 0: 42 sys.stdout.write('\r\n*** EOF\r\n') 43 break 44 if flag: 45 if x.startswith('\r\n'): 46 pass 47 else: 48 temp_list.append(x) 49 flag = False 50 sys.stdout.write(x) 51 sys.stdout.flush() 52 except socket.timeout: 53 pass 54 if sys.stdin in r: 55 x = sys.stdin.read(1) 56 import json 57 58 if len(x) == 0: 59 break 60 61 if x == '\t': 62 flag = True 63 else: 64 temp_list.append(x) 65 if x == '\r': 66 log.write(''.join(temp_list)) 67 log.flush() 68 temp_list.clear() 69 chan.send(x) 70 71 finally: 72 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty) 73 74 75 def windows_shell(chan): 76 import threading 77 78 sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n") 79 80 def writeall(sock): 81 while True: 82 data = sock.recv(256) 83 if not data: 84 sys.stdout.write('\r\n*** EOF ***\r\n\r\n') 85 sys.stdout.flush() 86 break 87 sys.stdout.write(data) 88 sys.stdout.flush() 89 90 writer = threading.Thread(target=writeall, args=(chan,)) 91 writer.start() 92 93 try: 94 while True: 95 d = sys.stdin.read(1) 96 if not d: 97 break 98 chan.send(d) 99 except EOFError: 100 # user hit ^Z or F6 101 pass 102 103 104 def run(): 105 tran = paramiko.Transport(('10.211.55.4', 22,)) 106 tran.start_client() 107 tran.auth_password('wupeiqi', '123') 108 109 # 打开一个通道 110 chan = tran.open_session() 111 # 获取一个终端 112 chan.get_pty() 113 # 激活器 114 chan.invoke_shell() 115 116 interactive_shell(chan) 117 118 chan.close() 119 tran.close() 120 121 122 if __name__ == '__main__': 123 run()
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
1 import paramiko 2 import sys 3 import os 4 import socket 5 import getpass 6 7 from paramiko.py3compat import u 8 9 # windows does not have termios... 10 try: 11 import termios 12 import tty 13 has_termios = True 14 except ImportError: 15 has_termios = False 16 17 18 def interactive_shell(chan): 19 if has_termios: 20 posix_shell(chan) 21 else: 22 windows_shell(chan) 23 24 25 def posix_shell(chan): 26 import select 27 28 oldtty = termios.tcgetattr(sys.stdin) 29 try: 30 tty.setraw(sys.stdin.fileno()) 31 tty.setcbreak(sys.stdin.fileno()) 32 chan.settimeout(0.0) 33 log = open('handle.log', 'a+', encoding='utf-8') 34 flag = False 35 temp_list = [] 36 while True: 37 r, w, e = select.select([chan, sys.stdin], [], []) 38 if chan in r: 39 try: 40 x = u(chan.recv(1024)) 41 if len(x) == 0: 42 sys.stdout.write('\r\n*** EOF\r\n') 43 break 44 if flag: 45 if x.startswith('\r\n'): 46 pass 47 else: 48 temp_list.append(x) 49 flag = False 50 sys.stdout.write(x) 51 sys.stdout.flush() 52 except socket.timeout: 53 pass 54 if sys.stdin in r: 55 x = sys.stdin.read(1) 56 import json 57 58 if len(x) == 0: 59 break 60 61 if x == '\t': 62 flag = True 63 else: 64 temp_list.append(x) 65 if x == '\r': 66 log.write(''.join(temp_list)) 67 log.flush() 68 temp_list.clear() 69 chan.send(x) 70 71 finally: 72 termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty) 73 74 75 def windows_shell(chan): 76 import threading 77 78 sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n") 79 80 def writeall(sock): 81 while True: 82 data = sock.recv(256) 83 if not data: 84 sys.stdout.write('\r\n*** EOF ***\r\n\r\n') 85 sys.stdout.flush() 86 break 87 sys.stdout.write(data) 88 sys.stdout.flush() 89 90 writer = threading.Thread(target=writeall, args=(chan,)) 91 writer.start() 92 93 try: 94 while True: 95 d = sys.stdin.read(1) 96 if not d: 97 break 98 chan.send(d) 99 except EOFError: 100 # user hit ^Z or F6 101 pass 102 103 104 def run(): 105 default_username = getpass.getuser() 106 username = input('Username [%s]: ' % default_username) 107 if len(username) == 0: 108 username = default_username 109 110 111 hostname = input('Hostname: ') 112 if len(hostname) == 0: 113 print('*** Hostname required.') 114 sys.exit(1) 115 116 tran = paramiko.Transport((hostname, 22,)) 117 tran.start_client() 118 119 default_auth = "p" 120 auth = input('Auth by (p)assword or (r)sa key[%s] ' % default_auth) 121 if len(auth) == 0: 122 auth = default_auth 123 124 if auth == 'r': 125 default_path = os.path.join(os.environ['HOME'], '.ssh', 'id_rsa') 126 path = input('RSA key [%s]: ' % default_path) 127 if len(path) == 0: 128 path = default_path 129 try: 130 key = paramiko.RSAKey.from_private_key_file(path) 131 except paramiko.PasswordRequiredException: 132 password = getpass.getpass('RSA key password: ') 133 key = paramiko.RSAKey.from_private_key_file(path, password) 134 tran.auth_publickey(username, key) 135 else: 136 pw = getpass.getpass('Password for %s@%s: ' % (username, hostname)) 137 tran.auth_password(username, pw) 138 139 # 打开一个通道 140 chan = tran.open_session() 141 # 获取一个终端 142 chan.get_pty() 143 # 激活器 144 chan.invoke_shell() 145 146 interactive_shell(chan) 147 148 chan.close() 149 tran.close() 150 151 152 if __name__ == '__main__': 153 run()