Python paramiko.RejectPolicy() Examples
The following are 8
code examples of paramiko.RejectPolicy().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
paramiko
, or try the search function
.
.
Example #1
| Source File: handler.py From webssh with MIT License | 6 votes |
|
def get_args(self):
hostname = self.get_hostname()
port = self.get_port()
username = self.get_value('username')
password = self.get_argument('password', u'')
privatekey, filename = self.get_privatekey()
passphrase = self.get_argument('passphrase', u'')
totp = self.get_argument('totp', u'')
if isinstance(self.policy, paramiko.RejectPolicy):
self.lookup_hostname(hostname, port)
if privatekey:
pkey = PrivateKey(privatekey, passphrase, filename).get_pkey_obj()
else:
pkey = None
self.ssh_client.totp = totp
args = (hostname, port, username, password, pkey)
logging.debug(args)
return args
Example #2
| Source File: handler.py From adminset with GNU General Public License v2.0 | 6 votes |
|
def get_args(self):
hostname = self.get_hostname()
port = self.get_port()
if isinstance(self.policy, paramiko.RejectPolicy):
self.lookup_hostname(hostname, port)
username = self.get_value('username')
password = self.get_argument('password', u'')
privatekey = self.get_privatekey()
if privatekey:
pkey = self.get_pkey_obj(
privatekey, password, self.privatekey_filename
)
password = None
else:
pkey = None
args = (hostname, port, username, password, pkey)
logging.debug(args)
return args
Example #3
| Source File: test_client.py From python-hpedockerplugin with Apache License 2.0 | 6 votes |
|
def test_13_reject_policy_gsskex(self):
"""
verify that SSHClient's RejectPolicy works,
even if gssapi-keyex was enabled but not used.
"""
# Test for a bug present in paramiko versions released before 2017-08-01
if not paramiko.GSS_AUTH_AVAILABLE:
return # for python 2.6 lacks skipTest
threading.Thread(target=self._run).start()
self.tc = paramiko.SSHClient()
self.tc.set_missing_host_key_policy(paramiko.RejectPolicy())
self.assertEqual(0, len(self.tc.get_host_keys()))
self.assertRaises(
paramiko.SSHException,
self.tc.connect,
password='pygmalion',
gss_kex=True,
**self.connect_kwargs
)
Example #4
| Source File: server.py From mock-ssh-server with MIT License | 5 votes |
|
def client(self, uid):
private_key_path, _ = self._users[uid]
c = paramiko.SSHClient()
host_keys = c.get_host_keys()
key = paramiko.RSAKey.from_private_key_file(SERVER_KEY_PATH)
host_keys.add(self.host, "ssh-rsa", key)
host_keys.add("[%s]:%d" % (self.host, self.port), "ssh-rsa", key)
c.set_missing_host_key_policy(paramiko.RejectPolicy())
c.connect(hostname=self.host,
port=self.port,
username=uid,
key_filename=private_key_path,
allow_agent=False,
look_for_keys=False)
return c
Example #5
| Source File: test_client.py From python-hpedockerplugin with Apache License 2.0 | 5 votes |
|
def test_12_reject_policy(self):
"""
verify that SSHClient's RejectPolicy works.
"""
threading.Thread(target=self._run).start()
self.tc = paramiko.SSHClient()
self.tc.set_missing_host_key_policy(paramiko.RejectPolicy())
self.assertEqual(0, len(self.tc.get_host_keys()))
self.assertRaises(
paramiko.SSHException,
self.tc.connect,
password='pygmalion', **self.connect_kwargs
)
Example #6
| Source File: test_client.py From python-hpedockerplugin with Apache License 2.0 | 5 votes |
|
def _client_host_key_good(self, ktype, kfile):
threading.Thread(target=self._run).start()
hostname = '[%s]:%d' % (self.addr, self.port)
self.tc = paramiko.SSHClient()
self.tc.set_missing_host_key_policy(paramiko.RejectPolicy())
host_key = ktype.from_private_key_file(test_path(kfile))
known_hosts = self.tc.get_host_keys()
known_hosts.add(hostname, host_key.get_name(), host_key)
self.tc.connect(password='pygmalion', **self.connect_kwargs)
self.event.wait(1.0)
self.assertTrue(self.event.is_set())
self.assertTrue(self.ts.is_active())
self.assertEqual(True, self.ts.is_authenticated())
Example #7
| Source File: test_client.py From python-hpedockerplugin with Apache License 2.0 | 5 votes |
|
def test_missing_key_policy_accepts_classes_or_instances(self):
"""
Client.missing_host_key_policy() can take classes or instances.
"""
# AN ACTUAL UNIT TEST?! GOOD LORD
# (But then we have to test a private API...meh.)
client = paramiko.SSHClient()
# Default
assert isinstance(client._policy, paramiko.RejectPolicy)
# Hand in an instance (classic behavior)
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
assert isinstance(client._policy, paramiko.AutoAddPolicy)
# Hand in just the class (new behavior)
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
assert isinstance(client._policy, paramiko.AutoAddPolicy)
Example #8
| Source File: ssh_forward.py From king-phisher with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
def __init__(self, server, username, password, remote_server, local_port=0, private_key=None, missing_host_key_policy=None):
"""
:param tuple server: The SSH server to connect to.
:param str username: The username to authenticate with.
:param str password: The password to authenticate with.
:param tuple remote_server: The remote server to connect to through the specified SSH server.
:param int local_port: The local port to forward, if not set a random one will be used.
:param str private_key: An RSA key to prefer for authentication.
:param missing_host_key_policy: The policy to use for missing host keys.
"""
super(SSHTCPForwarder, self).__init__()
self.logger = logging.getLogger('KingPhisher.' + self.__class__.__name__)
self.server = (server[0], int(server[1]))
self.remote_server = (remote_server[0], int(remote_server[1]))
client = paramiko.SSHClient()
if missing_host_key_policy is None:
missing_host_key_policy = paramiko.AutoAddPolicy()
elif isinstance(missing_host_key_policy, paramiko.RejectPolicy):
self.logger.info('reject policy in place, loading system host keys')
client.load_system_host_keys()
client.set_missing_host_key_policy(missing_host_key_policy)
self.client = client
self.username = username
self.__connected = False
# an issue seems to exist in paramiko when multiple keys are present through the ssh-agent
agent_keys = paramiko.Agent().get_keys()
if not self.__connected and private_key:
private_key = self.__resolve_private_key(private_key, agent_keys)
if private_key:
self.logger.debug('attempting ssh authentication with user specified key')
self.__try_connect(look_for_keys=False, pkey=private_key)
else:
self.logger.warning('failed to identify the user specified key for ssh authentication')
if not self.__connected and agent_keys:
self.logger.debug("attempting ssh authentication with {:,} agent provided key{}".format(len(agent_keys), '' if len(agent_keys) == 1 else 's'))
for key in agent_keys:
if self.__try_connect(look_for_keys=False, pkey=key):
break
if not self.__connected:
self.logger.debug('attempting ssh authentication with user specified credentials')
self.__try_connect(password=password, look_for_keys=True, raise_error=True)
transport = self.client.get_transport()
self._forward_server = ForwardServer(self.remote_server, transport, ('127.0.0.1', local_port), ForwardHandler)
