The leading native Python SSHv2 protocol library.

Related tags

DevOps Toolsparamiko
Overview

Paramiko

https://travis-ci.org/paramiko/paramiko.svg?branch=master
Paramiko: Python SSH module
Copyright: Copyright (c) 2009 Robey Pointer <[email protected]>
Copyright: Copyright (c) 2020 Jeff Forcier <[email protected]>
License: LGPL
Homepage: http://www.paramiko.org/
API docs: http://docs.paramiko.org
Development: https://github.com/paramiko/paramiko

What

"Paramiko" is a combination of the Esperanto words for "paranoid" and "friend". It's a module for Python 2.7/3.4+ that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced Telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across the encrypted tunnel (this is how SFTP works, for example).

It is written entirely in Python (though it depends on third-party C wrappers for low level crypto; these are often available precompiled) and is released under the GNU Lesser General Public License (LGPL).

The package and its API is fairly well documented in the docs folder that should have come with this repository.

Installation

For most users, the recommended method to install is via pip:

pip install paramiko

For more detailed instructions, see the Installing page on the main Paramiko website.

Portability Issues

Paramiko primarily supports POSIX platforms with standard OpenSSH implementations, and is most frequently tested on Linux and OS X. Windows is supported as well, though it may not be as straightforward.

Bugs & Support

Bug Reports: Github
Mailing List: [email protected] (see the LibreList website for usage details).
IRC: #paramiko on Freenode

Kerberos Support

Paramiko ships with optional Kerberos/GSSAPI support; for info on the extra dependencies for this, see the GSS-API section on the main Paramiko website.

Demo

Several demo scripts come with Paramiko to demonstrate how to use it. Probably the simplest demo is this:

import base64
import paramiko
key = paramiko.RSAKey(data=base64.b64decode(b'AAA...'))
client = paramiko.SSHClient()
client.get_host_keys().add('ssh.example.com', 'ssh-rsa', key)
client.connect('ssh.example.com', username='strongbad', password='thecheat')
stdin, stdout, stderr = client.exec_command('ls')
for line in stdout:
    print('... ' + line.strip('\n'))
client.close()

This prints out the results of executing ls on a remote server. The host key b'AAA...' should of course be replaced by the actual base64 encoding of the host key. If you skip host key verification, the connection is not secure!

The following example scripts (in demos/) get progressively more detailed:

demo_simple.py: Calls invoke_shell() and emulates a terminal/TTY through which you can execute commands interactively on a remote server. Think of it as a poor man's SSH command-line client.
demo.py: Same as demo_simple.py, but allows you to authenticate using a private key, attempts to use an SSH agent if present, and uses the long form of some of the API calls.
forward.py: Command-line script to set up port-forwarding across an SSH transport.
demo_sftp.py: Opens an SFTP session and does a few simple file operations.
demo_server.py: An SSH server that listens on port 2200 and accepts a login for 'robey' (password 'foo'), and pretends to be a BBS. Meant to be a very simple demo of writing an SSH server.
demo_keygen.py: A key generator similar to OpenSSH ssh-keygen(1) program with Paramiko keys generation and progress functions.

Use

The demo scripts are probably the best example of how to use this package. Also a lot of documentation is generated by Sphinx autodoc, in the doc/ folder.

There are also unit tests here:

$ pip install -r dev-requirements.txt
$ pytest

Which will verify that most of the core components are working correctly.

To test Kerberos/GSSAPI, you need a Kerberos environment. On UNIX you can use the package k5test to setup a Kerberos environment on the fly:

$ pip install -r dev-requirements.txt
$ pip install k5test gssapi pyasn1
$ pytest
GitGoat enables DevOps and Engineering teams to test security products intending to integrate with GitHub

GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test with products w

Arnica 149 Dec 22, 2022
Get Response Of Container Deployment Kube with python

get-response-of-container-deployment-kube 概要 get-response-of-container-deployment-kube は、例えばエッジコンピューティング環境のコンテナデプロイメントシステムにおいて、デプロイ元の端末がデプロイ先のコンテナデプロイ

Latona, Inc. 3 Nov 05, 2021
gunicorn 'Green Unicorn' is a WSGI HTTP Server for UNIX, fast clients and sleepy applications.

Gunicorn Gunicorn 'Green Unicorn' is a Python WSGI HTTP Server for UNIX. It's a pre-fork worker model ported from Ruby's Unicorn project. The Gunicorn

Benoit Chesneau 8.7k Jan 08, 2023
Bugbane - Application security tools for CI/CD pipeline

BugBane Набор утилит для аудита безопасности приложений. Основные принципы и осо

GardaTech 20 Dec 09, 2022
Bitnami Docker Image for Python using snapshots for the system packages repositories

Python Snapshot packaged by Bitnami What is Python Snapshot? Python is a programming language that lets you work quickly and integrate systems more ef

Bitnami 1 Jan 13, 2022
A curated list of awesome DataOps tools

Awesome DataOps A curated list of awesome DataOps tools. Awesome DataOps Data Catalog Data Exploration Data Ingestion Data Lake Data Processing Data Q

Kelvin S. do Prado 40 Dec 23, 2022
Organizing ssh servers in one shell.

NeZha (哪吒) NeZha is a famous chinese deity who can have three heads and six arms if he wants. And my NeZha tool is hoping to bring developer such mult

Zilin Zhu 8 Dec 20, 2021
Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.

Welcome to the Spinnaker Project Spinnaker is an open-source continuous delivery platform for releasing software changes with high velocity and confid

8.8k Jan 07, 2023
Honcho: a python clone of Foreman. For managing Procfile-based applications.

___ ___ ___ ___ ___ ___ /\__\ /\ \ /\__\ /\ \ /\__\ /\

Nick Stenning 1.5k Jan 03, 2023
Build and Push docker image in Python (luigi + docker-py)

Docker build images workflow in Python Since docker hub stopped building images for free accounts, I've been looking for another way to do it. I could

Fabien D. 2 Dec 15, 2022
The low-level, core functionality of boto 3.

botocore A low-level interface to a growing number of Amazon Web Services. The botocore package is the foundation for the AWS CLI as well as boto3. On

the boto project 1.2k Jan 03, 2023
Dockerized iCloud drive

iCloud-drive-docker is a simple iCloud drive client in Docker environment. It uses pyiCloud python library to interact with iCloud

Mandar Patil 376 Jan 01, 2023
Simple, Pythonic remote execution and deployment.

Welcome to Fabric! Fabric is a high level Python (2.7, 3.4+) library designed to execute shell commands remotely over SSH, yielding useful Python obje

Fabric 13.8k Jan 06, 2023
Rancher Kubernetes API compatible with RKE, RKE2 and maybe others?

kctl Rancher Kubernetes API compatible with RKE, RKE2 and maybe others? Documentation is WIP. Quickstart pip install --upgrade kctl Usage from lazycls

1 Dec 02, 2021
A honey token manager and alert system for AWS.

SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token

287 Nov 09, 2022
Ansible for DevOps examples.

Ansible for DevOps Examples This repository contains Ansible examples developed to support different sections of Ansible for DevOps, a book on Ansible

Jeff Geerling 6.6k Jan 08, 2023
Hackergame nc 类题目的 Docker 容器资源限制、动态 flag、网页终端

Hackergame nc 类题目的 Docker 容器资源限制、动态 flag、网页终端 快速入门 配置证书 证书用于验证用户 Token。请确保这里的证书文件(cert.pem)与 Hackergame 平台 配置的证书相同,这样 Hackergame 平台为每个用户生成的 Token 才可以通

USTC Hackergame 68 Nov 09, 2022
Let's learn how to build, release and operate your containerized applications to Amazon ECS and AWS Fargate using AWS Copilot.

🚀 Welcome to AWS Copilot Workshop In this workshop, you'll learn how to build, release and operate your containerised applications to Amazon ECS and

Donnie Prakoso 15 Jul 14, 2022
DAMPP (gui) is a Python based program to run simple webservers using MySQL, Php, Apache and PhpMyAdmin inside of Docker containers.

DAMPP (gui) is a Python based program to run simple webservers using MySQL, Php, Apache and PhpMyAdmin inside of Docker containers.

Sehan Weerasekara 1 Feb 19, 2022
More than 130 check plugins for Icinga and other Nagios-compatible monitoring applications. Each plugin is a standalone command line tool (written in Python) that provides a specific type of check.

Python-based Monitoring Check Plugins Collection This Enterprise Class Check Plugin Collection offers a package of more than 130 Python-based, Nagios-

Linuxfabrik 119 Dec 27, 2022