python远程下发shell指令
Python实现堡垒机模式下远程命令执行操作示例本文实例讲述了python实现堡垒机模式下远程命令执行操作。分享给大家供大家参考,具体如下:
一 点睛
堡垒机环境在一定程度上提升了运营安全级别,但同时也提高了日常运营成本,作为管理的中转设备,任何针对业务服务器的管理请求都会经过此节点,比如ssh协议,首先运维人员在办公电脑通过ssh协议登录堡垒机,再通过堡垒机ssh跳转到所有的业务服务器进行维护操作。
我们可以利用paramiko的invoke_shell机制来实现通过堡垒机实现服务器操作,原理是sshclient.connect到堡垒机后开启一个新的ssh会话 (session),通过新的会话运行“ssh user@ip”去实现远程执行命令的操作。
二 代码
|
#coding=utf-8 #!/usr/bin/env python import paramiko import os,sys,time hostname = "192.168.0.120" # 定义业务服务器 username = "root" password = "123456" blip = "192.168.0.101" # 定义业务堡垒机 bluser = "root" blpasswd = "123456" port = 22 passinfo = '\'s password: ' # 输入服务器密码的前标志串 paramiko.util.log_to_file( 'syslogin.log' ) ssh = paramiko.sshclient() # ssh登录堡垒机 ssh.set_missing_host_key_policy(paramiko.autoaddpolicy()) ssh.connect(hostname = blip,username = bluser,password = blpasswd) #new session channel = ssh.invoke_shell() # 创建会话,开启命令调用 channel.settimeout( 10 ) # 会话命令执行超时时间,单位为秒 buff = '' resp = '' channel.send( 'ssh ' + username + '@' + hostname + '\n' ) # 执行ssh登录业务主机 while not buff.endswith(passinfo): # ssh登录的提示信息判断,输出串尾含有"\'s password:"时退出while循环 try : resp = channel.recv( 9999 ) except exception,e: print 'error info:%s connection time.' % ( str (e)) channel.close() ssh.close() sys.exit() buff + = resp if not buff.find( 'yes/no' ) = = - 1 : # 输出串尾含有"yes/no"时发送"yes"并回车 channel.send( 'yes\n' ) print (buff) print ( "*************************************************************************************" ) channel.send(password + '\n' ) # 发送业务主机密码 buff = '' while not buff.endswith( '# ' ): # 输出串尾为 "# " 时说明校验通过并退出 while 循环 resp = channel.recv( 9999 ) if not resp.find(passinfo) = = - 1 : # 输出串尾含有"\'s password: "时说明 密码不正确,要求重新输入 print 'error info: authentication failed.' channel.close() # 关闭连接对象后退出 ssh.close() sys.exit() buff + = resp channel.send( 'ifconfig\n' ) # 认证通过后发送ifconfig命令来查看结果 buff = '' try : while buff.find( '# ' ) = = - 1 : resp = channel.recv( 9999 ) buff + = resp except exception, e: print "error info:" + str (e) print buff # 打印输出串 channel.close() ssh.close() |
三 输出结果
e:\python\python_auto_maintain\venv\scripts\python.exe e:/python/python_auto_maintain/6_3_2.py
last login: thu feb 28 22:00:07 2019 from 192.168.0.106
hello cakin24!
ssh root@192.168.0.120
[root@slave2 ~]# ssh root@192.168.0.120
root@192.168.0.120's password:
*************************************************************************************
ifconfig
enp0s3: flags=4163<up,broadcast,running,multicast> mtu 1500
inet 192.168.0.120 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::a00:27ff:fe0a:6e8a prefixlen 64 scopeid 0x20<link>
ether 08:00:27:0a:6e:8a txqueuelen 1000 (ethernet)
rx packets 2046 bytes 179711 (175.4 kib)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 1408 bytes 148744 (145.2 kib)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<up,loopback,running> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (local loopback)
rx packets 404117 bytes 68752333 (65.5 mib)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 404117 bytes 68752333 (65.5 mib)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qbr07d54630-64: flags=4163<up,broadcast,running,multicast> mtu 1450
ether 42:76:47:57:b2:75 txqueuelen 1000 (ethernet)
rx packets 11 bytes 572 (572.0 b)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 0 bytes 0 (0.0 b)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvb07d54630-64: flags=4419<up,broadcast,running,promisc,multicast> mtu 1450
inet6 fe80::4076:47ff:fe57:b275 prefixlen 64 scopeid 0x20<link>
ether 42:76:47:57:b2:75 txqueuelen 1000 (ethernet)
rx packets 12 bytes 816 (816.0 b)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 8 bytes 648 (648.0 b)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvo07d54630-64: flags=4419<up,broadcast,running,promisc,multicast> mtu 1450
inet6 fe80::dcbe:efff:feb7:5d52 prefixlen 64 scopeid 0x20<link>
ether de:be:ef:b7:5d:52 txqueuelen 1000 (ethernet)
rx packets 8 bytes 648 (648.0 b)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 12 bytes 816 (816.0 b)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]#
希望本文所述对大家python程序设计有所帮助。
原文链接:https://blog.csdn.net/chengqiuming/article/details/88046152