Audit system---the use of SSH under the bastion machine python

Use of the Fort Machine python under SSH

"Fortress machine More Reference" http://www.cnblogs.com/alex3714/articles/5286889.html

"Demo instance of Paramiko" Https://github.com/paramiko/paramiko

Win7 under Paramiko's demo telnet execute interactive command:

"Download demo file" Https://github.com/paramiko/paramiko

"Paramiko More Reference" Paramiko module learning

Native [Win7] log on to a remote Linux server

Win7 native ip:192.168.2.102

Remote server ip:192.168.2.105

about Win7 execution of the original code error problem solved:

Error symptom: typeerror:write () argument must be str, not bytes

Problem Solving: F:\Django\paramiko-demo\paramiko-master\demos\interactive.py

Linux under Paramiko demo telnet to execute interactive commands:

Download Demo File

Https://github.com/paramiko/paramiko

To upload a file to a native Linux server:

[Email protected]:~$  CD Paramiko_demo/[email protected]:~/paramiko_demo$  ll

Linux login to other Linux servers

Linxu native ip:192.168.25.110

Remote server ip:192.168.25.133

[Email protected]:~/paramiko_demo$  Python3 demo.pyhostname:192.168.25.133*** Unable to open host keys file*** Warning:unknown Host key! Username [OMC]: Rootauth by (P) Assword, (R) SA key, or (d) SS key? [P]  Ppassword for [email protected]: * * Here we go! Last Login:tue May  

[email protected]:~/paramiko_demo$ ssh [email protected]the authenticity of host ' 192.168.25.133 ( 192.168.25.133) ' can ' t be established. RSA Key fingerprint is sha256:+v73ij2ihbzxee8o9n5rykbjpwd96saebtxkugbbcqg.are your sure you want to continue connecting (ye s/no)? yeswarning:permanently added ' 192.168.25.133 ' (RSA) to the list of known hosts. [email protected] ' s password:last login:tue May 1 07:44:47 2018 from 192.168.25.1[[email protected] ~]# Logou Tconnection to 192.168.25.133 closed. [email protected]:~/paramiko_demo$ python3 demo.py hostname:192.168.25.133*** Host key OK. Username [OMC]: Rootauth by (P) Assword, (R) SA key, or (d) SS key? [P] Ppassword for [email protected]: * * Here we go! 

Note: Unlike the first login, the second login can get information about the 133 server, without alarm

Paramiko's demo analysis and Improvement

demo.py

interactive.py

Paramiko's interactive improvements:

Import socketimport sysimport timefrom paramiko.py3compat import u# Windows does not has termios...try:import Termios Import TTY Has_termios = trueexcept Importerror:has_termios = Falsedef Interactive_shell (chan): # Chan should be a connected real Example if Has_termios: # Judging win or Linux Posix_shell (chan) # POSIX is Linux protocol standard Else:windows_shell (CHAN) def Posix_shell (chan): # Chan is the connection instance we created. Import Select # IO multiplexing, when the event is fetched, it is searched one after the other until the event is found Oldtty = termios.tcgetattr ( Sys.stdin) Try:tty.setraw (Sys.stdin.fileno ()) Tty.setcbreak (Sys.stdin.fileno ()) chan.settimeout (0 .0) cmd = [] f = open (' Cmd.log ', ' a ') while True: # Select Loop monitoring R, W, E = Select.select ([c                    Han, Sys.stdin], [], []) # 3 parameters are input, output, error message if Chan in R: # If the remote has the result of the return command, make the result output try:                        x = U (CHAN.RECV (1024)) # each time the length of 1KB is received if Len (x) = = 0: # length is 0, indicating no received Sys.stdout.write (' \r\n*** eof\r\n ') break Sys.stdout.write (x) # received results written to the screen Sys.stdou  T.flush () # Real-time content is brushed into standard output [screen] except Socket.timeout:pass if Sys.stdin in R:    # standard input, i.e. keyboard input x = Sys.stdin.read (1) # Read () function, enter a read one to send a [carriage return on behalf of the command input completed can perform the task] if (x = = ' \ r '): # The carriage return under Linux is \ r # print ("". Join (cmd)) Cmd_log_format = "%s-%s-%s\r"% (Time.ctime (                Time.time ()), ' Root ', ' ". Join (CMD)) f.write (cmd_log_format) cmd = [] # situation as next use                Else:cmd.append (x) If Len (x) = = 0:break Chan.send (x) # If the input is read, it is sent to the remote operation Finally:termios.tcsetattr (Sys.stdin, Termios. Tcsadrain, Oldtty) # Thanks to Mike Looijmans for this codedef Windows_shell (chan): Import threading Sys.stdout.write ("Line-buffered terminal emulation. Press F6 or ^z to Send eof.\r\n\r\n ") def writeall (sock): While true:data = SOCK.RECV (in) if not data:            Sys.stdout.write (' \r\n*** EOF ***\r\n\r\n ') Sys.stdout.flush () break Sys.stdout.write (Data.decode ("Utf-8")) Sys.stdout.flush () writer = Threading.            Thread (Target=writeall, Args= (chan)) Writer.start () try:while true:d = Sys.stdin.read (1) If not d:break chan.send (d) except Eoferror: # user hits ^z or F6 pass

Note: The file is recorded, but the small bug is that the file will record the left and right moves [this will be converted to binary content]

Audit system---the use of SSH under the bastion machine python