Python uses sockets for SSH jump

1. Scenario Description:

Host A	Host B	Host C
10.13.170.76	172.28.117.156 (squid)	10.95.113.131

Host a----> Host B (---> Host c), a 80 access host via B C131

2.Python Code;

Import paramikoimport socketimport loggingfrom base64 import b64encodeimport  timelogging.basicconfig (loglevel=logging. DEBUG) Log = logging.getlogger ("squid") Def http_proxy (Proxy,target,auth=none, timeout=none) :     sock = socket.socket (Socket.af_inet, socket. SOCK_STREAM)     sock.settimeout (timeout)     sock.connect (proxy)      log.debug ("Connected")     cmd_connect =  "connect %s:%d  http/1.1\r\n " % target    if auth is not None:         cmd_connect +=  " : basic %s\r\n"  %  b64encode ('%s:%s '  % auth)     cmd_connect +=  "\ r \ n"      log.debug ("--> %s"  % str (cmd_connect))     sock.sendall (cmd_ ConnecT)     response = []    sock.settimeout (2)        try:        # in worst case this  loop will take 2 seconds if not response was received  (sock.timeout)         while True:      &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;CHUNK&NBSP;=&NBSP;SOCK.RECV (1024x768)              if not chunk:                  break             response.append (Chunk)              if  "\r\n\r\n"  in chunk:                  break    except socket.error,se:         if  "Timed out"  not in se:             response = [se]    response =  ". Join ( Response)     log.debug ("<-- %s"  % str (response))      if  "200 connection established"  not in response.lower ():         raise exception ("unable to establish http-tunnel: %s"  % &NBSP;STR (response))     return sockif __name__ ==  "__main__":     log.setlevel (logging. DEBUG)     log.debug ("--start--")     sock = http_proxy (proxy= ("172.28.117.157",  80), &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&Nbsp;           target= ("10.95.113.131",  22),                        auth= (' Germany ',  ' Germany '),          &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;TIMEOUT=50)      ssh = paramiko. Sshclient ()     ssh.set_missing_host_key_policy (Paramiko. Autoaddpolicy ())     ssh.connect (hostname= "10.95.113.131",  sock=sock, username= " Root ",  password=" 123 ")     # time.sleep (+)     print " # > login users \n%s " % ssh.exec_command (" w ") [1].read ()

Run Result:

/system/library/frameworks/python.framework/versions/2.7/bin/python2.7 /users/germany/workspace/python2_ study/python_squid.pydebug:squid:--start--debug:squid:connecteddebug:squid:--> connect  10.95.113.131:22 http/1.1proxy-authorization: basic z2vybwfuetpnzxjtyw55debug:squid:<--  http/1.0 200 connection established#> login user  15:23:01 up  102 days,  7:57,  1 user,  load average: 0.04,  0.09, 0.14user     tty      from               [email protected]   idle    JCPU   PCPU WHATroot     pts/0     172.28.117.157   15:03   11:20   0.01s   0.01s -bashprocess finisheD with exit code 0 

3. Summary:

Mainly in the generation of Paramiko in Connect connection required proxy sock, where the connection squid is the use of HTTP Tunnel,http tunnel have connect message, the socket in the corresponding message format can be connected with squid. Since squid is using basic auth it is necessary to use B64encode to encode the username and password.

This article is from the Linux OPS blog, so be sure to keep this source http://germanygu.blog.51cto.com/3574209/1952670

Python uses sockets for SSH jump