Paramiko 中等效的“ssh”代理命令
Posted
技术标签:
【中文标题】Paramiko 中等效的“ssh”代理命令【英文标题】:"ssh" proxy command equivalent in Paramiko 【发布时间】:2020-04-17 14:08:18 【问题描述】:我正在尝试所有可能的方式来连接到 SFTP 服务器 --
对于这个代码
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
mykey = paramiko.RSAKey.from_private_key_file("/Users/roth/.ssh/id_rsa", password="XXXX")
我明白了
paramiko.ssh_exception.SSHException: Could not deserialize key data.
如果我执行以下操作
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname="128.xx.xx.xx", username="roth", passphrase="roth", password="XXXX", key_filename="/Users/roth/.ssh/id_rsa")
我明白了
paramiko.ssh_exception.NoValidConnectionsError: [Errno None] Unable to connect to port 22 on 128.xx.xx.xx
我不知道为什么,因为我可以使用终端连接到 SFTP,既可以使用密钥 + 密码,也可以只使用密码:
ssh -vvv
OpenSSH_7.5p1, LibreSSL 2.5.4
debug1: Reading configuration data /Users/roth/.ssh/config
debug1: /Users/roth/.ssh/config line 1: Applying options for *
debug1: /Users/roth/.ssh/config line 8: Applying options for 128.30.*
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 52: Applying options for *
debug1: Executing proxy command: exec ssh -W 128.xx.xx.xx:22 jump.xxx.xxx.edu
debug1: permanently_drop_suid: 501
debug1: identity file /Users/roth/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/roth/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.5
【问题讨论】:
【参考方案1】:执行代理命令:exec ssh -W 128.xx.xx.xx:22 jump.xxx.xxx.edu
您的 ssh 使用跳转代理服务器(又名 SSH 隧道)进行连接。
要在 JSch 中实现跳转服务器,请参阅official JumpHosts.java example。
顺便说一句,在最新版本的 OpenSSH 中,通过跳转服务器进行连接比使用“代理命令”更好。见How can I download a file from a host I can only SSH to through another host?
【讨论】:
以上是关于Paramiko 中等效的“ssh”代理命令的主要内容,如果未能解决你的问题,请参考以下文章