ssh-login与python.paramiko模块进入cisco设备失败

时间:2013-05-25 15:35:39

标签: python-2.7 ssh cisco

我尝试将ssh登录到cisco设备,该设备因para​​miko.SSHClient而失败。

ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
transport = ssh.get_transport()
ssh.connect(hostname, username='user', password='pwd')
ssh.close()

打开paramiko.DEBU:

DEBUG:paramiko.transport:starting thread (client mode): 0x2efdc18L
INFO:paramiko.transport:Connected (version 1.99, client Cisco-1.25)
DEBUG:paramiko.transport:kex algos:['diffie-hellman-group1-sha1'] server key:['ssh-    rsa'] client encrypt:['aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] server encrypt:['aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] client mac:['hmac-sha1', 'hmac-sha1-96', 'hmac-md5', 'hmac-md5-96'] server mac:['hmac-sha1', 'hmac-sha1-96', 'hmac-md5', 'hmac-md5-96'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
DEBUG:paramiko.transport:Ciphers agreed: local=aes128-cbc, remote=aes128-cbc
DEBUG:paramiko.transport:using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-cbc, remote aes128-cbc; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:Adding ssh-rsa host key for 172.20.112.77: ff666b2246321237c117d838f56df217
DEBUG:paramiko.transport:Trying discovered key 33e9714dae2cebdcfa3f30820ed2b17b in C:\Users\lauener/.ssh/id_rsa
DEBUG:paramiko.transport:userauth is OK
DEBUG:paramiko.transport:Authentication type (publickey) not permitted.
DEBUG:paramiko.transport:Allowed methods: ['keyboard-interactive', 'password']
INFO:paramiko.transport:Disconnect (code 2): Protocol error: expected packet type 50, got 5

我尝试用Transport做一些事情,但是

transport = ssh.get_transport()

运输是无。

但是,如果我尝试连接paramiko提供的simple_demo,我可以连接。 以下代码有效:

# get host key, if we know one
hostkeytype = None
hostkey = None
try:
    host_keys = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
except IOError:
    try:
        # try ~/ssh/ too, because windows can't have a folder named ~/.ssh/
        host_keys = paramiko.util.load_host_keys(os.path.expanduser('~/ssh/known_hosts'))
    except IOError:
        print '*** Unable to open host keys file'
        host_keys = {}

if host_keys.has_key(hostname):
    hostkeytype = host_keys[hostname].keys()[0]
    hostkey = host_keys[hostname][hostkeytype]
    print 'Using host key of type %s' % hostkeytype

# now, connect and use paramiko Transport to negotiate SSH2 across the connection
try:
    t = paramiko.Transport((hostname, port))
    t.connect(username='user', password='pwd', hostkey=hostkey)
    t.close()

except Exception, e:
    print '*** Caught exception: %s: %s' % (e.__class__, e)
    traceback.print_exc()
    try:
        t.close()
    except:
        pass
    sys.exit(1)

但我认为使用SSHClient会更舒服。这就是为什么我会感谢你的任何帮助。

谢谢。

2 个答案:

答案 0 :(得分:4)

尝试将allow_agent和look_for_keys设置为false,否则ssh客户端将尝试使用ssh代理(如果处于活动状态)或默认路径中的任何ssh密钥。

ssh.connect(hostname, username='user', password='pwd', allow_agent=False,look_for_keys=False)

答案 1 :(得分:0)

有同样的问题,c0m4的答案解决了它:

>>> sshobj.connect('192.168.0.200', username=usr, password=pass, allow_agent=False,look_for_keys=False)
DEBUG:paramiko.transport:starting thread (client mode): 0x9ecfc4cL
INFO:paramiko.transport:Connected (version 2.0, client Cisco-1.25)
DEBUG:paramiko.transport:kex algos:['diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa'] client encrypt:['aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] server encrypt:['aes128-cbc', '3des-cbc', 'aes192-cbc', 'aes256-cbc'] client mac:['hmac-sha1', 'hmac-sha1-96', 'hmac-md5', 'hmac-md5-96'] server mac:['hmac-sha1', 'hmac-sha1-96', 'hmac-md5', 'hmac-md5-96'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
DEBUG:paramiko.transport:Ciphers agreed: local=aes128-cbc, remote=aes128-cbc
DEBUG:paramiko.transport:using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-cbc, remote aes128-cbc; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEBUG:paramiko.transport:Switch to new keys ...
DEBUG:paramiko.transport:userauth is OK
INFO:paramiko.transport:**Authentication (password) successful!**
>>>