我正在尝试编写一个简短的python脚本,该脚本将由GUI前端调用,该脚本将在整个企业中的各种路由器和交换机上执行远程命令。运行GUI的主机没有对目标设备的直接SSH访问,因此我需要通过执行的jumphost代理。前端应用程序将从其会话中解密用户的凭据并将其传递给脚本,以及其他参数以完成要运行的命令。在下面的脚本中,我唯一的问题是,从CLI运行脚本,我必须手动验证到jumphost。其余的工作正常。如何自动登录jumphost以完成代理连接?
#!/bin/python
import os
import sys
import paramiko
def test_client(proxyHost, router1, router2, username, password):
proxyCommand = 'ssh -o StrictHostKeyChecking=no '+proxyHost+' nc -w 1 '+router1+' 22'
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(
router1, username=username,
password=password,
sock=paramiko.ProxyCommand(proxyCommand)
)
stdin, stdout, stderr = client.exec_command("show rsvp session ingress lsp name " + router1 + "-to-" + router2 + " extensive | match record")
print stdout.read()
client.close()
if __name__ == '__main__':
test_client(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4], sys.argv[5])
示例输出:
[<myusername>@<appservername> core]$ python proxyTest.py '<jumphost>' '<router1>' '<router2>' '<myusername>' '<mypassword>'
<myusername>@<jumphost>'s password:
Record route: <self> <LSP Hop Information Removed>
Record route: <self> <LSP Hop Information Removed>
[<myusername>@<appservername> core]$