Python3：Fabric 2.4.0 ProxyJump和ssh_config

Question

documentation在想要使用ssh_config时还有很多需要改进的地方。有人可以提供有关如何实际导入ssh_config的概念证明代码吗？

要补充我的不足，我也不知道为什么下面的代码不起作用，因为它似乎已加载了ssh_config。进入主机C的唯一方法是通过主机B。进入主机B的唯一方法是通过主机A。我正在使用ProxyJump。

非工作示例：

>>> from fabric import Connection
>>> c = Connection('HOST_C')
>>> print(c)
<Connection host=HOST_C gw=proxyjump>
>>> print(c.ssh_config)
{'serveraliveinterval': '60', 'tcpkeepalive': 'yes', 'stricthostkeychecking': 'no', 'forwardagent': 'yes', 'proxyjump': 'HOST_A,HOST_B', 'hostname': 'HOST_C'}
>>> c.run('hostname')
Secsh channel 0 open FAILED: open failed: Administratively prohibited
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<decorator-gen-3>", line 2, in run
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 29, in opens
    self.open()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 608, in open
    kwargs["sock"] = self.open_gateway()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 640, in open_gateway
    self.gateway.open()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 608, in open
    kwargs["sock"] = self.open_gateway()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 655, in open_gateway
    src_addr=("", 0),
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/paramiko/transport.py", line 944, in open_channel
    raise e
paramiko.ssh_exception.ChannelException: (1, 'Administratively prohibited')

工作示例：

>>> from fabric import Connection
>>> d = Connection('HOST_C', gateway=Connection('HOST_B', gateway=Connection('HOST_A')))
>>> print(d)
<Connection host=HOST_C gw=proxyjump>
>>> print(d.ssh_config)
{'serveraliveinterval': '60', 'tcpkeepalive': 'yes', 'stricthostkeychecking': 'no', 'forwardagent': 'yes', 'proxyjump': 'HOST_A,HOST_B', 'hostname': 'HOST_C'}
>>> d.run('hostname')
HOST_C
<Result cmd='hostname' exited=0>

在一个不相关的注释上，从python 3.7.1开始，我收到了Paramiko的以下错误。加密程序包的版本为2.5。为什么会发生这种情况的任何见解？

/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/ecdsakey.py:164: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.ecdsa_curve.curve_class(), pointinfo
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:39: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  m.add_string(self.Q_C.public_numbers().encode_point())
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:96: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.curve, Q_S_bytes
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:111: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  hm.add_string(self.Q_C.public_numbers().encode_point())

Answer 1

在paramiko的github https://github.com/paramiko/paramiko/issues/1369#issuecomment-456940895上查看解决方法