尝试为paramiko SSHClient指定密钥,错误:无法反序列化密钥数据

时间:2019-07-15 10:48:25

标签: python python-3.x ssh paramiko private-key

首先,我想澄清一下,我对整个python世界来说都是新手。

我正在尝试创建python脚本,以SSH到多个服务器并执行bash命令。

为此,我正在使用Paramiko,这导致了一些问题。

  1. 由于某种原因,我的OpenSSH ssh密钥不起作用,但是我已经通过创建具有不同格式的新密钥来解决了这个问题。

  2. 这导致我不得不指定要使用的密钥,首先我尝试在未指定密码的情况下进行连接,但是随后Paramiko无法解密该密钥。

    password = "somepassword"
    pkey_path = "/Users/user1/.ssh/id_rsa_copy"
    key = RSAKey.from_private_key_file(pkey_path,password=password)
    
    c = SSHClient()
    c.set_missing_host_key_policy(AutoAddPolicy())
    
    c.connect('somesite.com',password=password,pkey=key,look_for_keys=False)
    stdin, stdout, stderr = c.exec_command('uptime')
    c.close()
    

执行脚本时,出现以下错误:

Traceback (most recent call last):
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/paramiko/rsakey.py", line 185, in _decode_key
    data, password=None, backend=default_backend()
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 28, in load_der_private_key
    return backend.load_der_private_key(data, password)
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1106, in load_der_private_key
    password,
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1277, in _load_key
    self._handle_key_loading_error()
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1335, in _handle_key_loading_error
    raise ValueError("Could not deserialize key data.")
ValueError: Could not deserialize key data.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Users/user1/projects/python/paramiko-puppet.py", line 7, in <module>
    key = RSAKey.from_private_key_file(pkey_path,password=password)
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/paramiko/pkey.py", line 206, in from_private_key_file
    key = cls(filename=filename, password=password)
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/paramiko/rsakey.py", line 55, in __init__
    self._from_private_key_file(filename, password)
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/paramiko/rsakey.py", line 176, in _from_private_key_file
    self._decode_key(data)
  File "/Users/user1/projects/my_first_venv/lib/python3.7/site-packages/paramiko/rsakey.py", line 188, in _decode_key
    raise SSHException(str(e))
paramiko.ssh_exception.SSHException: Could not deserialize key data.

编辑: 这是我用来生成新ssh密钥的命令,以及生成时密钥的外观。

首先,我复制了当前的ssh密钥,然后对其进行了“转换”。

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa_copy

新密钥:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,E48A0313BF686BDA7EB6B7F26B10BCC0

jeMD8Eh4g5cpq5YkFKMN5EbquJEVwser2NV6QI/ysO7wPs0SVy3HzoRjaOT4Iox+
gOX90VX5pml3v8S7UmYNzvI+sJMIo/pNpG3qai9OkL9/Z0DJRbTOBXY0nJhkvSVl
W41ojZOot/KWlgrHfPkYZ/Q9L4JJbmP/ChEi1SKFhSByjI9oZnmIHPTEinPib8AZ
j7Wd8S5tF6rJtuapVBPEz8NZLDOsTIME9iql3AxURRbMdQz3IfbWMuSP69ZO8ibe
PFnlHC0u6CjYpZ01axegDSw09xDFuywe0tRfCb0eK7NJQxfeLL3IoKz36+74De2Y
QA5jrJ/Yz/HIIWoOYh+M3wXBIBMSQ5I9/K9twEtyJ/zVOLaXEbJlBiWRPcXzbPXf
NwbfUUNc5ylI729FMB+cE3NuPqen3Hw+FlyKAKu2+E8I56THJIjwsZy3xEY4qkdO
pFukD7UiubB11mJUdT2RkNlI8/0zKCfTjzhRD8lEXFtMu/1OSdPdmaNu62XsXMcq
StA+TqnzMFQ+20vde6NgrZagC/jK3yMJgYSTf9uMLhone+SLVXh0AqPNmuvbHPN7
DvGcYTFlNt340of2Pi9myeOPNdZniLZtq7Oz+Z+2hs/3NxciHbO6MbMpK1Uk2pZK
wovw7+nt71IYjWrzfpVbFI2F7Rw+0rTzmIpe56gv1CtlWZ6pXYbnSakyEKXtCTh8
7CJ4ofSChp4vkCtx6wwjZK/1ysLL1i6pY9Y7TMHumKLTjN+iK0oK//h0/EJIUVVn
3HzX/qwYyTLBJrsr/wvWK6AjYRbUjncDC6fyGVSa25tlcgbo7rsTUaEsiBzhxBK/
zolpRjlBiHU4W64niXJShdU9RGANvPe9jiL1dmg58ZpaKRD4mN6qzxfG8TTBxMLS
+VmMgIFwcFVg2PtQgnoaqqcGFUlRlkoZX8rZ7xktg7ghPTRKxoxaeu0WKYrQzowi
hatyNhQbQ6h8zWb0Mt1+EVcatjAPHp8N/wosTX8QkYtyC82/uFXiz3eQr7RBZl4Z
hd2GkGZLvPPgP6dtXwHeqgGabsDCuFAKYhqnvlXeB6TURqgN9z0uBrRf/JzQV3n2
QZkHCoLKxqK86dw5/yjT+gS/kH8QBvvk/qJEh2tLWRrntD2if6KUXWWaFenq3v/U
ZNb3+ZnJKQMm8ujOJ0gzJo+SC2xDNJFOUMJbi7YVZ2JJSOcZ/Tcfbl8/VriKv+wD
kt2Ksv2vtSYXAqmItUnKcZMPVwujmmr+zpO6Nya+v4+nTfb7lgYYlVR/SxipELm4
HCgTFkQ0bQHURz+WikvSP8EvYqc/DpuvBu4m7yTcbKoJk4iozxzG6K3ligo8QT5o
uF2AFcNLOImo4E3sFUAW6FsDxUV+AuOD16XckRUiz+jYIhh6pbXNhfsYLC0bDaSf
3bC5O9IH7vVWzj8FfcuVxRCzHOoMRROrtTa983KV96YHEAzhIzb9GKEAvFkCN6wE
7a2m3MpTszPa+wnFA4CVuXmLsB5jCmzq0CcPE4SKmX03buN9v+oEOTHDUoAyMebg
RPurPnPkZfJT9RH0MNZ2HaavhJ/eXfALveYgSZBdiY6YiseQr5kKZJItKRZWBwR+
-----END RSA PRIVATE KEY-----

1 个答案:

答案 0 :(得分:1)

如果我做的完全一样,那么它对我有用。

但是,如果我在password=password中使用了错误的密码,则会收到与您相同的错误。因此,请仔细检查您使用的密码是否正确。

from_private_key_file的密码参数是您的私钥密码,而不是您的帐户密码。


通常,如果您使用私钥,甚至不需要任何帐户密码,所以我不确定为什么要在connect调用中传递密码-但这不是当前的问题。