From tessier.atosorigin at philips.com Tue Apr 3 01:16:19 2007 From: tessier.atosorigin at philips.com (Tessier AtosOrigin) Date: Tue, 3 Apr 2007 10:16:19 +0200 Subject: [paramiko] push update scripts to a bunch of remote machines Message-ID: Hello paramiko users. First of all, let me explain what i'd like to do : I have about a hundred Linux machines to administrate. I wrote an app in bash that automatically push batches onto all those machines. I would like to know if paramiko would allow me to push whole script files (bash ior python) throught ssh to be executed onto remote machines? Thanks for all Guillaume TESSIER Philips - PGIS Hosting 51 rue Carnot - 92150 Suresnes tel : 01 47 28 (14 13) mobile : 06 66 80 26 38 Email : tessier.atosorigin at philips.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.lag.net/pipermail/paramiko/attachments/20070403/96dd796a/attachment.htm From jbardin at bu.edu Tue Apr 3 06:53:05 2007 From: jbardin at bu.edu (James Bardin) Date: Tue, 03 Apr 2007 09:53:05 -0400 Subject: [paramiko] push update scripts to a bunch of remote machines In-Reply-To: References: Message-ID: <46125C41.1080109@bu.edu> Hi Guillaume, That's relatively easy to do with a combination of sftp, and ssh. I have a program I wrote to do this exact same thing, because the current shells for clusters didn't do what I wanted. You can use this if you want, or it may give you some ideas. run 'mpc -h' or check the source for more info. Connects to each host in a separate thread for concurrency. You can have groups of hosts in files, or specified on the command line. It prints output in order by host. Uses an agent, or tries your default keys. I still have to add an option for host id checking, and add doc strings, among other things. I don't use the option to execute a script very often, because all my machines mount from the same nfs server, so I just put scripts there and send a command to run it. You need to be using a recent paramiko for this to run (at least 1.6.4 I think) Hope this helps -jim Tessier AtosOrigin wrote: > Hello paramiko users. > > First of all, let me explain what i'd like to do : > I have about a hundred Linux machines to administrate. I wrote an app in > bash that automatically push batches onto all those machines. > > I would like to know if paramiko would allow me to push whole script files > (bash ior python) throught ssh to be executed onto remote machines? > > Thanks for all > > > Guillaume TESSIER > Philips - PGIS Hosting > 51 rue Carnot - 92150 Suresnes > tel : 01 47 28 (14 13) > mobile : 06 66 80 26 38 > Email : tessier.atosorigin at philips.com > > ------------------------------------------------------------------------ > > _______________________________________________ > paramiko mailing list > paramiko at lag.net > http://mail.lag.net/mailman/listinfo/paramiko -- /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * James Bardin - Systems Analyst / Administrator I Boston University Department of Electrical and Computer Engineering 8 Saint Mary's St, Room 305, Boston, MA 02215 Ph:617-358-2785 http://www.bu.edu/ece/it * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ -------------- next part -------------- A non-text attachment was scrubbed... Name: mpc.tgz Type: application/x-compressed-tar Size: 4205 bytes Desc: not available Url : http://mail.lag.net/pipermail/paramiko/attachments/20070403/263b1520/attachment.bin From jonathan.sabo at gmail.com Tue Apr 3 07:27:40 2007 From: jonathan.sabo at gmail.com (Jon Sabo) Date: Tue, 3 Apr 2007 10:27:40 -0400 Subject: [paramiko] ssh to host and ssh from there to another host Message-ID: Can you use paramiko to ssh to a host and do some things and then hop from that host to another host and do some things? I want to run paramiko from a laptop but jump through jump hosts to certain networks rather than connect directly to the systems I need to do some things on. Is this possible? Thanks, Jonathan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.lag.net/pipermail/paramiko/attachments/20070403/b67e53a2/attachment.htm From jbardin at bu.edu Tue Apr 3 11:16:14 2007 From: jbardin at bu.edu (james bardin) Date: Tue, 3 Apr 2007 14:16:14 -0400 Subject: [paramiko] push update scripts to a bunch of remote machines In-Reply-To: References: <46125C41.1080109@bu.edu> Message-ID: On 4/3/07, Jon Sabo wrote: > James, > > I think you have a typo on line 213. My copy says is_dsa and I think you > mean id_dsa... > > id_dsa = expanduser('~/.ssh/is_dsa') Thanks, all my keys are rsa, so It never got checked. > Also, I just started looking at this stuff but how hard would it be or would > it be even possible to get this to work with ssh proto version 1.5? > > Thanks, > > Jonathan > From tessier.atosorigin at philips.com Wed Apr 4 09:08:24 2007 From: tessier.atosorigin at philips.com (Tessier AtosOrigin) Date: Wed, 4 Apr 2007 18:08:24 +0200 Subject: [paramiko] paramiko Message-ID: Thanks for your reply James. Yes, this is a good alternative to locate the script on a network ressource and push machines to execute it. The bash scripts i use do the whole thing but it's not gonna be sustainable for larger stuff. With the shell, you can do this kind of thing : sys="`ssh root@$cible "{ cat /etc/redhat-release }"`" however you can't do this : ssh root@$target "{ s="blabla" touch /tmp/$s }" it seems you can't use variables... Do you think paramiko can do it? could you please send attachements (sources and binaries) do this adress : g_tessier_fr at yahoo.fr Bye Guillaume TESSIER Philips - PGIS Hosting 51 rue Carnot - 92150 Suresnes tel : 01 47 28 (14 13) mobile : 06 66 80 26 38 Email : tessier.atosorigin at philips.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.lag.net/pipermail/paramiko/attachments/20070404/55f95d67/attachment.htm From jbardin at bu.edu Wed Apr 4 09:45:26 2007 From: jbardin at bu.edu (James Bardin) Date: Wed, 04 Apr 2007 12:45:26 -0400 Subject: [paramiko] paramiko In-Reply-To: References: Message-ID: <4613D626.4020707@bu.edu> Using python will give you more flexibility than the shell. With the shell it may be difficult to tell when your variables are being resolved. For example, your second statement is interpreted by bash as: ssh root@$target { s=blabla; touch /tmp/} because the variables are evaluated immediately. Bash uses a single quotes ' ' for strings that should not be evaluated. Paramiko is just an implementation of ssh for python, so it's not a matter of paramiko being able to do this, it's the information passed to the shell at the other end that's important. In your python script, you can build the exact command you want executed on the remote machine as a string, and send that command using ssh/paramiko. -jim Tessier AtosOrigin wrote: > Thanks for your reply James. > > Yes, this is a good alternative to locate the script on a network > ressource and push machines to execute it. > > The bash scripts i use do the whole thing but it's not gonna be > sustainable for larger stuff. > > > With the shell, you can do this kind of thing : > > sys="`ssh root@$cible "{ > cat /etc/redhat-release > }"`" > > however you can't do this : > > ssh root@$target "{ > s="blabla" > touch /tmp/$s > }" > > it seems you can't use variables... > > Do you think paramiko can do it? > > > could you please send attachements (sources and binaries) do this adress : > > g_tessier_fr at yahoo.fr > > Bye > > Guillaume TESSIER > Philips - PGIS Hosting > 51 rue Carnot - 92150 Suresnes > tel : 01 47 28 (14 13) > mobile : 06 66 80 26 38 > Email : tessier.atosorigin at philips.com > -- /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * James Bardin - Systems Analyst / Administrator I Boston University Department of Electrical and Computer Engineering 8 Saint Mary's St, Room 305, Boston, MA 02215 Ph:617-358-2785 http://www.bu.edu/ece/it * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ From robey at lag.net Wed Apr 11 10:26:59 2007 From: robey at lag.net (Robey Pointer) Date: Wed, 11 Apr 2007 10:26:59 -0700 Subject: [paramiko] [Paramiko] win_pageant.py: change code to use ctypes instead of pywin32 In-Reply-To: <45F30E34.1090500@ukr.net> References: <45F30E34.1090500@ukr.net> Message-ID: <8B2833FB-4C6E-4278-98EF-599D21AA00CC@lag.net> Sorry it took me so long to reply to this! My mail reader filed it into the bazaar folder because it was sent to the bazaar list, and I've fallen behind on reading that list. On 10 Mar 2007, at 11:59, Alexander Belchenko wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Paramiko library allows us to use pageant on Windows. > Pageant is brilliant thing for me, but I don't like > how paramiko working with pageant. > > To talk with pageant paramiko used pywin32 library, > but only part of big cool pywin32: win32ui module, > that provide interface to MFC classes. > > Actually paramiko use only 2 functions from win32ui, > and when packing win32ui to standalone bzr.exe > we increase size of standalone application by 650KBytes, > and this module also require additional library MFC71.dll > with size about 1MBytes. > > Bad side effect: this dll is not present by default on many > popular Windows system and I don't pack it to standalone > installer. Another bad side effect: known trusted place > to download this library (from Mark Hammond home page > at starship.python.net) is now unavailable. > Also there is recent security report from Microsoft > that affect this library also. > > Long story short: I finally change internals of paramiko > to use ctypes instead of pywin32. ctypes is the part of standard > library since Python 2.5, it has very small size (~80KB) and we use > it anyway in bzr.exe. I test it myself, and it work for me. > > Bundle attached. > > bzr branch http://bazaar.launchpad.net/~bialix/paramiko/ > paramiko.ctypes > > I will pack my version in next release of bzr. That sounds good. I didn't know much about the pywin32 library. I think John's original patch used ctypes and someone complained because it was too new. Since the code is nearly the same whether you use ctypes or pywin32, I think what I'm going to do for the next paramiko release is check for both (ctypes first, then pywin32) and use whichever one is found. Does that sound okay? robey From mrevelle at integrity-apps.com Fri Apr 20 06:52:02 2007 From: mrevelle at integrity-apps.com (Matt Revelle) Date: Fri, 20 Apr 2007 09:52:02 -0400 Subject: [paramiko] Reverse SSH tunnel example Message-ID: <2A49749A-092B-4929-AC86-4AD208BD4A86@integrity-apps.com> Hi all, Is anyone familiar enough with paramiko (and has the time) to provide a simple reverse tunnel example? Something equivalent to `ssh -R` is what I was looking for. Cheers, Matt -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2437 bytes Desc: not available Url : http://mail.lag.net/pipermail/paramiko/attachments/20070420/62677b3f/attachment.bin From jbardin at bu.edu Fri Apr 27 15:50:28 2007 From: jbardin at bu.edu (James Bardin) Date: Fri, 27 Apr 2007 18:50:28 -0400 Subject: [paramiko] How to use settimeout with from_transport In-Reply-To: <378933AE-E927-4818-97CF-5B7CB18E623A@lag.net> References: <45F9B716.60709@bu.edu> <45F9FE6E.8070808@activestate.com> <45FAA17F.8060006@bu.edu> <378933AE-E927-4818-97CF-5B7CB18E623A@lag.net> Message-ID: <46327E34.9040209@bu.edu> Hi Robey, Just passing this along if you want to use it. I needed that ConnectTimeout option from openssh, so I added an SSHClient.set_connect_timeout() method that sets the socket timeout during the first connect, then transport takes over. Another idea would be to move transport's connect outside of the constructor, and give it a separate connect method, but this was faster for my needs. Thanks! -jim === modified file 'paramiko/client.py' --- paramiko/client.py 2007-04-27 22:24:16 +0000 +++ paramiko/client.py 2007-04-27 22:34:07 +0000 @@ -23,6 +23,7 @@ from binascii import hexlify import getpass import os +import socket from paramiko.agent import Agent from paramiko.common import * @@ -109,7 +110,8 @@ self._log_channel = None self._policy = RejectPolicy() self._transport = None - + self._connect_timeout = None + def load_system_host_keys(self, filename=None): """ Load host keys from a system (read-only) file. Host keys read with @@ -211,6 +213,16 @@ """ self._policy = policy + def set_connect_timeout(self, timeout): + """ + Set the socket time out for the initial connection. + equivalent to ConnectTimeout option in openssh + + @param timeout: The timeout in seconds for the initial connection + @type timeout: int + """ + self._connect_timeout = timeout + def connect(self, hostname, port=22, username=None, password=None, pkey=None, key_filename=None): """ @@ -253,7 +265,16 @@ @raise SSHException: if there was any other error connecting or establishing an SSH session """ - t = self._transport = Transport((hostname, port)) + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + + if self._connect_timeout: + try: + sock.settimeout(self._connect_timeout) + except: + pass + + sock.connect((hostname, port)) + t = self._transport = Transport(sock) if self._log_channel is not None: t.set_log_channel(self._log_channel) t.start_client()