From comete at daknet.org Mon Aug 3 15:16:16 2009 From: comete at daknet.org (Comete) Date: Tue, 04 Aug 2009 00:16:16 +0200 Subject: [paramiko] Problem with port forwarding Message-ID: <4A7761B0.4010003@daknet.org> Hi, i'm trying to use Paramiko to create a tunnel like this: ssh sshuser at sshserver -R 8000:localhost:5900 I precise that this command works perfectly. Now this is the code i use: #!/usr/bin/env python # -*- encoding: utf-8 -*- import paramiko ssh_server = '192.168.1.1' ssh_user = 'sshuser' ssh_port = 22 passwd = 'sshpasswd' port_to_forward = 8000 vnc_port = 5900 ssh = paramiko.SSHClient() ssh.load_system_host_keys() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(ssh_server, port=ssh_port, username=ssh_user, password=passwd) t = ssh.get_transport() t.request_port_forward('', port_to_forward) t.open_forwarded_tcpip_channel((ssh_server, port_to_forward), ('localhost', vnc_port)) When i launch this script, i get this error: paramiko.ChannelException: Administratively prohibited And i don't know how to resolve this. Do you have any idea ? Maybe my code is wrong... Thanks From jbardin at bu.edu Tue Aug 4 06:15:52 2009 From: jbardin at bu.edu (james bardin) Date: Tue, 4 Aug 2009 09:15:52 -0400 Subject: [paramiko] Problem with port forwarding In-Reply-To: <4A7761B0.4010003@daknet.org> References: <4A7761B0.4010003@daknet.org> Message-ID: On Mon, Aug 3, 2009 at 6:16 PM, Comete wrote: > > When i launch this script, i get this error: > > paramiko.ChannelException: Administratively prohibited > Are you using the same server as when you try this with your first command? "Administratively prohibited" is what an ssh server returns when it's configured with "AllowTcpForwarding no" -jim From comete at daknet.org Wed Aug 5 01:33:55 2009 From: comete at daknet.org (Comete) Date: Wed, 05 Aug 2009 10:33:55 +0200 Subject: [paramiko] Problem with port forwarding In-Reply-To: References: <4A7761B0.4010003@daknet.org> Message-ID: <4A7943F3.9040105@daknet.org> Yes i use the same server and "AllowTcpForwarding" is set to "yes". I've tried many other ssh servers with the same result. Do you think my code is correct ? I use the last release of paramiko. Comete james bardin a ?crit : > On Mon, Aug 3, 2009 at 6:16 PM, Comete wrote: > >> When i launch this script, i get this error: >> >> paramiko.ChannelException: Administratively prohibited >> > > Are you using the same server as when you try this with your first command? > > "Administratively prohibited" is what an ssh server returns when it's > configured with > "AllowTcpForwarding no" > > > -jim From jbardin at bu.edu Thu Aug 6 10:11:07 2009 From: jbardin at bu.edu (james bardin) Date: Thu, 6 Aug 2009 13:11:07 -0400 Subject: [paramiko] Problem with port forwarding In-Reply-To: <4A7943F3.9040105@daknet.org> References: <4A7761B0.4010003@daknet.org> <4A7943F3.9040105@daknet.org> Message-ID: On Wed, Aug 5, 2009 at 4:33 AM, Comete wrote: > Yes i use the same server and "AllowTcpForwarding" is set to "yes". I've > ?tried many other ssh servers with the same result. Do you think my code is > correct ? > I haven't looked into the forwarding mechanism in a while, and I don't remember exactly what open_forwarded_tcpip_channel does, but I don't think it's what you want in this case. You do need to open another socket to your local port to forward the data coming in on the new channel. The channel doesn't automatically bridge between the remote port and the local port. You can take a look at the rforward.py in demos/, or even the test_E_reverse_port_forwarding function in tests/test_transport.py. -jim From lenciel at gmail.com Tue Aug 11 18:24:10 2009 From: lenciel at gmail.com (=?UTF-8?B?5p2O5piK?=) Date: Wed, 12 Aug 2009 09:24:10 +0800 Subject: [paramiko] Can not create SSHClient object. Message-ID: <61c8d2930908111824l61e3a6e5j937679c9f64c810@mail.gmail.com> Hi, I'm a new user of paramiko and when I tried to start a ssh client using the code below,I got an exception saying: "paramiko.SSHException: No suitable address" import paramiko ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy( paramiko.AutoAddPolicy()) ssh.connect('127.0.0.1', username='xxx', password='xxx') But when I using SFTPClient with the same username and password, everything goes smoothly. I can logon the server and put/get files. My python version is 2.5, does anybody had this experience before? Any advice will be appreciated much. Thank you! -- Lenciel -------------- next part -------------- An HTML attachment was scrubbed... URL: From shikhar at schmizz.net Tue Aug 18 15:43:30 2009 From: shikhar at schmizz.net (shikhar) Date: Wed, 19 Aug 2009 00:43:30 +0200 Subject: [paramiko] Can not create SSHClient object. In-Reply-To: <61c8d2930908111824l61e3a6e5j937679c9f64c810@mail.gmail.com> References: <61c8d2930908111824l61e3a6e5j937679c9f64c810@mail.gmail.com> Message-ID: <309bec650908181543x4e484840qa88e9cef485967dd@mail.gmail.com> Unfortunately, I am responsible for this regression. I submitted a patch 'fixing' IPv6 support which got in the latest release, but the method fails on Windows (I assume that's what you're using?). Worse that it fails with even IPv4 as I see you're connecting on "127.0.0.1"... ugh After looking at Python docs [1], I am attaching a correct patch against trunk. Best, Shikhar [1] http://docs.python.org/library/socket.html#example "Echo client program" On Wed, Aug 12, 2009 at 3:24 AM, ?? wrote: > Hi, > > I'm a new user of paramiko and when I tried to start a ssh client using the > code below,I got an exception saying: > "paramiko.SSHException: No suitable address" > > import paramiko > ssh = paramiko.SSHClient() > > ssh.set_missing_host_key_policy( > paramiko.AutoAddPolicy()) > > ssh.connect('127.0.0.1', username='xxx', > > password='xxx') > > But when I using? SFTPClient with the same username and password, everything > goes smoothly. I can logon the server and put/get files. > > My python version is 2.5, does anybody had this experience before? Any > advice will be appreciated much. > > Thank you! > -- > Lenciel > > _______________________________________________ > paramiko mailing list > paramiko at lag.net > http://www.lag.net/cgi-bin/mailman/listinfo/paramiko > -------------- next part -------------- A non-text attachment was scrubbed... Name: addr-family.patch Type: text/x-diff Size: 1607 bytes Desc: not available URL: From irooniam at gmail.com Fri Aug 21 01:20:09 2009 From: irooniam at gmail.com (Irooniam) Date: Fri, 21 Aug 2009 01:20:09 -0700 Subject: [paramiko] ssh web proxy Message-ID: <39cda1610908210120sfcbe4beu869deb8ee64dc5@mail.gmail.com> Hello, I've looked through the documentation & demo scripts specifically demo_server and forward but I'm still having problems. Basically, I'm trying to create a SSH server who's sole purpose is to forward requests from clients (web proxy). Something like the ssh command: ssh -D 9999 user at host I've used portions of the demo_server script and I can see what's the src host/port & destination host/port but I haven't figured out how to actually have the SSH server forward and then return the data back to the client. Any help would be appreciated. Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From irooniam at gmail.com Fri Aug 21 09:46:41 2009 From: irooniam at gmail.com (Irooniam) Date: Fri, 21 Aug 2009 09:46:41 -0700 Subject: [paramiko] ssh web proxy In-Reply-To: References: <39cda1610908210120sfcbe4beu869deb8ee64dc5@mail.gmail.com> Message-ID: <39cda1610908210946s7ccdf122xd09f949be10edf79@mail.gmail.com> On Fri, Aug 21, 2009 at 8:45 AM, james bardin wrote: > On Fri, Aug 21, 2009 at 4:20 AM, Irooniam wrote: > > > I've used portions of the demo_server script and I can see what's the src > > host/port & destination host/port but I haven't figured out how to > actually > > have the SSH server forward and then return the data back to the client. > > > > > This is because "ssh -D" isn't simply using tcp forwarding. The "-D" > option runs ssh as a SOCKS server, which supports SOCKS4 and SOCKS5. > You would have to implement this protocol in order to create a dynamic > proxy. > > -jim Thank for the clarification. So basically, the ssh server I'm trying to develop would basically tunnel socks requests over ssh? I can see the request types for the ssh client: debug2: channel 3: dynamic request: socks5 host login.messaging.aol.com port 5190 command 1 debug2: channel 3: open confirm rwindow 2097152 rmax 32768 debug1: Connection to port 9999 forwarding to socks port 0 requested. debug2: fd 8 setting TCP_NODELAY debug2: fd 8 setting O_NONBLOCK debug1: channel 4: new [dynamic-tcpip] debug2: channel 3: read<=0 rfd 7 len 0 debug2: channel 3: read failed debug2: channel 3: close_read debug2: channel 3: input open -> drain debug2: channel 3: ibuf empty debug2: channel 3: send eof debug2: channel 3: input drain -> closed debug2: channel 4: pre_dynamic: have 0 debug2: channel 4: pre_dynamic: have 3 debug2: channel 4: decode socks5 debug2: channel 4: socks5 auth done debug2: channel 4: pre_dynamic: need more debug2: channel 4: pre_dynamic: have 0 debug2: channel 4: pre_dynamic: have 19 debug2: channel 4: decode socks5 debug2: channel 4: socks5 post auth What is the method/attribute of paramiko for me to figure out that it's a socks request? thanks again. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jbardin at bu.edu Fri Aug 21 08:45:27 2009 From: jbardin at bu.edu (james bardin) Date: Fri, 21 Aug 2009 11:45:27 -0400 Subject: [paramiko] ssh web proxy In-Reply-To: <39cda1610908210120sfcbe4beu869deb8ee64dc5@mail.gmail.com> References: <39cda1610908210120sfcbe4beu869deb8ee64dc5@mail.gmail.com> Message-ID: On Fri, Aug 21, 2009 at 4:20 AM, Irooniam wrote: > I've used portions of the demo_server script and I can see what's the src > host/port & destination host/port but I haven't figured out how to actually > have the SSH server forward and then return the data back to the client. > This is because "ssh -D" isn't simply using tcp forwarding. The "-D" option runs ssh as a SOCKS server, which supports SOCKS4 and SOCKS5. You would have to implement this protocol in order to create a dynamic proxy. -jim From jbardin at bu.edu Fri Aug 21 10:44:23 2009 From: jbardin at bu.edu (james bardin) Date: Fri, 21 Aug 2009 13:44:23 -0400 Subject: [paramiko] ssh web proxy In-Reply-To: <39cda1610908210946s7ccdf122xd09f949be10edf79@mail.gmail.com> References: <39cda1610908210120sfcbe4beu869deb8ee64dc5@mail.gmail.com> <39cda1610908210946s7ccdf122xd09f949be10edf79@mail.gmail.com> Message-ID: On Fri, Aug 21, 2009 at 12:46 PM, Irooniam wrote: > > So basically, the ssh server I'm trying to develop would basically tunnel > socks requests over ssh? > No, it would need to be a SOCKS server that can tunnel requests over ssh. > > What is the method/attribute of paramiko for me to figure out that it's a > socks request? > There is none, because paramiko isn't a SOCKS server. Without something that understands that protocol, all you can do is blindly tunnel the traffic. You may want to look at Twisted, which implements the SOCKSv4 protocol. If that works for you, you could use twisted conch, which is their ssh implementation. -jim