SSH, SFTP, public key authentication and python

SFTP is a simple and fairly reliable way to share the information within the organization. Let’s look at the situation when you need to pick up some files from a remote host with authorization by public key. And after that, let’s see how to use it with in python.

ssh sftp python

Moreover, let’s see how to work with SSH using python and execute any commands on the remote host. For example. if we need it to collect versions of installed packages and a version Linux distribution for further vulnerability analysis (see “Vulnerability Assessment without Vulnerability Scanner“). 😉

Generating public key:

cd ~
mkdir .ssh
chmod 700 .ssh

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vmuser/.ssh/id_rsa): [PRESS ENTER]
Enter passphrase (empty for no passphrase): [INPUT p@$phr4se PRESS ENTER]
Enter same passphrase again: [INPUT p@$phr4se PRESS ENTER]
Your identification has been saved in /home/vmuser/.ssh/id_rsa.
Your public key has been saved in /home/vmuser/.ssh/id_rsa.pub.
The key fingerprint is:
52:14:a4:33:71:0a:b9:46:25:73:a0:96:94:b3:3b:03 vmuser@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|  ..=++.=.       |
| .ooo= *         |
|  ++ .= .        |
|E.. o  +         |
| . o  . S        |
|  +    .         |
|   o             |
|                 |
|                 |
+-----------------+

Here is the public key id_rsa.pub, which we send to the server owner, who will add it to the list of known keys:

$ ls /home/vmuser/.ssh/
id_rsa id_rsa.pub known_hosts

Once he does this, we can go to that host by SSH:

[vmuser@localhost pycharm-community-2017.1.3]$ ssh 192.168.56.20
Enter passphrase for key '/home/vmuser/.ssh/id_rsa':
Last login: Mon Sep 3 10:50:10 2017 from 192.168.56.101
...

And how download the files on the host from the python script? You will need to install pysftp:

# sudo pip install pysftp

To connect and download files from the ‘data/’ directory on the remote server to the local directory ‘data/’ we need to do something like this:

import pysftp
sftp = pysftp.Connection(host = '192.168.56.20', private_key = '/home/vmuser/.ssh/id_rsa', private_key_pass = 'p@$phr4se')
for file in sftp.listdir("data"):
    sftp.get(remotepath = "data/" + file, localpath="data/" + file )

Ok, we dealt with the downloading. Now let’s see how to execute commands with SSH in python using paramiko module. When we installed pysftp we also installed paramiko by dependencies. We can use authentication by keys and by password (commented):

#!/usr/bin/env python

import paramiko

command = 'cat /etc/centos-release; rpm -qa'

try:
    client = paramiko.SSHClient()
    client.load_system_host_keys()
    client.set_missing_host_key_policy(paramiko.WarningPolicy)

    client.connect(hostname = '192.168.56.20', key_filename='/home/vmuser/.ssh/id_rsa',
                    password = 'p@$phr4se')

    #client.connect(hostname = '192.168.56.20', username="vmuser", password="1")

    stdin, stdout, stderr = client.exec_command(command)
And having a list of packages we can check them for vulnerabilities using your own scanner or Vulners API.
    print(stdout.read())
    print(stderr.read())
finally:
    client.close()

The output will be like this:

CentOS Linux release 7.3.1611 (Core) 
NetworkManager-team-1.4.0-12.el7.x86_64
centos-release-7-3.1611.el7.centos.x86_64
NetworkManager-wifi-1.4.0-12.el7.x86_64
filesystem-3.2-21.el7.x86_64
lvm2-2.02.166-1.el7.x86_64
ncurses-base-5.9-13.20130511.el7.noarch
kexec-tools-2.0.7-50.el7.x86_64
bind-license-9.9.4-37.el7.noarch
rdma-7.3_4.7_rc2-5.el7.noarch
...

And having a list of packages we can check them for vulnerabilities using your own scripts or Vulners Audit API.

2 thoughts on “SSH, SFTP, public key authentication and python

  1. Pingback: Making Expect scripts for SSH Authentication and Privilege Elevation | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.