- Python SSH Tutorial
- Installation
- Connect to SSH
- Connect using password
- Connect using SSH key
- Run commands over SSH
- Conclusion
- References
- Use Paramiko and Python to SSH into a Server
- Before You Begin
- Install Paramiko
- A Paramiko SSH Example: Connect to Your Server Using a Password
- Second Paramiko Example: Connect to your Server Using SSH Keys
- Going Further with Paramiko
- More Information
- Python on Windows, connect to linux/unix server to process
- 1 Answer 1
Python SSH Tutorial
SSH (secure shell) is good for remotely managing machines using a secure connection. Typically you will log in to a server using the command-line ssh tool, or something like PuTTy or MobaXTerm. This guide will show you how to use Python to connect and run commands over SSH using the Paramiko package.
Installation
The easiest way to install paramiko is using pip .
python -m pip install paramiko
To install from source, clone from GitHub and then install using setup.py .
git clone https://github.com/paramiko/paramiko cd paramiko python setup.py install
Connect to SSH
Connect to an SSH server using paramiko.client.SSHClient.connect(). The hostname is the only required parameter.
connect(hostname, port=22, username=None, password=None, pkey=None, key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, compress=False, sock=None, gss_auth=False, gss_kex=False, gss_deleg_creds=True, gss_host=None, banner_timeout=None, auth_timeout=None, gss_trust_dns=True, passphrase=None, disabled_algorithms=None)
One thing to consider is what trusted known host keys you have. You can use paramiko.client.SSHClient.load_system_host_keys() . You can also explicitly load a specific known hosts file with load_host_keys() and set the client to automatically accept and add unknown hosts with set_missing_host_key_policy() to paramiko.AutoAddPolicy . Use these options as needed. The AutoAddPolicy is not very secure since it will trust any remote host.
Connect using password
from paramiko import SSHClient client = SSHClient() #client.load_system_host_keys() #client.load_host_keys('~/.ssh/known_hosts') #client.set_missing_host_key_policy(AutoAddPolicy()) client.connect('example.com', username='user', password='secret') client.close()
Connect using SSH key
Using an SSH key is more secure than using a password. Call connect() just like using the password, but instead of providing the user password, we will provide a key_filename and maybe a passphrase for the key. The passphrase may not be needed if your private key file does not have a passphrase.
You can also omit the key file and let Paramiko try to find the right key automatically in your ~/.ssh/ directory. You can turn that on by calling client.look_for_keys(True) . The first example will show how to explicitly provide the key and passphrase and the second one will show how to look for keys.
# Explicitly provide key and passphrase from paramiko import SSHClient, AutoAddPolicy client = SSHClient() #client.load_system_host_keys() #client.load_host_keys('~/.ssh/known_hosts') #client.set_missing_host_key_policy(AutoAddPolicy()) client.connect('example.com', username='user', key_filename='mykey.pem', passphrase='mysshkeypassphrase') client.close()
This example show hows to look for keys in ~/.ssh/ automatically.
from paramiko import SSHClient client = SSHClient() #client.load_system_host_keys() #client.load_host_keys('~/.ssh/known_hosts') #client.set_missing_host_key_policy(AutoAddPolicy()) client.look_for_keys(True) client.connect('example.com', username='user') client.close()
Run commands over SSH
Once you have a connection open, you can execute any command just like you would if you were in a regular interactive SSH session.
This example shows how to:
- Run a command on the server
- Provide standard input data to command
- Read standard output and error from command
- Get the return code of the command
The command run in this example is the PHP interpreter with the code provided via standard input. The output is then printed out and the return code is checked.
from paramiko import SSHClient # Connect client = SSHClient() client.load_system_host_keys() client.connect('example.com', username='user', password='secret') # Run a command (execute PHP interpreter) stdin, stdout, stderr = client.exec_command('php') print(type(stdin)) # print(type(stdout)) # print(type(stderr)) # # Optionally, send data via STDIN, and shutdown when done stdin.write('') stdin.channel.shutdown_write() # Print output of command. Will wait for command to finish. print(f'STDOUT: ') print(f'STDERR: ') # Get return code from command (0 is default for success) print(f'Return code: ') # Because they are file objects, they need to be closed stdin.close() stdout.close() stderr.close() # Close the client itself client.close()
Conclusion
After reading this guide you should know how to connect to an SSH server using a password or SSH key. You should also know how to run a command, pass data to standard input, and read the output from standard output and error.
References
Use Paramiko and Python to SSH into a Server
Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
When your Python program needs to run an external password-dependent program, or access a remote server, use Paramiko. Paramiko is a Python module that implements the SSHv2 protocol. Paramiko is not part of Python’s standard library, although it’s widely used. This guide shows you how to use Paramiko in your Python scripts to authenticate to a server using a password and SSH keys.
Before You Begin
- If you have not already done so, create a Linode account and Compute Instance. See our Getting Started with Linode and Creating a Compute Instance guides.
- Follow our Setting Up and Securing a Compute Instance guide to update your system. You may also wish to set the timezone, configure your hostname, create a limited user account, and harden SSH access.
Install Paramiko
You must install Paramiko on your system before being able to use it in your Python programs. Use the command below to install Paramiko with Pip:
If you are not familiar with Pip or do not have it installed on your system, see our How to Manage Python Packages and Virtual Environments on Linux guide.
If your system is configured to use Anaconda, you can use the following command to install Paramiko:
conda install -c anaconda paramiko
A Paramiko SSH Example: Connect to Your Server Using a Password
This section shows you how to authenticate to a remote server with a username and password. To begin, create a new file named first_experiment.py and add the contents of the example file. Ensure that you update the file with your own Linode’s details. Replace the values for YOUR_IP_ADDRESS , YOUR_LIMITED_USER_ACCOUNT , and YOUR_PASSWORD . Use the Find Your Linode’s IP Address guide, if needed.
This file connects to remote server over SSH using the IP address and credentials that you provide. It then uses the df command to generate a report of your server’s free disk space.
Execute the file with the following command:
Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 1921544 0 1921544 0% /dev tmpfs 1936296 0 1936296 0% /dev/shm tmpfs 1936296 211308 1724988 11% /run tmpfs 1936296 0 1936296 0% /sys/fs/cgroup /dev/mapper/cl-root 46110724 20501872 25608852 45% / /dev/sda1 999320 187324 743184 21% /boot
The file above provides a high-level example that you can use to incorporate Paramiko into your Python code. While everything Paramiko does can also be done with shell commands, Paramiko gives you all the power of Python. Python gives you access to structuring data, looping, parsing, and other powerful features that go beyond what is available in shell scripting. For example, if you are writing a program to calculate system usage percentages, Python is better at extracting and calculating values from your system’s output.
Second Paramiko Example: Connect to your Server Using SSH Keys
One of Paramiko’s specific strengths is the correct handling of SSH add keys. The introductory example above depended on the use of your limited user account’s password. It is more secure, however, to use SSH keys for server authentication. The example file below, provides a report that alerts you of any logins by users that are not included in your list of expected users. The Python script relies on Paramiko (notice the key_based_connect() function) to use SSHv2 authentication to connect to any of the servers provided in the code’s server_list list.
Execute the file with the following command:
If a user outside of the Python script’s expected list accesses one of your servers, the Python script returns the following:
Entry user4 pts/0 192.0.2.0 Wed Sep 23 15:13 - 17:28 (02:14)' is a surprise on 192.0.2.0.
Going Further with Paramiko
Paramiko helps you automate repetitive system administration tasks on remote servers. More advanced Paramiko programs send the lines of a script one at a time. It does this rather than transacting all of a command, such as df or last , synchronously to completion. Paramiko is a helpful addition to your system administrator toolchain when working to automate common tasks. You can visit Paramiko’s documentation to learn about its special-purpose methods and variables that go beyond the examples covered in this guide.
More Information
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on Friday, August 13, 2021.
Python on Windows, connect to linux/unix server to process
I work in an environment such that I have python installed on my laptop (windows 10). I also have access to a couple of Linux servers. I work with some very large datasets, some which would be too large for my machine’s memory to handle. My question, which I so far haven’t found an answer to, is if it’s possible to connect to the linux server and run the code from my windows PC. I want to take advantage of the processing and memory on the linux server, but don’t want to log on to server and do all of my development there and execute the scripts on the linux environment. As an aside, another person in my department has been asking if it’s possible to do this from Jupyter Notebook or an IDE like Spyder?
1 Answer 1
For jupyter you could just run the Jupyter notebook on the server and connect to the server IP and edit the notebook locally.
Of course you’d have to save your local notebooks and import them on the server but that should be pretty straight forward.
You can see how to set up a public Jupyter instance on a server here: https://jupyter-notebook.readthedocs.io/en/stable/public_server.html
At present, the server isn’t really used for anything Python related and only has version 2.6.6. The version on my windows machine is 3.6. Obviously if the server version isn’t updated, then we’d have to develop code to Python 2.x in order to utilize the server.
Could you not just update python on the server or install python3.6 in parallel? How would you otherwise execute the python3.6-code on the server? I suppose you could statically compile it with cyton or nuikta but that seems like an awful hassel for your usecase.
Unfortunately not — at least not for the foreseeable future. I work at a large organization, this particular linux sever is primarily for a SAS environment. Maybe once the python user community within my company grows, this could be an option or a standalone server instance for Python processing. Would there be other options I could explore for big data processing outside of connecting to the linux server in my original question?
Well you could run it on another server, i.e. in the cloud where your organization can pay for precisely the computing power you need and you wouldn’t be bound to the corporate policies for on premise servers. If you’re allowed to execute binaries in your usershare you could run your own python binary in your userspace which is a build of the latest python. However if you’re not allowed to execute code on the server I have a hard time seeing how you’d utilize it’s resources.