Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Force password authentication (ignore keys in .ssh folder) in Paramiko in Python

Tags:

python

python-3.x

ssh

paramiko

I'm trying to write a small Python program to check whether an SSH server allows a password authentication. Here is the current plan:

import base64
import paramiko
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect('ssh.example.com', username='strongbad', password='thecheat')
stdin, stdout, stderr = client.exec_command('ls')
for line in stdout:
    print('... ' + line.strip('\n'))
client.close()

The idea is to grep the output or to later put a try catch block around the connect statement.

My problem however is that some of the systems that I run the program on have access via a RSA key that is stored under ~/.ssh. And in these cases, the connect will simply succeed (which I want to avoid).

So, here is the question: Does anybody know any way to force Paramiko (or another SSH client) to use passwords?

Thanks

like image 879
Norbert Avatar asked Oct 03 '18 17:10

Norbert

People also ask

What is Paramiko SSHClient ()?

SSHClient. A high-level representation of a session with an SSH server. This class wraps Transport , Channel , and SFTPClient to take care of most aspects of authenticating and opening channels. A typical use case is: client = SSHClient() client.

How do I SSH into Paramiko and server in Python?

A Paramiko SSH Example: Connect to Your Server Using a Password. This section shows you how to authenticate to a remote server with a username and password. To begin, create a new file named first_experiment.py and add the contents of the example file. Ensure that you update the file with your own Linode's details.

Does Paramiko use OpenSSH?

Paramiko relies on cryptography for crypto functionality, which makes use of C and Rust extensions but has many precompiled options available. See our installation page for details. SSH is defined in RFC 4251, RFC 4252, RFC 4253 and RFC 4254. The primary working implementation of the protocol is the OpenSSH project.

1 Answers

The SSHClient.connect method has look_for_keys argument. Set it to False:

client.connect(
    'ssh.example.com', username='strongbad', password='thecheat',
    look_for_keys=False)

Similarly you may want to set allow_agent to False as well.

Obligatory warning: Do not use AutoAddPolicy, unless you do not care about security. You are losing a protection against MITM attacks this way.
For a correct solution, see Paramiko "Unknown Server".

like image 125
Martin Prikryl Avatar answered Nov 07 '22 18:11

Martin Prikryl
Sign in to Comment

Related questions

PySpark Error When running SQL Query
Preserving Spaces in Tesseract
Image Preprocessing for OCR - Tessaract
How to detect method calls made by Python behind the scenes?
What is the difference, if any, between using single quote and double quote in a python dictionary? [duplicate]
How to make a python mocked out function return a specific value conditional on an argument to the function?
Add transparent picture over plot
Cant Pickle memoized class instance
"ImportError: Failed to load GLFW3 shared library" without root access on Linux
How does shuffling work with ImageDataGenerator in Machine Learning?
How to model a shared layer in keras?
sigmoid_cross_entropy loss function from tensorflow for image segmentation
Python 3.5 string format: How to add a thousands-separator and also right justify?
How to duplicate a specific value in a list/array?
single element in a list
Django initialize data test for all test classes
Store filtered output of cmd command in a variable
TypeError: 'dict_items' object is not subscriptable on running if statement to shortlist items
OneHotEncoder - encoding only some of categorical variable columns
Python seaborn catplot - How do I change the y-axis scale to percentage

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!