python ssh script for linux ssh command

Question

My Linux script is as below to ssh to host & search patch update which has kernel update

 for host in `cat patch.csv`
    do 
      echo "Host $host" >> /tmp/patching
      ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" $host  'sudo yum check-update | grep "kernel.x86"'>>/tmp/patching
    done

Now i am trying to write a python script equivalent to this & its showing error(not able to conenct to ssh). I tried to use subprocess comamnd which is not working - its not able to pick up hostname & public key error.

import subprocess
import os
def read_file():
    # Read and print the entire file line by line
    with open('patch.csv', 'r') as reader:
        with open('server_names.txt', 'w') as writer:
            for host in reader:
                writer.write(host)
                p = subprocess.Popen(["ssh -o 'UserKnownHostsFile=/dev/null' -o 'StrictHostKeyChecking=no' host 'sudo yum check-update | grep kernel.x86'"], shell=True, stdout=subprocess.PIPE)
                output, err = p.communicate()
                print(host)
    print("file read done")

read_file()

Answer 1

You can use paramiko to solve that problem to ssh to another host using python, we use it on an internal project, works very well.

http://www.paramiko.org/
$ pip install paramiko

You can use password or passphrase as input if it's required by the host, so authentication can be automated.

http://docs.paramiko.org/en/stable/api/client.html#paramiko.client.SSHClient.connect

connect(hostname, port=22, username=None, password=None, pkey=None, key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, compress=False, sock=None, gss_auth=False, gss_kex=False, gss_deleg_creds=True, gss_host=None, banner_timeout=None, auth_timeout=None, gss_trust_dns=True, passphrase=None, disabled_algorithms=None)
Connect to an SSH server and authenticate to it. The server’s host key is checked against the system host keys (see load_system_host_keys) and any local host keys (load_host_keys). If the server’s hostname is not found in either set of host keys, the missing host key policy is used (see set_missing_host_key_policy). The default policy is to reject the key and raise an SSHException.

Code sample adapted from https://gist.github.com/mlafeldt/841944

import paramiko

hostname = host
password = pass123
command = 'sudo yum check-update | grep kernel.x86'
username = "admin"
port = 22

try:
    client = paramiko.SSHClient()
    client.load_system_host_keys()
    client.set_missing_host_key_policy(paramiko.WarningPolicy)
    client.connect(hostname, port=port, username=username, password=password)
    stdin, stdout, stderr = client.exec_command(command)
    print stdout.read()
finally:
    client.close()