Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision Both sides next revision
vms:python:django:paramiko [2014/12/27 02:42]
admin created 		vms:python:django:paramiko [2014/12/27 02:59]
admin [Known Hosts]
Line 31: Line 31:
  
 Typing "​y"​ will add this (here ECDSA) key to the current user's //​~/​.ssh/​known_hosts//​ file, and you won't get asked anymore unless the target'​s fingerprint is changed. This security feature is also implemented into Paramiko. Typing "​y"​ will add this (here ECDSA) key to the current user's //​~/​.ssh/​known_hosts//​ file, and you won't get asked anymore unless the target'​s fingerprint is changed. This security feature is also implemented into Paramiko.
 +
 +To initaite an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like:
 +
 +<​code>​
 +> python
 +>>>​ import parmiko
 +>>>​ import os
 +>>>​ ssh_client = paramiko.SSHClient('/​home/​username/​.ssh/​known_hosts'​)
 +</​code>​
 +
 +Unfortunately (as of Paramiko version 1.15) the ECDSA key format isn't recognized by Paramiko (see: [[https://​github.com/​paramiko/​paramiko/​issues/​243]]) and any connection attempt fails with error: SSHException:​ Server '​172.20.20.3'​ not found in known_hosts.
 +
 +To circumvent this problem we could:
 +
 +=== Deactivate hosts keys verification ===
 +<​code>​
 +> python
 +>>>​ import paramiko
 +>>>​ ssh_client = paramiko.SSHClient()
 +>>>​ ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 +>>>​ ssh_client.connect('​172.20.20.3',​user='​username',​password='​myPassword'​)
 +</​code>​
 +
 +Of course this is highly unsecure and not recommended at all but in some situations this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time.
 +
 +