Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Last revision Both sides next revision | ||
vms:python:django:paramiko [2014/12/27 02:59] admin [Known Hosts] |
vms:python:django:paramiko [2014/12/27 04:03] admin [Known Hosts] |
||
---|---|---|---|
Line 32: | Line 32: | ||
Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | ||
- | To initaite an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like: | + | To initiate an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like: |
<code> | <code> | ||
Line 38: | Line 38: | ||
>>> import parmiko | >>> import parmiko | ||
>>> import os | >>> import os | ||
- | >>> ssh_client = paramiko.SSHClient('/home/username/.ssh/known_hosts') | + | >>> ssh_client = paramiko.SSHClient() |
+ | >>> ssh_client.load_system_host_keys() | ||
</code> | </code> | ||
- | Unfortunately (as of Paramiko version 1.15) the ECDSA key format isn't recognized by Paramiko (see: [[https://github.com/paramiko/paramiko/issues/243]]) and any connection attempt fails with error: SSHException: Server '172.20.20.3' not found in known_hosts. | + | Unfortunately at least Debian and Ubuntu are using ECDSA key encryption, and, as of Paramiko version 1.15, the ECDSA key format isn't recognized by Paramiko (see: [[https://github.com/paramiko/paramiko/issues/243]]) thus any connection attempt fails with error: SSHException: Server '172.20.20.3' not found in known_hosts. |
To circumvent this problem we could: | To circumvent this problem we could: | ||
Line 54: | Line 55: | ||
</code> | </code> | ||
- | Of course this is highly unsecure and not recommended at all but in some situations this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time. | + | Of course this is highly unsecure and not recommended at although, in some specific situations, this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time. |
+ | === Manually generate the rsa key on the remote host and copy it to a known_hosts file === | ||
+ | TO BE COMPLETED |