Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
vms:python:django:paramiko [2014/12/27 02:42] admin created |
vms:python:django:paramiko [2017/03/31 15:16] (current) admin ↷ Page moved from vms:django:paramiko to vms:python:django:paramiko |
||
---|---|---|---|
Line 31: | Line 31: | ||
Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | ||
+ | |||
+ | To initiate an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like: | ||
+ | |||
+ | <code> | ||
+ | > python | ||
+ | >>> import parmiko | ||
+ | >>> import os | ||
+ | >>> ssh_client = paramiko.SSHClient() | ||
+ | >>> ssh_client.load_system_host_keys() | ||
+ | </code> | ||
+ | |||
+ | Unfortunately at least Debian and Ubuntu are using ECDSA key encryption, and, as of Paramiko version 1.15, the ECDSA key format isn't recognized by Paramiko (see: [[https://github.com/paramiko/paramiko/issues/243]]) thus any connection attempt fails with error: SSHException: Server '172.20.20.3' not found in known_hosts. | ||
+ | |||
+ | To circumvent this problem we could: | ||
+ | |||
+ | === Deactivate hosts keys verification === | ||
+ | <code> | ||
+ | > python | ||
+ | >>> import paramiko | ||
+ | >>> ssh_client = paramiko.SSHClient() | ||
+ | >>> ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | ||
+ | >>> ssh_client.connect('172.20.20.3',user='username',password='myPassword') | ||
+ | </code> | ||
+ | |||
+ | Of course this is highly unsecure and not recommended at although, in some specific situations, this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time. | ||
+ | |||
+ | === Manually generate the rsa key on the remote host and copy it to a known_hosts file === | ||
+ | TO BE COMPLETED |