Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
vms:python:django:paramiko [2014/12/27 02:59] admin [Known Hosts] |
vms:python:django:paramiko [2017/03/31 15:16] (current) admin ↷ Page moved from vms:django:paramiko to vms:python:django:paramiko |
||
|---|---|---|---|
| Line 32: | Line 32: | ||
| Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | Typing "y" will add this (here ECDSA) key to the current user's //~/.ssh/known_hosts// file, and you won't get asked anymore unless the target's fingerprint is changed. This security feature is also implemented into Paramiko. | ||
| - | To initaite an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like: | + | To initiate an ssh client connection, you could tell Paramiko to use your know_hosts file using a command like: |
| <code> | <code> | ||
| Line 38: | Line 38: | ||
| >>> import parmiko | >>> import parmiko | ||
| >>> import os | >>> import os | ||
| - | >>> ssh_client = paramiko.SSHClient('/home/username/.ssh/known_hosts') | + | >>> ssh_client = paramiko.SSHClient() |
| + | >>> ssh_client.load_system_host_keys() | ||
| </code> | </code> | ||
| - | Unfortunately (as of Paramiko version 1.15) the ECDSA key format isn't recognized by Paramiko (see: [[https://github.com/paramiko/paramiko/issues/243]]) and any connection attempt fails with error: SSHException: Server '172.20.20.3' not found in known_hosts. | + | Unfortunately at least Debian and Ubuntu are using ECDSA key encryption, and, as of Paramiko version 1.15, the ECDSA key format isn't recognized by Paramiko (see: [[https://github.com/paramiko/paramiko/issues/243]]) thus any connection attempt fails with error: SSHException: Server '172.20.20.3' not found in known_hosts. |
| To circumvent this problem we could: | To circumvent this problem we could: | ||
| Line 54: | Line 55: | ||
| </code> | </code> | ||
| - | Of course this is highly unsecure and not recommended at all but in some situations this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time. | + | Of course this is highly unsecure and not recommended at although, in some specific situations, this might come handy, like in a highly changing environment (lab or school), where machines you need to connect to just come and go all the time. |
| + | === Manually generate the rsa key on the remote host and copy it to a known_hosts file === | ||
| + | TO BE COMPLETED | ||
