I am a network engineer and new to python, I tried some programs with python/paramiko [sorry if I am not using exact technical terms] I appreciate your help and thanks.
There is a program on a proxy like server(unsure how it works), P.P.P.P that accepts my SSH session and relay it to any device that I intend to login, D.D.D.D
Normal SSH command used is below, it invokes an interactive shell on D.D.D.D
ssh -t -l user P.P.P.P D.D.D.D
If i want to execute a single command and exit on device then I do below
ssh -t -l username P.P.P.P D.D.D.D command_to_run_on_D_D_D_D
I would like to accomplish the same using paramiko but invoking interactive shell on P.P.P.P is denied so if I paramiko connect to P.P.P.P and run paramiko.invokeshell() I get a message from P.P.P.P that is not allowed. (it would be same result if I do just ssh -l user P.P.P.P. It's is expected behavior) And I don't want shell on P.P.P.P, I want shell on D.D.D.D to be invoked.
From SSH documentation, -t Forces pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, for example, when implementing menu services. Multiple –t options force allocation, even if ssh has no local tty.
its equivalent in paramiko is exec_command(*args, **kwds) with get_pty(*args, **kwds)
so I tried this code.
import paramiko
import sys
proxy = 'P.P.P.P'
device = 'D.D.D.D'
username = 'xxxx'
ssh_client = paramiko.SSHClient()
ssh_client.load_system_host_keys()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_client.connect(hostname=proxy,username=username)
stdin, stdout, stderr = ssh_client.exec_command(device, get_pty=True)
stdin.write('sh ver | no-more\n')
stdin.write('sh config | display set | no-more\n')
stdin.write('show security flow session | no-more\n')
for line in stdout:
print line.strip("\n")
I get the device(D.D.D.D) passed over to P.P.P.P as a command it picked an expected argument to open relay session to D.D.D.D, I get the expected output for those three commands from D.D.D.D, but unable to achieve what I really want which is, being able to invoke interactive shell on D.D.D.D instead and use its send and recv methods.
