0

My goal is to connect to a server using ssh and then ssh again into a router in that server using paramiko.

This is what I have tried.

username, password, port = credentials...
hostname = 1st server
router = router server
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy)
client.connect(hostname, port = port, username = username, password = password)
print("connecting to {} from {} as {}".format(router, hostname, username))
# Calls syslog.py from the server
cmd = "ssh {}@{}".format('root', router)
print('command = {}'.format(cmd))
stdin, stdout, stderr = client.exec_command(cmd, get_pty = True)
stdin.write(pw here)
stdin.flush()
stdin.write('show ?\n')
stdin.flush()

client.close()

I am connecting into the server and then the router and run show ? in the router.

show ? is supposed to give me a list of all possible commands starting with show. However, when I run the script, it gives me

connecting to <router ip> from <1st server> as root
command = ssh root@<router ip>

and then it just ends without showing the result of show ?

It's really hard to catch the issue because it doesn't show an error.

Any help please?

Dawn17
  • 7,825
  • 16
  • 57
  • 118
  • Might be helpful: https://gist.github.com/tintoy/443c42ea3865680cd624039c4bb46219 – Klaus D. Jul 31 '19 at 05:14
  • I tried to use it, but for any command in the router, it gives me `b"% Invalid input detected at '^' marker.\r"` – Dawn17 Jul 31 '19 at 05:22
  • You are not reading the command output. See [Paramiko: read from standard output of remotely executed command](https://stackoverflow.com/q/17137859/850848). – Martin Prikryl Jul 31 '19 at 05:24
  • Not to mention that running `ssh` on the jump server is rather a hack. You better use a port forwarding, as I have suggested you already: [Connecting to a server via another server using Paramiko](https://stackoverflow.com/q/57210100/850848). – Martin Prikryl Jul 31 '19 at 05:25
  • @MartinPrikryl I've tried, but the credentials didn't work for some reason. This is the command that I used to run that: `python forward.py -p 22 -u -P -r ` then I typed the password for the 1st server in the following `Enter SSH password:` input – Dawn17 Jul 31 '19 at 05:30
  • It should be `python forward.py -p random_port -u jumpserver_username -r router_ip:router_port jumpserver_ip` and then `ssh -P random_port router_username@127.0.0.1` – Martin Prikryl Jul 31 '19 at 05:35
  • @MartinPrikryl is jumpserver the first server? – Dawn17 Jul 31 '19 at 05:44
  • Yes: https://en.wikipedia.org/wiki/Jump_server – Martin Prikryl Jul 31 '19 at 05:46
  • When I connect to the router using terminal, I usually just do root@ and do not type the port number. Any idea on how to get that? – Dawn17 Jul 31 '19 at 05:49
  • I do not understand your question. – Martin Prikryl Jul 31 '19 at 05:52
  • Actually, nevermind. I am now using this command: `python forward.py -p 22 -u -r ssh -P 22 @127.0.0.1` this gives me `Usage: forward.py [options] [:]` And without the `ssh` followed in the command, it gives me, `*** Failed to connect to 173.36.240.172:22: NoValidConnectionsError(None, 'Unable to connect to port 22 on ')` – Dawn17 Jul 31 '19 at 05:56
  • So can you connect to `173.36.240.172:22` from the machine where run that? – Martin Prikryl Jul 31 '19 at 06:11
  • No. When I connect to the first server from my local machine, I just do `ssh root@` I don't type the IP or port. – Dawn17 Jul 31 '19 at 06:16
  • So use what works for you. `python forward.py -u -r ` – Martin Prikryl Jul 31 '19 at 06:19
  • Ok, that gives me `No authentication methods available` for the . No input appears for the password. Any idea? – Dawn17 Jul 31 '19 at 06:23
  • Add `-P` to get prompted for a password – Martin Prikryl Jul 31 '19 at 06:30
  • Thanks and sorry for keep bugging you. I've reached the point where I see `Connecting to ssh host :22 ... Now forwarding port 22 to : ...` Am I supposed to see something after this? I haven't really changed the script yet. – Dawn17 Jul 31 '19 at 06:32
  • Now to test is all this is feasible, put that to a background (adding `&` at the end) or open a new terminal and there do `ssh -P 22 router_username@127.0.0.1` - Though I've never told you to use `-p 22`. In general, you should not forward port 22. That can work only if you have no SSH server running locally, which would conflict. That's why I wrote `-p random_port`. Or do not use `-p` at all and let the script auto-assign a free port. – Martin Prikryl Jul 31 '19 at 06:36
  • If I want to run a command in a router called `show ?` (lists all possible show commands), can I add that to the srcript and print the result out? – Dawn17 Jul 31 '19 at 06:40
  • `ssh -P 22 router_username@127.0.0.1 show ?` – Martin Prikryl Jul 31 '19 at 06:48

0 Answers0