I am trying to write a code to connect to switch (1.1.1.1) on port 28888 or else from my local machine by using SSH library Paramiko.
MY device does not use any authentication, so I need to use Transport.auth_none as shown here:
Paramiko authentication to server with no password fails
I am able to do create an SSH connection successfully either manually or using below code. Now while executing command as mentioned in below code I am getting error
ConnectionResetError: [Errno 104] Connection reset by peer
I tried with different method by using Transport and SSHClient but unfortunately not able to solve. While executing command manually with ssh I am getting error as mentioned below.
Any help would be really appreciable. Thanx in advance.
Manual command Output:
[gts@dot4 username]$ ssh user@10.180.44.27 ACT-USER::ADMIN:HS::ADMIN;
**WARNING! This computer system and network is PRIVATE and PROPRIETARY of
[company name] and may only be accessed by authorized users. Unauthorized
use of this computer system or network is strictly prohibited and may be
subject to criminal prosecution, employee discipline up to and including
discharge, or the termination of the vendor/service contracts. The owner,
or its agents, may monitor any activity or communication on the computer
system or network.
--- Copyright (c) 2000 - 2018 Ciena (R) Corporation. All Rights Reserved ---
| NOTICE: This is a private computer system. |
| Unauthorized access or use may lead to prosecution. |
| |
| Ciena 6500 OPTICAL |
----------------------------------------------------------------------------
packet_write_wait: Connection to 10.180.44.27 port 22: Broken pipe**
CODE:
#! /usr/bin/python3
import paramiko
import time
import os
paramiko.util.log_to_file('/home/gts/himanshu/test_3.log')
nbytes = 100
ip = '1.1.1.1'
port1 = 22
user = 'ADMIN'
transport = paramiko.Transport(ip, port1)
transport.connect(username=user)
transport.auth_none(user)
channel = transport.open_channel(kind="session")
time.sleep(5)
#channel.exec_command("ACT-USER::ADMIN:HS::ADMIN;")
stdin, stdout, stderr = channel.exec_command("df")
#opt = stdout.readlines()
#opt = "".join(opt)
#print(opt)
Verbose Output:
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/config error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolve_canonicalize: hostname 10.180.44.27 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.180.44.27 [10.180.44.27] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\hshekhar/.ssh/id_rsa type 0
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_rsa-cert error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_rsa-cert.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_rsa-cert type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_dsa error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_dsa.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_dsa type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_dsa-cert error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_dsa-cert.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_dsa-cert type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ecdsa error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ecdsa.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_ecdsa type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ecdsa-cert error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ecdsa-cert.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_ecdsa-cert type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ed25519 error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ed25519.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_ed25519 type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ed25519-cert error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_ed25519-cert.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_ed25519-cert type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_xmss error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_xmss.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_xmss type -1
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_xmss-cert error:2
debug3: Failed to open file:C:/Users/hshekhar/.ssh/id_xmss-cert.pub error:2
debug1: identity file C:\\Users\\hshekhar/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version Ciena SSH 6.5.1
debug1: no match: Ciena SSH 6.5.1
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.180.44.27:22 as 'ADMIN'
debug3: hostkeys_foreach: reading file "C:\\Users\\hshekhar/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file C:\\Users\\hshekhar/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.180.44.27
debug3: Failed to open file:C:/Users/hshekhar/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: order_hostkeyalgs: prefer hostkeyalgs: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes256-ctr,aes192-ctr,aes128-cbc,rijndael128-cbc,aes256-cbc,rijndael256-cbc,aes192-cbc,rijndael192-cbc,3des-cbc
debug2: ciphers stoc: aes128-ctr,aes256-ctr,aes192-ctr,aes128-cbc,rijndael128-cbc,aes256-cbc,rijndael256-cbc,aes192-cbc,rijndael192-cbc,3des-cbc
debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group14-sha1
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug2: bits set: 1004/2048
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa SHA256:9H9DKqpY/f6liYpm51CN5Onht6aA0vi9m7LTjh/uFUc
debug3: hostkeys_foreach: reading file "C:\\Users\\hshekhar/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file C:\\Users\\hshekhar/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.180.44.27
debug3: Failed to open file:C:/Users/hshekhar/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug1: Host '10.180.44.27' is known and matches the RSA host key.
debug1: Found key in C:\\Users\\hshekhar/.ssh/known_hosts:1
debug2: bits set: 992/2048
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug3: unable to connect to pipe \\\\.\\pipe\\openssh-ssh-agent, error: 2
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\hshekhar/.ssh/id_rsa RSA SHA256:/YSnDFvpXCum/pvKSAqR4xdSg2dTrFizA70+El6EdxI
debug1: Will attempt key: C:\\Users\\hshekhar/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\hshekhar/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\hshekhar/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\hshekhar/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
WARNING! This computer system and network is PRIVATE and PROPRIETARY of
[company name] and may only be accessed by authorized users. Unauthorized use of this computer system or network is strictly prohibited and may be subject to criminal prosecution, employee discipline up to and including discharge, or the termination of the vendor/service contracts. The owner, or its agents, may monitor any activity or communication on the computer system or network.
debug3: receive packet: type 53
debug3: input_userauth_banner
--- Copyright (c) 2000 - 2018 Ciena (R) Corporation. All Rights Reserved
debug3: receive packet: type 52
debug1: Authentication succeeded (none).
Authenticated to 10.180.44.27 ([10.180.44.27]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Entering interactive session.
debug1: pledge: network
debug1: ENABLE_VIRTUAL_TERMINAL_INPUT is supported. Reading the VTSequence from console
debug3: This windows OS supports conpty
debug1: ENABLE_VIRTUAL_TERMINAL_PROCESSING is supported. Console supports the ansi parsing
debug3: Successfully set console output code page from:65001 to 65001
debug3: Successfully set console input code page from:437 to 65001
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 32768 rmax 32768
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Paramiko Log:
DEB [20220519-06:49:39.890] thr=1 paramiko.transport: starting thread (client mode): 0xb4dfea20
DEB [20220519-06:49:39.890] thr=1 paramiko.transport: Local version/idstring: SSH-2.0-paramiko_2.9.2
DEB [20220519-06:49:39.995] thr=1 paramiko.transport: Remote version/idstring: SSH-2.0-Ciena SSH 6.5.1
INF [20220519-06:49:39.996] thr=1 paramiko.transport: Connected (version 2.0, client Ciena)
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: === Key exchange possibilities ===
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: kex algos: diffie-hellman-group14-sha1, diffie-hellman-group1-sha1
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: server key: ssh-rsa, ssh-dss
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: client encrypt: aes128-ctr, aes256-ctr, aes192-ctr, aes128-cbc, rijndael128-cbc, aes256-cbc, rijndael256-cbc, aes192-cbc, rijndael192-cbc, 3des-cbc
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: server encrypt: aes128-ctr, aes256-ctr, aes192-ctr, aes128-cbc, rijndael128-cbc, aes256-cbc, rijndael256-cbc, aes192-cbc, rijndael192-cbc, 3des-cbc
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: client mac: hmac-sha2-256, hmac-sha1, hmac-sha1-96, hmac-md5, hmac-md5-96
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: server mac: hmac-sha2-256, hmac-sha1, hmac-sha1-96, hmac-md5, hmac-md5-96
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: client compress: none
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: server compress: none
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: client lang: <none>
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: server lang: <none>
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: kex follows: False
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: === Key exchange agreements ===
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: Kex: diffie-hellman-group14-sha1
DEB [20220519-06:49:40.100] thr=1 paramiko.transport: HostKey: ssh-rsa
DEB [20220519-06:49:40.101] thr=1 paramiko.transport: Cipher: aes128-ctr
DEB [20220519-06:49:40.101] thr=1 paramiko.transport: MAC: hmac-sha2-256
DEB [20220519-06:49:40.101] thr=1 paramiko.transport: Compression: none
DEB [20220519-06:49:40.101] thr=1 paramiko.transport: === End of kex handshake ===
DEB [20220519-06:49:40.590] thr=1 paramiko.transport: kex engine KexGroup14 specified hash_algo <built-in function openssl_sha1>
DEB [20220519-06:49:40.694] thr=1 paramiko.transport: Switch to new keys ...
DEB [20220519-06:49:40.799] thr=1 paramiko.transport: userauth is OK
INF [20220519-06:49:40.902] thr=1 paramiko.transport: Auth banner: b'\r\nWARNING! This computer system and network is PRIVATE and PROPRIETARY of\r\n[company name] and may only be accessed by authorized users. Unauthorized\r\nuse of this computer system or network is strictly prohibited and may be\r\nsubject to criminal prosecution, employee discipline up to and including\r\ndischarge, or the termination of the vendor/service contracts. The owner,\r\nor its agents, may monitor any activity or communication on the computer\r\nsystem or network.\r\n'
INF [20220519-06:49:40.902] thr=1 paramiko.transport: Auth banner: b'--- Copyright (c) 2000 - 2018 Ciena (R) Corporation. All Rights Reserved ---\r\n| NOTICE: This is a private computer system. |\r\n| Unauthorized access or use may lead to prosecution. |\r\n| |\r\n| Ciena 6500 OPTICAL |\r\n----------------------------------------------------------------------------\r\n'
INF [20220519-06:49:41.043] thr=1 paramiko.transport: Authentication (none) successful!
DEB [20220519-06:49:41.043] thr=2 paramiko.transport: [chan 0] Max packet in: 32768 bytes
DEB [20220519-06:49:41.145] thr=1 paramiko.transport: [chan 0] Max packet out: 32768 bytes
DEB [20220519-06:49:41.145] thr=1 paramiko.transport: Secsh channel 0 opened.
DEB [20220519-06:49:46.252] thr=1 paramiko.transport: [chan 0] EOF received (0)
ERR [20220519-06:49:46.253] thr=1 paramiko.transport: Socket exception: Connection reset by peer (104)
You seem to have this problem:
Executing command using Paramiko exec_command on device is not working
But as you need to use low-level Transport API because your specific authentication needs, you have to use a more low-level code (basically what SSHClient.invoke_shell does internally):
channel = transport.open_session()
channel.get_pty() # Might not be necessary
channel.invoke_shell()
channel.send('ls\n')
channel.send('exit\n')