ssh - Using python's pysftp, how do you verify a host key? -


i using python 2.7 pysftp package connect sftp server.

import pysftp  download = { "username": "username", "password": "password" }  ftp_site = 'sftp.mysite.com'  srv = pysftp.connection(host=ftp_site, username=download['username'],                      password=download['password']

when run code above error log:

--------------------------------------------------------------------------- sshexception                              traceback (most recent call last) <ipython-input-47-205bb7b4b59b> in <module>()       5        6 srv = pysftp.connection(host=ftp_site, username=download['username'],  ----> 7                         password=download['password'])  c:\users\alex\anaconda2\lib\site-packages\pysftp\__init__.pyc in __init__(self, host, username, private_key, password, port, private_key_pass, ciphers, log, cnopts, default_path)     130         # check have hostkey verify     131         if self._cnopts.hostkeys not none: --> 132             self._tconnect['hostkey'] = self._cnopts.get_hostkey(host)     133      134         self._sftp_live = false  c:\users\alex\anaconda2\lib\site-packages\pysftp\__init__.pyc in get_hostkey(self, host)      69         kval = self.hostkeys.lookup(host)  # none|{keytype: pkey}      70         if kval none: ---> 71             raise sshexception("no hostkey host %s found." % host)       72         # return pkey dict      73         return list(kval.values())[0]  sshexception: no hostkey host sftp.mysite.com found.

i have current work around of turning off checking of host keys doing following:

cnopts = pysftp.cnopts() cnopts.hostkeys = none  srv = pysftp.connection(host=ftp_site, username=download['username'],                           password=download['password'], cnopts=cnopts)

i keep security feature of host key. can provide link on how generate host keys, or provide small sample of code here? haven't been able find much.

cnopts = pysftp.cnopts() cnopts.hostkeys.load('sftpserver.pub')

where sftpserver.pub contains server public key in format like:

example.com ssh-rsa aaaab3nzac1yc2eaaaadaqab...

an easy way retrieve host key in format using openssh ssh-keyscan:

ssh-keyscan example.com

though absolute security, should not retrieve host key remotely, cannot sure, if not being attacked already.

see article where ssh host key fingerprint authorize server? it's winscp sftp client, information there valid in general.

if not want use external file, can use 

cnopts.hostkeys.add(...)

Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not...
Read more