python实现ssh代理
1. 获取一个云服务器。
2. 服务器安装ubuntu操作系统。安装python2.7。
3. 在服务器上安装自己写的service.
/etc/sytemd/system/sshagent.service
1 [Unit] 2 Description=SSH Agent 3 After=network.target 4 5 [Service] 6 ExecStart=/home/and/bin/ssh-agent.py 7 8 [Install] 9 WantedBy=multi-user.target
/home/and/bin/ssh-agent.py
1 #! /usr/bin/env python 2 #! coding: utf-8 3 4 from __future__ import print_function; 5 import platform, socket, threading, sys, os, time; 6 7 class d: 8 c_manage = None; 9 ip = '43.226.144.66'; 10 port = 443; 11 mgt_task = None; 12 13 def press_key_to_exit(): 14 try: raw_input(); 15 except: pass; 16 os._exit(1); 17 18 def throw(s): 19 raise(Exception(s)); 20 21 def safeclose(c): 22 try: c.shutdown(socket.SHUT_RDWR); 23 except: pass; 24 25 def recv(c_recv, c_send): 26 while True: 27 try: 28 data = c_recv.recv(8192); 29 if not data: throw(''); # connection disconnected by remote 30 c_send.send(data); 31 except: 32 print('disconnected connection for agent'); 33 safeclose(c_recv); # shut down both end of agent connection 34 safeclose(c_send); 35 return; 36 37 def wait_ssh_request(): 38 while True: 39 c0, addr = d.s.accept(); 40 print('accepted connect for ssh login machine'); 41 42 d.mgt_task = 'New'; 43 while d.mgt_task: time.sleep(1); # wait sshd respond 44 45 c1, addr = d.s.accept(); # sshd machine connect agent as response of manage command 46 print('accepted connect for sshd machine'); 47 48 threading.Thread(target = recv, args = (c0, c1)).start(); 49 threading.Thread(target = recv, args = (c1, c0)).start(); 50 51 def recv_mgmt(): 52 while True: 53 try: 54 if not d.mgt_task: 55 d.c_manage.send('ack'); 56 else: 57 d.c_manage.send(d.mgt_task); 58 d.mgt_task = None; 59 time.sleep(1); 60 except: 61 print('disconnected connection for manage.'); 62 accept_manage_connect(); # so endless loop for manage connection 63 return; 64 65 def accept_manage_connect(): 66 d.c_manage, addr = d.s.accept(); 67 print('accepted connect sshd machine for manage'); 68 threading.Thread(target = recv_mgmt).start(); 69 70 def create_listen_socket(): 71 d.s = socket.socket(); 72 d.s.bind(('0.0.0.0', 443)); 73 d.s.listen(255); 74 75 76 def main(): 77 if len(sys.argv) > 1: d.ip = sys.argv[1]; 78 if len(sys.argv) > 2: d.port = int(sys.argv[1]); 79 create_listen_socket(); 80 accept_manage_connect(); 81 wait_ssh_request(); 82 83 if not platform.python_version().startswith('2.7'): 84 throw('require python 2.7'); 85 86 if not __name__ == '__main__': 87 throw('__file__ is not lib'); 88 89 # threading.Thread(target = press_key_to_exit).start(); 90 main();
4. 在启动器上使能service: systemctl enable sshagent
5. 在目标机器(想登录的机器,同样安装ubuntu系统, 安装python2.7),安装自己写的service.
/etc/sytemd/system/sshdagent.service
1 [Unit] 2 Description=SSHD Agent 3 After=network.target 4 5 [Service] 6 ExecStart=/home/and/toolsrc/python/tools/ssh-agent/sshd-agent.py 7 8 [Install] 9 WantedBy=multi-user.target
/home/and/toolsrc/python/tools/ssh-agent/sshd-agent.py
1 #! /usr/bin/python 2 #! coding: utf-8 3 4 from __future__ import print_function; 5 import platform, socket, threading, sys, os, time; 6 7 class d: 8 c_manage = None; 9 ip = '43.226.144.66'; 10 port = 443; 11 12 def press_key_to_exit(): 13 try: raw_input(); 14 except: pass; 15 os._exit(255); 16 17 def throw(s): 18 raise(Exception(s)); 19 20 def safeclose(c): 21 try: c.shutdown(socket.SHUT_RDWR); 22 except: pass; 23 24 def recv(c_recv, c_send): 25 while True: 26 try: 27 data = c_recv.recv(8192); 28 if not data: throw(''); # connection disconnected by remote 29 c_send.send(data); 30 except: 31 print('disconnected connection for agent'); 32 safeclose(c_recv); # shut down both end of agent connection 33 safeclose(c_send); 34 return; 35 36 def recv_mgmt(): 37 while True: 38 try: 39 data = d.c_manage.recv(8192); 40 if not data: throw(''); 41 if not data == 'ack': create_agent_connect(); # server will send ack periodically 42 except: 43 print('disconnected connection for manage.'); 44 create_manage_connect(); # so endless loop for manage connection 45 return; 46 47 def connect(ip, port): 48 while True: 49 try: 50 s = socket.socket(); 51 s.connect((ip, port)); # try connect 52 return s; 53 except: 54 time.sleep(5); # sleep 5 seconds when connect not ready 55 continue; 56 57 def create_manage_connect(): 58 d.c_manage = connect(d.ip, d.port); 59 print('connected agent machine for manage'); 60 threading.Thread(target = recv_mgmt).start(); 61 62 63 def create_agent_connect(): 64 c0 = connect('127.0.0.1', 22); 65 print('connected local sshd'); 66 c1 = connect(d.ip, d.port); 67 print('connected agent machine for agent'); 68 threading.Thread(target = recv, args = (c0, c1)).start(); 69 threading.Thread(target = recv, args = (c1, c0)).start(); 70 71 def main(): 72 if len(sys.argv) > 1: d.ip = sys.argv[1]; 73 if len(sys.argv) > 2: d.port = int(sys.argv[1]); 74 create_manage_connect(); # manage connection responsible to receive ssh request and connect local sshd and agent machine 75 76 if not platform.python_version().startswith('2.7'): 77 throw('require python 2.7'); 78 79 if not __name__ == '__main__': 80 throw('__file__ is not lib'); 81 82 # threading.Thread(target = press_key_to_exit).start(); 83 main();
6. 在目标机器上使能service: systemctl enable sshdagent
几点说明:
1. 公司对网络端口控制特别严格,所以服务器sshd端口添加了80端口,在公司不能无法ssh登录服务器(能用的端口只有80和443)。
2. 基于同样的原因,选择443作为代理端口。ssh登录公司电脑的端口不能使用默认的22端口,只能使用443端口。
浙公网安备 33010602011771号