实验拓扑
实验需求:
通过Python的Paramiko模块可以ssh到设备上进行配置、回显命令;
实验步骤:
首先我们再R1上配置SSH服务,使其可以通过SSH远程管理次设备;
然后我们使用python,ssh脚本对设备进行配置;
SSH的配置:
配置接口IP
interface GE0/0/0
ip address 192.168.56.100 255.255.255.0 //配置接口Ip
配置SSH登录
[R1]stelnet server enable
Info: Succeeded in starting the STELNET server. //开启SSH服务
user-interface vty 0 4 //配置用户接口
authentication-mode aaa //认证模式AAA
user privilege level 15 //用户登录15级
protocol inbound ssh //用户支持SSH服务
aaa
local-user python password cipher huawei@123 //创建用户python密码为huawei@123
local-user python service-type ssh //用户类型ssh
[R1]ssh user python authentication-type password //配置用户python的ssh认证类型为password方式
Authentication type setted, and will be in effect next time
我们可以验证下SSH是否生效,使用SSH验证:
可以看到SSH验证成功;
python SSH脚本配置
import paramiko
import time
ssh = paramiko.SSHClient() #使用paramiko.sshclient()实例化对象,本例子中赋值为ssh。
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #建立SSH连接的时候不需要输入yes或者no确认
ssh.connect(hostname='192.168.145.100',port=22,username='python',password='huawei@123')
#建立SSH连接,输入目的服务器的IP地址(hostname)、端口号、用户名、密码
cli = ssh.invoke_shell() #调用invoke_shell()赋值给cli,invoke_shell()作用是打开一个交互的shell会话,该会话为一个逻辑隧道channel,建立在ssh会话连接上
cli.send('screen-length 0 temporary\n') #会话发送指令 'screen-length 0 temporary',意思为取消分屏,一次性输出所有回显命令,\n是将命令转换成机器能识别。
cli.send('display cu\n')
time.sleep(3) #等待3秒
dis_cu = cli.recv(99999).decode() #调用cli.recv作用是接受channel中的数据,数据最大力为99999bytes,赋值给dis_cu
print(dis_cu) #打印出显示结果
ssh.close
运行结果:
C:\Users\Administrator\PycharmProjects\test\venv\Scripts\python.exe C:\Users\Administrator\PycharmProjects\test\venv\stelnet.py
-----------------------------------------------------------------------------
User last login information:
-----------------------------------------------------------------------------
Access Type: SSH
IP-Address : 192.168.145.1 ssh
Time : 2023-08-03 17:19:17-08:00
-----------------------------------------------------------------------------
<R1>scr 0 te
Info: The configuration takes effect on the current user terminal interface only.
<R1>dis cu
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user python password cipher %$%$8{Q>Tv`qG0xK7)QWq,j+#&Bj%$%$
local-user python service-type ssh
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.145.100 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
stelnet server enable
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
protocol inbound ssh
user-interface vty 16 20
#
wlan ac
#
return
<R1>
Process finished with exit code 0
通过我们的python脚本,回显了我们需要返回命令的结果。