paramiko

Fork of paramiko for Python 3 migration.

Go to file

Dwayne C. Litzenberger c51b3b208c Fix SSHException when re-keying over a fast connection When Paramiko initiates a re-key request over a high-bandwidth, medium-latency connection, it erroneously terminates the connection with the error, "SSHException: Remote transport is ignoring rekey requests". This is due to the hard-coded limit of 20 packets that may be received after a re-key request has been sent. See, for example, this bug report: "Transfer fails at 1GB: rekey window too small, hard-coded" https://github.com/paramiko/paramiko/issues/49 This patch changes paramiko's behaviour as follows: - Decrease the threshold for starting re-keying from 230 to 229 bytes. - Decrease the threshold for starting re-keying from 230 to 229 packets. - Increase the limit of received packets between re-key request & completion from 20 packets to 229 packets. - Add a limit of 229 received bytes between re-key request & completion. In other words, we re-key more often in order to allow more data to be in-transit during re-keying. NOTE: It looks like Paramiko disables the keep-alive mechanism during re-keying. This patch does not change that behaviour.		2012-03-24 11:28:41 -04:00
demos	fix my email address to be the current one.	2009-07-19 19:45:02 -07:00
images	[project @ Arch-1:robey@lag.net--2005-master-shake%paramiko--dev--1--patch-1]	2005-04-18 01:59:15 +00:00
paramiko	Fix SSHException when re-keying over a fast connection	2012-03-24 11:28:41 -04:00
tests	Use Crypto.Random rather than Crypto.Util.RandomPool.	2010-08-03 00:13:08 +02:00
.bzrignore	[project @ robey@lag.net-20080706223938-fn82xx2k0zvklazm]	2008-07-06 15:39:38 -07:00
.gitignore	ignore the egg-info stuff.	2010-04-25 16:44:33 -07:00
ChangeLog.0	[project @ Arch-1:robey@lag.net--2005-master-shake%paramiko--dev--1--patch-11]	2005-05-21 20:42:29 +00:00
ChangeLog.1	[project @ Arch-1:robey@lag.net--2005-master-shake%paramiko--dev--1--patch-11]	2005-05-21 20:42:29 +00:00
LICENSE	[project @ Arch-1:robey@lag.net--2003-public%secsh--dev--1.0--base-0]	2003-11-04 08:34:24 +00:00
MANIFEST.in	[project @ robey@lag.net-20061031185035-b57ad8184c39063a]	2006-10-31 10:50:35 -08:00
Makefile	version 1.7.7.1	2011-05-23 13:49:47 -07:00
NEWS	version 1.7.7.1	2011-05-23 13:49:47 -07:00
NOTES	[project @ Arch-1:robey@lag.net--2003-public%secsh--dev--1.0--patch-33]	2004-03-09 01:09:17 +00:00
README	version 1.7.7.1	2011-05-23 13:49:47 -07:00
TODO	[project @ robey@lag.net-20090202021455-ohooxd5bzsf8age3]	2009-02-01 18:14:55 -08:00
setup.py	version 1.7.7.1	2011-05-23 13:49:47 -07:00
setup_helper.py	fix my email address to be the current one.	2009-07-19 19:45:02 -07:00
test.py	fix my email address to be the current one.	2009-07-19 19:45:02 -07:00

README

========
paramiko
========

:Paramiko: Python SSH module
:Copyright: Copyright (c) 2003-2009  Robey Pointer <robeypointer@gmail.com>
:License: LGPL
:Homepage: http://www.lag.net/paramiko/


paramiko 1.7.7.1
================

"George" release, 21 may 2011


What
----

"paramiko" is a combination of the esperanto words for "paranoid" and
"friend".  it's a module for python 2.2+ that implements the SSH2 protocol
for secure (encrypted and authenticated) connections to remote machines.
unlike SSL (aka TLS), SSH2 protocol does not require hierarchical
certificates signed by a powerful central authority. you may know SSH2 as
the protocol that replaced telnet and rsh for secure access to remote
shells, but the protocol also includes the ability to open arbitrary
channels to remote services across the encrypted tunnel (this is how sftp
works, for example).

it is written entirely in python (no C or platform-dependent code) and is
released under the GNU LGPL (lesser GPL). 

the package and its API is fairly well documented in the "doc/" folder
that should have come with this archive.


Requirements
------------

  - python 2.3 or better <http://www.python.org/>
    (python 2.2 is also supported, but not recommended)
  - pycrypto 2.1 or better <https://www.dlitz.net/software/pycrypto/>

If you have setuptools, you can build and install paramiko and all its
dependencies with this command (as root)::

    easy_install ./


Portability
-----------

i code and test this library on Linux and MacOS X. for that reason, i'm
pretty sure that it works for all posix platforms, including MacOS. it
should also work on Windows, though i don't test it as frequently there.
if you run into Windows problems, send me a patch: portability is important
to me.

python 2.2 may work, thanks to some patches from Roger Binns. things to
watch out for:

    * sockets in 2.2 don't support timeouts, so the 'select' module is
      imported to do polling.  
    * logging is mostly stubbed out. it works just enough to let paramiko
      create log files for debugging, if you want them. to get real logging,
      you can backport python 2.3's logging package. Roger has done that
      already:
      http://sourceforge.net/project/showfiles.php?group_id=75211&package_id=113804

you really should upgrade to python 2.3. laziness is no excuse! :)

some python distributions don't include the utf-8 string encodings, for
reasons of space (misdirected as that is). if your distribution is
missing encodings, you'll see an error like this::

    LookupError: no codec search functions registered: can't find encoding

this means you need to copy string encodings over from a working system.
(it probably only happens on embedded systems, not normal python
installs.) Valeriy Pogrebitskiy says the best place to look is
``.../lib/python*/encodings/__init__.py``.


Bugs & Support
--------------

there's a launchpage page for paramiko, with a bug tracker:

    https://launchpad.net/paramiko/
    
this is the primary place to file and browse bug reports.

there's also a low-traffic mailing list for support and discussions:

    http://www.lag.net/mailman/listinfo/paramiko


Demo
----

several demo scripts come with paramiko to demonstrate how to use it.
probably the simplest demo of all is this::

    import paramiko, base64
    key = paramiko.RSAKey(data=base64.decodestring('AAA...'))
    client = paramiko.SSHClient()
    client.get_host_keys().add('ssh.example.com', 'ssh-rsa', key)
    client.connect('ssh.example.com', username='strongbad', password='thecheat')
    stdin, stdout, stderr = client.exec_command('ls')
    for line in stdout:
        print '... ' + line.strip('\n')
    client.close()

...which prints out the results of executing ``ls`` on a remote server.
(the host key 'AAA...' should of course be replaced by the actual base64
encoding of the host key.  if you skip host key verification, the
connection is not secure!)

the following example scripts (in demos/) get progressively more detailed:

:demo_simple.py:
    calls invoke_shell() and emulates a terminal/tty through which you can
    execute commands interactively on a remote server.  think of it as a
    poor man's ssh command-line client.

:demo.py:
    same as demo_simple.py, but allows you to authenticiate using a
    private key, attempts to use an SSH-agent if present, and uses the long
    form of some of the API calls.

:forward.py:
    command-line script to set up port-forwarding across an ssh transport.
    (requires python 2.3.)

:demo_sftp.py:
    opens an sftp session and does a few simple file operations.

:demo_server.py:
    an ssh server that listens on port 2200 and accepts a login for
    'robey' (password 'foo'), and pretends to be a BBS.  meant to be a
    very simple demo of writing an ssh server.


Use
---

the demo scripts are probably the best example of how to use this package.
there is also a lot of documentation, generated with epydoc, in the doc/
folder.  point your browser there.  seriously, do it.  mad props to
epydoc, which actually motivated me to write more documentation than i
ever would have before.

there are also unit tests here::

    $ python ./test.py

which will verify that most of the core components are working correctly.