Issue
Sample code from this site (https://www.kite.com/python/answers/how-to-ssh-using-paramiko-in-python)
host = "test.rebex.net"
port = 22
username = "demo"
password = "password"
command = "ls"
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(host, port, username, password)
stdin, stdout, stderr = ssh.exec_command(command)
lines = stdout.readlines()
print(lines)
Supposed to produce this output.
['aspnet_client\n', 'pub\n', 'readme.txt\n']
The credential is working fine with this demo site
wolf@linux:~$ sshpass -p password ssh [email protected]
Welcome to Rebex Virtual Shell!
For a list of supported commands, type 'help'.
demo@ETNA:/$
demo@ETNA:/$ ls
aspnet_client
pub
readme.txt
demo@ETNA:/$
However, the code doesn't work as expected. I'm getting an error right after ssh.connect(host, port, username, password) line.
>>> import paramiko
>>> host = "test.rebex.net"
>>> username = "demo"
>>> password = "password"
>>> port = 22
>>>
>>> command = "ls"
>>>
>>> ssh = paramiko.SSHClient()
>>> ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
>>> ssh.connect(host, port, username, password)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/wolf/.local/lib/python3.8/site-packages/paramiko/client.py", line 435, in connect
self._auth(
File "/home/wolf/.local/lib/python3.8/site-packages/paramiko/client.py", line 764, in _auth
raise saved_exception
File "/home/wolf/.local/lib/python3.8/site-packages/paramiko/client.py", line 751, in _auth
self._transport.auth_password(username, password)
File "/home/wolf/.local/lib/python3.8/site-packages/paramiko/transport.py", line 1498, in auth_password
raise SSHException("No existing session")
paramiko.ssh_exception.SSHException: No existing session
>>>
Let me know how to make this works. I just want a simple code for SSH connection.
Update
>>> ssh.connect(host, port, username, password, look_for_keys=False, allow_agent=False)
>>>
Reference: https://github.com/ktbyers/netmiko/issues/1034
Solution
The code works for me.
I get error in auth_password too (though different – "Authentication failed"), when I have a key loaded in Pageant. The Rebex test server seems close the session after Paramiko tries to use the Pageant key. The consecutive password authentication then fails. I guess that it will be a similar problem in your case. The different error message can be just due to a timing difference.
starting thread (client mode): 0x33629f0
Local version/idstring: SSH-2.0-paramiko_2.6.0
Remote version/idstring: SSH-2.0-RebexSSH_5.0.7448.0
Connected (version 2.0, client RebexSSH_5.0.7448.0)
kex algos:['curve25519-sha256', '[email protected]', 'ecdh-sha2-nistp521', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp256', 'diffie-hellman-group16-sha512', 'diffie-hellman-group15-sha512', 'diffie-hellman-group-exchange-sha256', 'diffie-hellman-group14-sha256', 'diffie-hellman-group14-sha1', 'diffie-hellman-group-exchange-sha1'] server key:['ssh-ed25519', 'ecdsa-sha2-nistp256', 'rsa-sha2-512', '[email protected]', 'rsa-sha2-256', 'ssh-rsa'] client encrypt:['[email protected]', '[email protected]', 'aes256-ctr', 'aes256-cbc', 'aes192-ctr', 'aes192-cbc', 'aes128-ctr', 'aes128-cbc', '[email protected]', 'twofish256-ctr', 'twofish192-ctr', 'twofish128-ctr', 'twofish256-cbc', 'twofish192-cbc', 'twofish128-cbc', 'twofish-cbc', '3des-ctr', '3des-cbc'] server encrypt:['[email protected]', '[email protected]', 'aes256-ctr', 'aes256-cbc', 'aes192-ctr', 'aes192-cbc', 'aes128-ctr', 'aes128-cbc', '[email protected]', 'twofish256-ctr', 'twofish192-ctr', 'twofish128-ctr', 'twofish256-cbc', 'twofish192-cbc', 'twofish128-cbc', 'twofish-cbc', '3des-ctr', '3des-cbc'] client mac:['[email protected]', '[email protected]', 'hmac-sha2-512', 'hmac-sha2-256', 'hmac-sha1', 'hmac-sha1-96'] server mac:['[email protected]', '[email protected]', 'hmac-sha2-512', 'hmac-sha2-256', 'hmac-sha1', 'hmac-sha1-96'] client compress:['none'] server compress:['none'] client lang:[''] server lang:[''] kex follows?False
Kex agreed: [email protected]
HostKey agreed: ssh-ed25519
Cipher agreed: aes128-ctr
MAC agreed: hmac-sha2-256
Compression agreed: none
kex engine KexCurve25519 specified hash_algo <built-in function openssl_sha256>
Switch to new keys ...
Adding ssh-ed25519 host key for test.rebex.net: b'e7e445c6b8e4bbd868892786fd0158f0'
Trying SSH agent key b'3f3ae3e3b0e0ef4e5b4bfe93613557d4'
userauth is OK
Authentication (publickey) failed.
Disconnect (code 2): Authentication is already in progress.
If you want to avoid trying Pageant, use allow_agent parameter of SSHClient.connect:
ssh.connect(host, port, username, password, allow_agent=False)
Obligatory warning: Do not use AutoAddPolicy - You are losing a protection against MITM attacks by doing so. For a correct solution, see Paramiko "Unknown Server".
Answered By - Martin Prikryl