I am trying to write a short python script that will be called by a GUI front end that will execute remote commands on various routers and switches throughout the enterprise. The host on which the GUI is running does not have direct SSH access to the target equipment, so I need to proxy through a jumphost that does. The front end application will take the user's credentials decrypted from their session and pass them to the script, as well as other params to complete the command to be run. In the following script, the only issue I have is, running the script from the CLI, I have to manually authenticate to the jumphost. The rest works fine. How do I automate the login to the jumphost to complete the proxy connection?
#!/bin/python
import os
import sys
import paramiko
def test_client(proxyHost, router1, router2, username, password):
proxyCommand = 'ssh -o StrictHostKeyChecking=no '+proxyHost+' nc -w 1 '+router1+' 22'
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(
router1, username=username,
password=password,
sock=paramiko.ProxyCommand(proxyCommand)
)
stdin, stdout, stderr = client.exec_command("show rsvp session ingress lsp name " + router1 + "-to-" + router2 + " extensive | match record")
print stdout.read()
client.close()
if __name__ == '__main__':
test_client(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4], sys.argv[5])
Sample Output:
[<myusername>@<appservername> core]$ python proxyTest.py '<jumphost>' '<router1>' '<router2>' '<myusername>' '<mypassword>'
<myusername>@<jumphost>'s password:
Record route: <self> <LSP Hop Information Removed>
Record route: <self> <LSP Hop Information Removed>
[<myusername>@<appservername> core]$
