Python3 : Fabric 2. 4.0 ProxyJump 和 ssh_config

Question

documentation想要使用 ssh_config 时还有很多不足之处。有人可以提供关于如何实际导入 ssh_config 的概念验证代码吗？

除了我缺乏理解之外，我也不确定为什么以下代码不起作用，因为我的 ssh_config 似乎已加载。进入主机 C 的唯一方法是通过主机 B。进入主机 B 的唯一方法是通过主机 A。我正在使用 ProxyJump。

非工作示例:

>>> from fabric import Connection
>>> c = Connection('HOST_C')
>>> print(c)
<Connection host=HOST_C gw=proxyjump>
>>> print(c.ssh_config)
{'serveraliveinterval': '60', 'tcpkeepalive': 'yes', 'stricthostkeychecking': 'no', 'forwardagent': 'yes', 'proxyjump': 'HOST_A,HOST_B', 'hostname': 'HOST_C'}
>>> c.run('hostname')
Secsh channel 0 open FAILED: open failed: Administratively prohibited
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<decorator-gen-3>", line 2, in run
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 29, in opens
    self.open()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 608, in open
    kwargs["sock"] = self.open_gateway()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 640, in open_gateway
    self.gateway.open()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 608, in open
    kwargs["sock"] = self.open_gateway()
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/fabric/connection.py", line 655, in open_gateway
    src_addr=("", 0),
  File "/Users/username/code/fabric/venv/lib/python3.7/site-packages/paramiko/transport.py", line 944, in open_channel
    raise e
paramiko.ssh_exception.ChannelException: (1, 'Administratively prohibited')

工作示例:

>>> from fabric import Connection
>>> d = Connection('HOST_C', gateway=Connection('HOST_B', gateway=Connection('HOST_A')))
>>> print(d)
<Connection host=HOST_C gw=proxyjump>
>>> print(d.ssh_config)
{'serveraliveinterval': '60', 'tcpkeepalive': 'yes', 'stricthostkeychecking': 'no', 'forwardagent': 'yes', 'proxyjump': 'HOST_A,HOST_B', 'hostname': 'HOST_C'}
>>> d.run('hostname')
HOST_C
<Result cmd='hostname' exited=0>

在一个不相关的说明中，从 python 3.7.1 开始，我收到了以下关于 Paramiko 的错误。加密包的版本是 2.5。关于为什么会发生这种情况的任何见解？

/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/ecdsakey.py:164: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.ecdsa_curve.curve_class(), pointinfo
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:39: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  m.add_string(self.Q_C.public_numbers().encode_point())
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:96: CryptographyDeprecationWarning: Support for unsafe construction of public numbers from encoded data will be removed in a future version. Please use EllipticCurvePublicKey.from_encoded_point
  self.curve, Q_S_bytes
/Users/username/code/virtenv3/lib/python3.7/site-packages/paramiko/kex_ecdh_nist.py:111: CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding.
  hm.add_string(self.Q_C.public_numbers().encode_point())

Answer 1

请参阅 paramiko 的 github https://github.com/paramiko/paramiko/issues/1369#issuecomment-456940895 上的解决方法