'Force password authentication (ignore keys in .ssh folder) in Paramiko in Python
I'm trying to write a small Python program to check whether an SSH server allows a password authentication. Here is the current plan:
import base64
import paramiko
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect('ssh.example.com', username='strongbad', password='thecheat')
stdin, stdout, stderr = client.exec_command('ls')
for line in stdout:
print('... ' + line.strip('\n'))
client.close()
The idea is to grep the output or to later put a try
catch
block around the connect
statement.
My problem however is that some of the systems that I run the program on have access via a RSA key that is stored under ~/.ssh
. And in these cases, the connect will simply succeed (which I want to avoid).
So, here is the question: Does anybody know any way to force Paramiko (or another SSH client) to use passwords?
Thanks
Solution 1:[1]
The SSHClient.connect
method has look_for_keys
argument. Set it to False
:
client.connect(
'ssh.example.com', username='strongbad', password='thecheat',
look_for_keys=False)
Similarly you may want to set allow_agent
to False
as well.
Obligatory warning: Do not use AutoAddPolicy
, unless you do not care about security. You are losing a protection against MITM attacks this way.
For a correct solution, see Paramiko "Unknown Server".
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 |