SFTP in Python: Really Simple SSH
29 May 2008
ssh.py provides three common SSH operations, get, put and execute. It is a high-level abstraction upon Paramiko.
I wrote it yesterday for my own needs, so it is still very much in the beta stage. Any improvements or comments gratefully accepted.
In short, it works as follows:
import ssh
s = ssh.Connection('example.com')
s.put('hello.txt')
s.get('goodbye.txt')
s.execute('du -h --max-depth=0')
s.close()
That is it, in the rest of this post, I walk through this line by line.
Installation
First, we need to install paramiko, if you don't have it already.
On Gentoo Linux:
emerge paramiko
On Ubuntu/Debian and so on:
apt-get install python-paramiko
If you want to use Python's easy_install then:
easy_install paramiko
Secondly, you need to grab the ssh.py module, grab it from my code-page, and save it as ssh.py.
Connecting to a remote server
To play with the script interactively, you need to start Python:
python
Now, import the ssh module:
import ssh
Next we need to initiate the connection. If your username is the same on both systems, and you have set up ssh-keys, then all you need to do is:
s = ssh.Connection('example.com')
Connection supports the following options:
| host | The Hostname of the remote machine. |
| username | Your username at the remote machine. |
| private_key | Your private key file. |
| password | Your password at the remote machine. |
| port | The SSH port of the remote machine. |
The host is essential of course. Port defaults to 22. The username defaults to the username you are currently using on the local machine.
You need to use one of the authentication methods, a private key or a password. If you don't specify anything, then ssh.Connection will attempt to use a private_key at ~/.ssh/id_rsa or ~/.ssh/id_dsa.
So to specify a username and password, you can do it like this:
s = ssh.Connection(host = 'example.com', username = 'warrior', password = 'lennalenna')
Of course, Python also allows you to use the order to specify the arguments, so the last example can be written as:
s = ssh.Connection('example.com', 'warrior', password = 'lennalenna')
Operations
Once you have set up the connection, there are three methods you can use. Firstly, to send a file from the local machine, you can use put:
s.put('hello.txt')
The above example copies a file called hello.txt from the current local working directory to the remote server. We can also be more explicit if we want:
s.put('/home/warrior/hello.txt', '/home/zombie/textfiles/report.txt')
So the above example copies /home/warrior/hello.txt on the local server to /home/zombie/textfiles/report.txt on the remote server.
The second operation works in a similar way but in reverse:
s.get('hello.txt')
get takes the file from the remote server to the local server, again we can be more explicit if we want:
s.get('/var/log/strange.log', '/home/warrior/serverlog.txt')
The above example copies the strange.log from the server and saves it as serverlog.txt.
The last operation is execute, this executes a command on the remote server:
s.execute('ls -l')
This returns the output as a Python list.
Closing the connection
You can do as many operations you like while the connection is open, but when you are finished, you need to close the connection between the local and remote machines. You do this with the close method:
s.close()
There we go, that is all I needed to do with SSH. Please do let me know using the comments below if you have any problems using it.
If you import my module in your program and later find that you need more power or flexibility, you should be able to swap it out for the full paramiko with a minimum of fuss.



1 Max says...
Awesome. Paramiko is over complicated for my simple single SSH command needs. I have usually just resorted to using a system command and reading from that.
Posted at 7:53 p.m. on May 29, 2008
2 Peter says...
This is pretty nice, maybe if an mget or mput could be added it would really improve its use. not sure how to do that couldn't figure it out using paramiko its probably impossible as of now. But i just learned python a week ago lol. This program really simplifies paramiko, good job! props
Posted at 3:30 p.m. on June 27, 2008
3 joeg says...
Thanx for coding this up... One glitch I found:
i'm resorting to this for the time being... it really should be conditionalized to choose the right RSA/DSS based on the private_key_file name, but well, thought you should know
Posted at 7:48 p.m. on July 30, 2008
4 Howie_in_AZ says...
I too ran into some issues with your code, but I've modified it account for RSA and DSA/DSS keys. I'd post it but whatever commenting software is in use here is irking me. Basically do a check in your 'Try to use default key' block and set the rsa_key var to paramiko.RSAKey.from_private_key_file if its the former, or paramoki.DSSKey.from_private_key_file if its the latter.
Posted at 11:49 p.m. on September 21, 2008
5 Felix Hummel says...
Your code made my life a lot easier. Thanks!
Posted at 3:59 p.m. on October 5, 2008
6 grateful says...
Thanks, you saved me a buttload of pain!
Posted at 12:36 a.m. on October 7, 2008
7 bsergean says...
It's working for me but it's slow, as it's not working with the ssh trick to re-use opened socket. Probably a paramiko problem, or the right flag not given to paramiko ?
Posted at 4:39 a.m. on October 8, 2008
8 Adrian says...
>>> username = 'user' >>> s = ssh.Connection('example.com',username) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "ssh.py", line 46, in __init__ rsa_key = paramiko.RSAKey.from_private_key_file(private_key_file) File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 197, in from_private_key_file key = cls(filename=filename, password=password) File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 51, in __init__ self._from_private_key_file(filename, password) File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 164, in _from_private_key_file data = self._read_private_key_file('RSA', filename, password) File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 279, in _read_private_key_file data = self._read_private_key(tag, f, password) File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 322, in _read_private_key raise PasswordRequiredException('Private key file is encrypted')paramiko.PasswordRequiredException: Private key file is encrypted
and this
>>> s = ssh.Connection('example.com',username,'~/.ssh/id_rsa','password') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "ssh.py", line 33, in __init__ self._transport.connect(username = username, password = password) File "/var/lib/python-support/python2.5/paramiko/transport.py", line 855, in connect self.auth_password(username, password) File "/var/lib/python-support/python2.5/paramiko/transport.py", line 1016, in auth_password return self.auth_handler.wait_for_response(my_event) File "/var/lib/python-support/python2.5/paramiko/auth_handler.py", line 174, in wait_for_response raise e paramiko.BadAuthenticationType: Bad authentication type (allowed_types=['publickey'])Posted at 2:57 p.m. on November 4, 2008
9 Very helpful says...
but i need more help. I'm have to execute the sudo command after I log in. What do I need to do to enter the password after the sudo command is executed?
Thanks
Posted at 3:03 p.m. on November 12, 2008
10 Felipe Coury says...
What do I have to say? Only this: "THANK YOU"!
Awesome!
Posted at 12:43 a.m. on November 23, 2008
11 QuickSilver says...
Nice! Is there anyway to implement a ServerAliveInterval for long processes? This is because my our firewall keeps closing the connection based on inactive connections.
Thanks,
Posted at 10:19 p.m. on January 5, 2009
12 Oisin Mulvihill says...
Hi,
Thank-you very much for this, its really useful. Here is a function I've added to this to download the contents of one remote directory to a local one
Could I make this an easy_install-able project for you? I could set up a quick project for this.
Thanks.
Posted at 10:49 a.m. on February 4, 2009
13 Oisin Mulvihill says...
I've created and easy installable project called zoink-sftp based on your code. I've also extended it to include my getdir. Other additions may follow in the next few days. I've release the project under LGPL to keep it inline with your original code. I've also given you credit for the original work in the file and python eggs. I've also linked back to this page. If you need me to change any details just drop me a line.
The easy install and bazaar/launchpad details are available here:
The short and sweet install is:
Posted at 3:37 p.m. on February 4, 2009
14 Jeff H says...
Should have posted this here earlier. With permission, I've created a project from Zeth's code. We put it together at our Python User Group meeting as a presentation.
There are some enhancements too: 1) automatic support for RSA or DSS keyfiles 2) support for encrypted keyfiles 3) ability to disable logging
There are a few more features planned but nothing surprising, Zeth's module is pretty complete - simple, easy to grok and fills a need.
Posted at 4:38 a.m. on February 8, 2009
15 metametagirl says...
This is great! Wish I had seen your post last summer when I was trying to get a similar thing to work. I had a tight deadline so I found a workaround, and just a couple weeks ago wrote a module that is pretty similar to yours. If you're interested, email me and I'll send you a copy.
Posted at 2:52 a.m. on March 6, 2009
16 Just a wonderer says...
IOError: [Errno 2] No such file or directory: 'lib/zoinksftp/doc/zoink-sftp.stx'
Just as an FYI. pysftp installed in a giffy though.
I have no affiliations with either party. Just another code wanderer, out and about wondering about the state of command line code. ;-)
Cya all.
Posted at 1:24 a.m. on March 12, 2009
17 eli says...
pretty nice, but is there a way to get the output of programs running on the remote end before they complete execution?
Posted at 12:45 a.m. on March 14, 2009
18 James says...
Hi, nice work, I am having an issue of a command asking for [y/n] to complete the task, is there anyway to do that? Cheers!
Posted at 10:02 p.m. on April 6, 2009
19 sk says...
Extremely helpful. One comment: the code as it stands doesn't let you do anything about errors that happen on the server. I made the following changes to the execute (and probably should for the put and get methods) so it returns a tuple of (out, err, code).
Posted at 5:55 a.m. on July 25, 2009
20 GregG says...
One thing to note, (and this may be obvious to some, but wasn't immediately to me) is you can run multiple commands at once from the execute method, just separate them with a semi-colon. I wanted to write a deploy script to deploy a repo to a live server from my local machine. I did that by doing something like:
Posted at 7:22 a.m. on July 8, 2010
21 Tech News says...
Thanks for this short tutorial...was auto-FTPing my files from my appserver to webserver for my tech news website. Everything was OK until someone hacked it. Hosting provider is now recommending SFTP. Wish you had covered mput also. Oh well...I will have to do a little more research for that. Thanks again.
Posted at 5:50 a.m. on July 25, 2010