SFTP in Python: Really Simple SSH

29 May 2008

ssh.py provides three common SSH operations, get, put and execute. It is a high-level abstraction upon Paramiko.

I wrote it yesterday for my own needs, so it is still very much in the beta stage. Any improvements or comments gratefully accepted.

In short, it works as follows:

import ssh
s = ssh.Connection('example.com')
s.put('hello.txt')
s.get('goodbye.txt')
s.execute('du -h --max-depth=0')
s.close()

That is it, in the rest of this post, I walk through this line by line.

Installation

First, we need to install paramiko, if you don't have it already.

On Gentoo Linux:

emerge paramiko

On Ubuntu/Debian and so on:

apt-get install python-paramiko

If you want to use Python's easy_install then:

easy_install paramiko

Secondly, you need to grab the ssh.py module, grab it from my code-page, and save it as ssh.py.

Connecting to a remote server

To play with the script interactively, you need to start Python:

python

Now, import the ssh module:

import ssh

Next we need to initiate the connection. If your username is the same on both systems, and you have set up ssh-keys, then all you need to do is:

s = ssh.Connection('example.com')

Connection supports the following options:

host	The Hostname of the remote machine.
username	Your username at the remote machine.
private_key	Your private key file.
password	Your password at the remote machine.
port	The SSH port of the remote machine.

The host is essential of course. Port defaults to 22. The username defaults to the username you are currently using on the local machine.

You need to use one of the authentication methods, a private key or a password. If you don't specify anything, then ssh.Connection will attempt to use a private_key at ~/.ssh/id_rsa or ~/.ssh/id_dsa.

So to specify a username and password, you can do it like this:

s = ssh.Connection(host = 'example.com', username = 'warrior', password = 'lennalenna')

Of course, Python also allows you to use the order to specify the arguments, so the last example can be written as:

s = ssh.Connection('example.com', 'warrior', password = 'lennalenna')

Operations

Once you have set up the connection, there are three methods you can use. Firstly, to send a file from the local machine, you can use put:

s.put('hello.txt')

The above example copies a file called hello.txt from the current local working directory to the remote server. We can also be more explicit if we want:

s.put('/home/warrior/hello.txt', '/home/zombie/textfiles/report.txt')

So the above example copies /home/warrior/hello.txt on the local server to /home/zombie/textfiles/report.txt on the remote server.

The second operation works in a similar way but in reverse:

s.get('hello.txt')

get takes the file from the remote server to the local server, again we can be more explicit if we want:

s.get('/var/log/strange.log', '/home/warrior/serverlog.txt')

The above example copies the strange.log from the server and saves it as serverlog.txt.

The last operation is execute, this executes a command on the remote server:

s.execute('ls -l')

This returns the output as a Python list.

Closing the connection

You can do as many operations you like while the connection is open, but when you are finished, you need to close the connection between the local and remote machines. You do this with the close method:

s.close()

There we go, that is all I needed to do with SSH. Please do let me know using the comments below if you have any problems using it.

If you import my module in your program and later find that you need more power or flexibility, you should be able to swap it out for the full paramiko with a minimum of fuss.

1 Max says...

Awesome. Paramiko is over complicated for my simple single SSH command needs. I have usually just resorted to using a system command and reading from that.

Posted at 7:53 p.m. on May 29, 2008

2 Peter says...

This is pretty nice, maybe if an mget or mput could be added it would really improve its use. not sure how to do that couldn't figure it out using paramiko its probably impossible as of now. But i just learned python a week ago lol. This program really simplifies paramiko, good job! props

Posted at 3:30 p.m. on June 27, 2008

3 joeg says...

Thanx for coding this up... One glitch I found:

#key_key = paramiko.RSAKey.from_private_key_file(private_key_file) key_key = paramiko.DSSKey.from_private_key_file(private_key_file) self._transport.connect(username = username, pkey = key_key)

i'm resorting to this for the time being... it really should be conditionalized to choose the right RSA/DSS based on the private_key_file name, but well, thought you should know

Posted at 7:48 p.m. on July 30, 2008

4 Howie_in_AZ says...

I too ran into some issues with your code, but I've modified it account for RSA and DSA/DSS keys. I'd post it but whatever commenting software is in use here is irking me. Basically do a check in your 'Try to use default key' block and set the rsa_key var to paramiko.RSAKey.from_private_key_file if its the former, or paramoki.DSSKey.from_private_key_file if its the latter.

Posted at 11:49 p.m. on September 21, 2008

5 Felix Hummel says...

Your code made my life a lot easier. Thanks!

Posted at 3:59 p.m. on October 5, 2008

6 grateful says...

Thanks, you saved me a buttload of pain!

Posted at 12:36 a.m. on October 7, 2008

7 bsergean says...

It's working for me but it's slow, as it's not working with the ssh trick to re-use opened socket. Probably a paramiko problem, or the right flag not given to paramiko ?

(this is the trick)

Host *: ControlMaster auto ControlPath /tmp/%r@%h:%p

Posted at 4:39 a.m. on October 8, 2008

8 Adrian says...

I got this stacktrace:

>>> username = 'user'
>>> s = ssh.Connection('example.com',username)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "ssh.py", line 46, in __init__
  rsa_key = paramiko.RSAKey.from_private_key_file(private_key_file)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 197, in   from_private_key_file
  key = cls(filename=filename, password=password)
File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 51, in __init__
  self._from_private_key_file(filename, password)
File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 164, in _from_private_key_file
  data = self._read_private_key_file('RSA', filename, password)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 279, in _read_private_key_file
  data = self._read_private_key(tag, f, password)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 322, in _read_private_key
  raise PasswordRequiredException('Private key file is encrypted')

System Message: WARNING/2 (<string>, line 18)

Definition list ends without a blank line; unexpected unindent.

paramiko.PasswordRequiredException: Private key file is encrypted

and this

>>> s = ssh.Connection('example.com',username,'~/.ssh/id_rsa','password')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "ssh.py", line 33, in __init__
    self._transport.connect(username = username, password = password)
  File "/var/lib/python-support/python2.5/paramiko/transport.py", line 855, in connect
    self.auth_password(username, password)
  File "/var/lib/python-support/python2.5/paramiko/transport.py", line 1016, in auth_password
    return self.auth_handler.wait_for_response(my_event)
  File "/var/lib/python-support/python2.5/paramiko/auth_handler.py", line 174, in wait_for_response
    raise e
paramiko.BadAuthenticationType: Bad authentication type (allowed_types=['publickey'])

Posted at 2:57 p.m. on November 4, 2008

9 Very helpful says...

but i need more help. I'm have to execute the sudo command after I log in. What do I need to do to enter the password after the sudo command is executed?

Thanks

Posted at 3:03 p.m. on November 12, 2008

10 Felipe Coury says...

What do I have to say? Only this: "THANK YOU"!

Awesome!

Posted at 12:43 a.m. on November 23, 2008

11 QuickSilver says...

Nice! Is there anyway to implement a ServerAliveInterval for long processes? This is because my our firewall keeps closing the connection based on inactive connections.

Thanks,

Posted at 10:19 p.m. on January 5, 2009

12 Oisin Mulvihill says...

Hi,

Thank-you very much for this, its really useful. Here is a function I've added to this to download the contents of one remote directory to a local one

def getdir(self, remotepath, localpath = None):
      """Copies and entire directory from remote to local.

      Based on what is seen by listdir.

      """
      if not localpath:
          localpath = os.path.abspath(os.curdir)
      self._sftp_connect()
      for i in self._sftp.listdir(remotepath):
          print "recovering ", i
          try:
              self._sftp.get("%s/%s" % (remotepath,i), "%s/%s" % (localpath,i))
          except IOError,e:
              print "unable to recover item"

Could I make this an easy_install-able project for you? I could set up a quick project for this.

Thanks.

Posted at 10:49 a.m. on February 4, 2009

13 Oisin Mulvihill says...

I've created and easy installable project called zoink-sftp based on your code. I've also extended it to include my getdir. Other additions may follow in the next few days. I've release the project under LGPL to keep it inline with your original code. I've also given you credit for the original work in the file and python eggs. I've also linked back to this page. If you need me to change any details just drop me a line.

The easy install and bazaar/launchpad details are available here:

http://www.sourceweaver.com/projects/

The short and sweet install is:

easy_install zoink-sftp

Posted at 3:37 p.m. on February 4, 2009

14 Jeff H says...

Should have posted this here earlier. With permission, I've created a project from Zeth's code. We put it together at our Python User Group meeting as a presentation.

easy_install pysftp

There are some enhancements too: 1) automatic support for RSA or DSS keyfiles 2) support for encrypted keyfiles 3) ability to disable logging

There are a few more features planned but nothing surprising, Zeth's module is pretty complete - simple, easy to grok and fills a need.

Posted at 4:38 a.m. on February 8, 2009

15 metametagirl says...

This is great! Wish I had seen your post last summer when I was trying to get a similar thing to work. I had a tight deadline so I found a workaround, and just a couple weeks ago wrote a module that is pretty similar to yours. If you're interested, email me and I'll send you a copy.

Posted at 2:52 a.m. on March 6, 2009

16 Just a wonderer says...

zoink-sftp doesn't install properly.: fd = file("lib/zoinksftp/doc/zoink-sftp.stx")

System Message: WARNING/2 (<string>, line 3)
Block quote ends without a blank line; unexpected unindent.

IOError: [Errno 2] No such file or directory: 'lib/zoinksftp/doc/zoink-sftp.stx'

Just as an FYI. pysftp installed in a giffy though.

I have no affiliations with either party. Just another code wanderer, out and about wondering about the state of command line code. ;-)

Cya all.

Posted at 1:24 a.m. on March 12, 2009

17 eli says...

pretty nice, but is there a way to get the output of programs running on the remote end before they complete execution?

Posted at 12:45 a.m. on March 14, 2009

18 James says...

Hi, nice work, I am having an issue of a command asking for [y/n] to complete the task, is there anyway to do that? Cheers!

Posted at 10:02 p.m. on April 6, 2009

19 sk says...

Extremely helpful. One comment: the code as it stands doesn't let you do anything about errors that happen on the server. I made the following changes to the execute (and probably should for the put and get methods) so it returns a tuple of (out, err, code).

def execute(self, command):

""" Execute the given commands on a remote machine. Returns tuple of stdout, stderr, code """ channel = self._transport.open_session() channel.exec_command(command) stdout = channel.makefile('rb', -1).readlines() stderr = channel.makefile_stderr('rb', -1).readlines() code = channel.recv_exit_status() return stdout, stderr, code

Posted at 5:55 a.m. on July 25, 2009

20 GregG says...

One thing to note, (and this may be obvious to some, but wasn't immediately to me) is you can run multiple commands at once from the execute method, just separate them with a semi-colon. I wanted to write a deploy script to deploy a repo to a live server from my local machine. I did that by doing something like:

sourcecode:: python: #connection already established cmd = [] cmd.append('cd /home/user/directory/') cmd.append('hg pull') cmd.append('hg up') connection.execute("; ".join(cmd))

Posted at 7:22 a.m. on July 8, 2010

21 Tech News says...

Thanks for this short tutorial...was auto-FTPing my files from my appserver to webserver for my tech news website. Everything was OK until someone hacked it. Hosting provider is now recommending SFTP. Wish you had covered mput also. Oh well...I will have to do a little more research for that. Thanks again.

Posted at 5:50 a.m. on July 25, 2010

What do you have to say?

Show Editing Help

About

Hello, my name is Zeth, I'll be your host here.

Command Line Warriors is about taking control of your own technology, it looks at our experiences of computing; especially using GNU/Linux, the Python programming language, the command-line and issues such as techno-ethics, best practices and whatever is cool now. If you take control of your technology then you are a Warrior too!

This site is your site too which means that you can contribute and get involved. You can leave comments using the facility provided. For me, the comments and discussions are by far the best part of the site. So please do have your say!

Latest Discussions

Cupcake

July 31, 2010
Good post! You helped me a lot with my school project! CountryField(blank = True) < (K)
→ Countries in Django

LeshaShampoo

July 30, 2010
it was very interesting to read commandline.org.uk I want to quote your post in my blog. It can? And you et an account on Twitter?
→ Email Syntax Check in Python

vemma2018

July 30, 2010
I find myself coming to your blog more and more often to the point where my visits are almost daily now!
→ On Comment Spam

layecenda

July 30, 2010
Hello. And Bye.test :) http://idfjhvihdfiphvlajbvhalibv.com
→ PuTTY Series: Adding PuTTY to your system path

scuba

July 30, 2010
I’ve been visiting your blog for a while now and I always find a gem in your new posts. Thanks for sharing.
→ On Comment Spam

Businesking

July 30, 2010
Great site and articles for hack for win, I said Amazing post
→ How not to program WSGI

Tehnoking

July 30, 2010
This is Great post to learn about the hack Thumbs-up for you :D
→ How not to program WSGI

Syabiltech

July 30, 2010
I think this articles for master...because very hard to learning, As blogger beginners like me.
→ How not to program WSGI

coffeeatea

July 30, 2010
Are you looking for coffee gifts? We can tell you more about the coffee gifts including coffee machines and coffee pods.
→ Introducing Soturi - yet another Django blog application

noni juice

July 30, 2010
I just sent this post to a bunch of my friends as I agree with most of what you’re saying here and the way you’ve presented it is awesome.
→ On Comment Spam

Dion Moult

July 29, 2010
What I do know is that ever since I tried out Opera and put their tab bar on the left as a column, I've loved that layout. Back on Firefox ...
→ We need a thoughout integration of the desktop and the web - not Tab Candy superfast jellyfish

ZonaEntertainment

July 29, 2010
Wow useful articles, I'm read to learn about this and now I bookmark this to my Facebook, thanks for share!
→ How not to program WSGI

Giacomo

July 29, 2010
Honestly, I think both Mozilla and you are wrong :) This sort of concept adds overhead. A user would have to manage all this crap, constantly dragging and dropping, creating ...
→ We need a thoughout integration of the desktop and the web - not Tab Candy superfast jellyfish

Matija "hook" Šuklje

July 29, 2010
As a minimalist, you'll probybly moan if I mention KDE, but I'll do so anyway ;) The future I want (and actually see slowly fold out before me) is to ...
→ We need a thoughout integration of the desktop and the web - not Tab Candy superfast jellyfish

tahitian noni

July 28, 2010
Thank You For This Blog, was added to my bookmarks.
→ On Comment Spam

Rick

July 28, 2010
I already have piles. It's called A New Window.
→ We need a thoughout integration of the desktop and the web - not Tab Candy superfast jellyfish

Tech News

July 25, 2010
Thanks for this short tutorial...was auto-FTPing my files from my appserver to webserver for my tech news website. Everything was OK until someone hacked it. Hosting provider is now recommending ...
→ SFTP in Python: Really Simple SSH

naypalm

July 24, 2010
During the past 3-4 years, I and many others have enjoyed unlimited 2G/3G internet. But ever since the massive cult-like following of i Phone users in the US, most cellular ...
→ Calling time on mobile internet nonsense?

Steve

July 15, 2010
Very occasionally, you will run into a Java program that uses a lot of memory just to hold all the classes used. It turns out that the JVM uses a ...
→ Three classic command line tips

no

July 14, 2010
1. number one 2. number two 4. number four 3. number three 6. number six # first # second ## second-ay ## second-bee ### second-bee-one ### second-bee-two
→ An Introduction to ReStructuredText

COMMAND LINE WARRIORS

Taking Control of your Own Technology