Matheus Bratfisch

Sep 02 2009

Connect to SSH using Python

Good Night,

If you want to execute commands in console using python you can use the pexpect library. You can get it in http://sourceforge.net/projects/pexpect/. To install it use:

$ sudo python setup.py install

After install it, you can have fun. I did a small script to test it.

import pexpect
class SSH():

def connect(self):

x = True

sshConnection = pexpect.spawn(‘ssh -l matheus -p 22 192.168.0.254′)

sshConnection.expect(‘matheus@192.168.0.254\’s password:’)

sshConnection.sendline(‘password’)

while True:

print sshConnection.readline();

if x is True:

sshConnection.sendline(‘uptime’)

x = False

sshConnection.readline();
s = SSH()

s.connect()

If you have any problem try to use:

$ sudo apt-get install python-dev

Example connect to SSH using Python

Matheus

Tags: pexpect, python, ssh

python | Matheus (X-warrior) Bratfisch | Comments (0)

May 20 2009

Install and configure SSH server to be safer.

Good night,

To install ssh server in Ubuntu use:

$ sudo apt-get install openssh-server

To let it safer edit /etc/ssh/sshd_config

$ sudo vi /etc/ssh/sshd_config

Than change the lines:

AllowUsers USER
AllowGroups GROUP_USER
PasswordAuthentication yes
MaxStartups 2:100:2
Port XXX # Change the port

What MaxStartups do? Specify the number of un authenticated connections in server. The syntax is start:percent:max. Example: 10:50:20. When it gets to 10 connections it will start with the percent. So every new connection will have 50% of chance to be automaticlly refused. When it gets to 20. It will denied ALL the new connections.

If you want, you can ask for a second password, if you type it wrong, it will close the connection:

Edit /home/user/.profile

echo Put your password
read senha
if [ $senha == "SOMETHING" ]
then
# CODES THAT ALREADY ARE AT .profile
else
exit
fi

With this you can do some tricks, to create a new RANDOM password every time somebody connect and send it to your e-mail. So you will need to put your normal password, than access your e-mail account, verify the new password and type it.

Best Regards,
Matheus

References:
Desabilitar Comando SU
Informação MaxStartups

Tags: openssh, profile, segurança, shell, ssh

Linux, Shell Script | Matheus (X-warrior) Bratfisch | Comments (0)

May 13 2009

Block root access, ssh.

Hey,

Just a fast tip, if you want to have a ssh server more secure disable root access in “/etc/ssh/sshd_config”

Find the line starting with PermitRootLogin and set it to nojust like this:
PermitRootLogin no.

I already setup my ubuntu server, and have infos about ssh and other configurations. I’m translating the old articles to english first, so don’t get angry if I take a little time to post it. I hope in the next month the portuguese version and the english, start to run together