SFTP in Python: Really Simple SSH

Posted on May 29, 2008 by zeth

ssh.py provides three common SSH operations, get, put and execute. It is a high-level abstraction upon Paramiko.

I wrote it yesterday for my own needs, so it is still very much in the beta stage. Any improvements or comments gratefully accepted.

In short, it works as follows:

import ssh
s = ssh.Connection('example.com')
s.put('hello.txt')
s.get('goodbye.txt')
s.execute('du -h --max-depth=0')
s.close()

That is it, in the rest of this post, I walk through this line by line.

Installation

First, we need to install paramiko, if you don't have it already.

On Gentoo Linux:

emerge paramiko

On Ubuntu/Debian and so on:

apt-get install python-paramiko

If you want to use Python's easy_install then:

easy_install paramiko

Secondly, you need to grab the ssh.py module, grab it from my code-page, and save it as ssh.py.

Connecting to a remote server

To play with the script interactively, you need to start Python:

python

Now, import the ssh module:

import ssh

Next we need to initiate the connection. If your username is the same on both systems, and you have set up ssh-keys, then all you need to do is:

s = ssh.Connection('example.com')

Connection supports the following options:

host	The Hostname of the remote machine.
username	Your username at the remote machine.
private_key	Your private key file.
password	Your password at the remote machine.
port	The SSH port of the remote machine.

The host is essential of course. Port defaults to 22. The username defaults to the username you are currently using on the local machine.

You need to use one of the authentication methods, a private key or a password. If you don't specify anything, then ssh.Connection will attempt to use a private_key at ~/.ssh/id_rsa or ~/.ssh/id_dsa.

So to specify a username and password, you can do it like this:

s = ssh.Connection(host = 'example.com', username = 'warrior', password = 'lennalenna')

Of course, Python also allows you to use the order to specify the arguments, so the last example can be written as:

s = ssh.Connection('example.com', 'warrior', password = 'lennalenna')

Operations

Once you have set up the connection, there are three methods you can use. Firstly, to send a file from the local machine, you can use put:

s.put('hello.txt')

The above example copies a file called hello.txt from the current local working directory to the remote server. We can also be more explicit if we want:

s.put('/home/warrior/hello.txt', '/home/zombie/textfiles/report.txt')

So the above example copies /home/warrior/hello.txt on the local server to /home/zombie/textfiles/report.txt on the remote server.

The second operation works in a similar way but in reverse:

s.get('hello.txt')

get takes the file from the remote server to the local server, again we can be more explicit if we want:

s.get('/var/log/strange.log', '/home/warrior/serverlog.txt')

The above example copies the strange.log from the server and saves it as serverlog.txt.

The last operation is execute, this executes a command on the remote server:

s.execute('ls -l')

This returns the output as a Python list.

Closing the connection

You can do as many operations you like while the connection is open, but when you are finished, you need to close the connection between the local and remote machines. You do this with the close method:

s.close()

There we go, that is all I needed to do with SSH. Please do let me know using the comments below if you have any problems using it.

If you import my module in your program and later find that you need more power or flexibility, you should be able to swap it out for the full paramiko with a minimum of fuss.

22 thoughts on “SFTP in Python: Really Simple SSH”

Max on May 29, 2008 at 07:53 p.m. said:

Awesome. Paramiko is over complicated for my simple single SSH command needs. I have usually just resorted to using a system command and reading from that.
Peter on June 27, 2008 at 03:30 p.m. said:

This is pretty nice, maybe if an mget or mput could be added it would really improve its use. not sure how to do that couldn't figure it out using paramiko its probably impossible as of now. But i just learned python a week ago lol. This program really simplifies paramiko, good job! props
joeg on July 30, 2008 at 07:48 p.m. said:

Thanx for coding this up... One glitch I found:
<blockquote>
#key_key = paramiko.RSAKey.from_private_key_file(private_key_file)
key_key = paramiko.DSSKey.from_private_key_file(private_key_file)
self._transport.connect(username = username, pkey = key_key)</blockquote>
i'm resorting to this for the time being... it really should be conditionalized to choose the right RSA/DSS based on the private_key_file name, but well, thought you should know
Howie_in_AZ on September 21, 2008 at 11:49 p.m. said:

I too ran into some issues with your code, but I've modified it account for RSA and DSA/DSS keys. I'd post it but whatever commenting software is in use here is irking me. Basically do a check in your 'Try to use default key' block and set the rsa_key var to paramiko.RSAKey.from_private_key_file if its the former, or paramoki.DSSKey.from_private_key_file if its the latter.
Felix Hummel on October 5, 2008 at 03:59 p.m. said:

Your code made my life a lot easier.
Thanks!
grateful on October 7, 2008 at 12:36 a.m. said:

Thanks, you saved me a buttload of pain!
bsergean on October 8, 2008 at 04:39 a.m. said:

It's working for me but it's slow, as it's not working with the ssh trick to re-use opened socket. Probably a paramiko problem, or the right flag not given to paramiko ?
<dl class="docutils">
<dt>(this is the trick)</dt>
<dd><dl class="first last docutils">
<dt>Host *</dt>
<dd>ControlMaster auto
ControlPath <a class="reference external" href="mailto:/tmp/%r@%h">/tmp/%r@%h</a>:%p</dd>
</dl>
</dd>
</dl>
Adrian on November 4, 2008 at 02:57 p.m. said:

I got this stacktrace:
<div class="highlight"><pre> >>> username = 'user'
>>> s = ssh.Connection('<a href="http://example.com" rel="nofollow">example.com</a>',username)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "ssh.py", line 46, in __init__
rsa_key = paramiko.RSAKey.from_private_key_file(private_key_file)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 197, in from_private_key_file
key = cls(filename=filename, password=password)
File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 51, in __init__
self._from_private_key_file(filename, password)
File "/var/lib/python-support/python2.5/paramiko/rsakey.py", line 164, in _from_private_key_file
data = self._read_private_key_file('RSA', filename, password)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 279, in _read_private_key_file
data = self._read_private_key(tag, f, password)
File "/var/lib/python-support/python2.5/paramiko/pkey.py", line 322, in _read_private_key
raise PasswordRequiredException('Private key file is encrypted')
paramiko.PasswordRequiredException: Private key file is encrypted
</pre></div>
and this:
<div class="highlight"><pre>>>> s = ssh.Connection('<a href="http://example.com" rel="nofollow">example.com</a>',username,'~/.ssh/id_rsa','password')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "ssh.py", line 33, in __init__
self._transport.connect(username = username, password = password)
File "/var/lib/python-support/python2.5/paramiko/transport.py", line 855, in connect
self.auth_password(username, password)
File "/var/lib/python-support/python2.5/paramiko/transport.py", line 1016, in auth_password
return self.auth_handler.wait_for_response(my_event)
File "/var/lib/python-support/python2.5/paramiko/auth_handler.py", line 174, in wait_for_response
raise e
paramiko.BadAuthenticationType: Bad authentication type (allowed_types=['publickey'])
</pre></div>
Very helpful on November 12, 2008 at 03:03 p.m. said:

but i need more help. I'm have to execute the sudo command after I log in. What do I need to do to enter the password after the sudo command is executed?
Thanks
Felipe Coury on November 23, 2008 at 12:43 a.m. said:

What do I have to say? Only this: "THANK YOU"!
Awesome!
QuickSilver on January 5, 2009 at 10:19 p.m. said:

Nice! Is there anyway to implement a ServerAliveInterval for long processes? This is because my our firewall keeps closing the connection based on inactive connections.
Thanks,
Oisin Mulvihill on February 4, 2009 at 10:49 a.m. said:

Hi,
Thank-you very much for this, its really useful. Here is a function I've added to this to download the contents of one remote directory to a local one
<div class="highlight"><pre>def getdir(self, remotepath, localpath = None):
"""Copies and entire directory from remote to local.

 Based on what is seen by listdir.

 """
if not localpath:
localpath = os.path.abspath(os.curdir)
self._sftp_connect()
for i in self._sftp.listdir(remotepath):
print "recovering ", i
try:
self._sftp.get("%s/%s" % (remotepath,i), "%s/%s" % (localpath,i))
except IOError,e:
print "unable to recover item"
</pre></div>
Could I make this an easy_install-able project for you? I could set up a quick project for this.
Thanks.
Oisin Mulvihill on February 4, 2009 at 03:37 p.m. said:

I've created and easy installable project called zoink-sftp based on your code. I've also extended it to include my getdir. Other additions may follow in the next few days. I've release the project under LGPL to keep it inline with your original code. I've also given you credit for the original work in the file and python eggs. I've also linked back to this page. If you need me to change any details just drop me a line.
The easy install and bazaar/launchpad details are available here:
<blockquote>
<ul class="simple">
<li><a class="reference external" href="http://www.sourceweaver.com/projects/">http://www.sourceweaver.com/projects/</a></li>
</ul>
</blockquote>
The short and sweet install is:
<pre class="literal-block">
easy_install zoink-sftp
</pre>
Jeff H on February 8, 2009 at 04:38 a.m. said:

Should have posted this here earlier. With permission, I've created a project from Zeth's code. We put it together at our Python User Group meeting as a presentation.
<blockquote>
easy_install pysftp</blockquote>
There are some enhancements too:
1) automatic support for RSA or DSS keyfiles
2) support for encrypted keyfiles
3) ability to disable logging
There are a few more features planned but nothing surprising, Zeth's module is pretty complete - simple, easy to grok and fills a need.
metametagirl on March 6, 2009 at 02:52 a.m. said:

This is great! Wish I had seen your post last summer when I was trying to get a similar thing to work. I had a tight deadline so I found a workaround, and just a couple weeks ago wrote a module that is pretty similar to yours. If you're interested, email me and I'll send you a copy.
Just a wonderer on March 12, 2009 at 01:24 a.m. said:

zoink-sftp doesn't install properly.
<div class="highlight"><pre>fd = file("lib/zoinksftp/doc/zoink-sftp.stx")
IOError: [Errno 2] No such file or directory: 'lib/zoinksftp/doc/zoink-sftp.stx'
</pre></div>
Just as an FYI. pysftp installed in a giffy though.
I have no affiliations with either party. Just another code wanderer, out and about wondering about the state of command line code. ;-)
Cya all.
eli on March 14, 2009 at 12:45 a.m. said:

pretty nice,
but is there a way to get the output of programs running on the remote end before they complete execution?
James on April 6, 2009 at 10:02 p.m. said:

Hi, nice work, I am having an issue of a command asking for [y/n] to complete the task, is there anyway to do that? Cheers!
sk on July 25, 2009 at 05:55 a.m. said:

Extremely helpful. One comment: the code as it stands doesn't let you do anything about errors that happen on the server. I made the following changes to the execute (and probably should for the put and get methods) so it returns a tuple of (out, err, code).
<blockquote>
<dl class="docutils">
<dt>def execute(self, command):</dt>
<dd>"""
Execute the given commands on a remote machine.
Returns tuple of stdout, stderr, code
"""
channel = self._transport.open_session()
channel.exec_command(command)
stdout = channel.makefile('rb', -1).readlines()
stderr = channel.makefile_stderr('rb', -1).readlines()
code = channel.recv_exit_status()
return stdout, stderr, code</dd>
</dl>
</blockquote>
GregG on July 8, 2010 at 07:22 a.m. said:

One thing to note, (and this may be obvious to some, but wasn't immediately to me) is you can run multiple commands at once from the execute method, just separate them with a semi-colon. I wanted to write a deploy script to deploy a repo to a live server from my local machine. I did that by doing something like:
<dl class="docutils">
<dt>sourcecode:: python</dt>
<dd>#connection already established
cmd = []
cmd.append('cd /home/user/directory/')
cmd.append('hg pull')
cmd.append('hg up')
connection.execute("; ".join(cmd))</dd>
</dl>
Tech News on July 25, 2010 at 05:50 a.m. said:

Thanks for this short tutorial...was auto-FTPing my files from my appserver to webserver for my tech news website. Everything was OK until someone hacked it. Hosting provider is now recommending SFTP. Wish you had covered mput also. Oh well...I will have to do a little more research for that. Thanks again.
untitled.v6 on August 3, 2010 at 03:39 a.m. said:

thank you very much, i love it.
paramiko so powerful!

Zeth's homepage

The best of Zeth

SFTP in Python: Really Simple SSH

22 thoughts on “SFTP in Python: Really Simple SSH”