From 5cda7e5ff7946fd2ea6bf9208951c741822cd331 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20R=C3=A4misch?= <olf@subsignal.org>
Date: Sat, 10 Dec 2022 09:08:30 +0100
Subject: [PATCH] Add first draft for ssh connection to westnetz switches

---
 ssh_experiments/main.py          | 48 ++++++++++++++++++++++++++++++++
 ssh_experiments/requirements.txt |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 ssh_experiments/main.py
 create mode 100644 ssh_experiments/requirements.txt

diff --git a/ssh_experiments/main.py b/ssh_experiments/main.py
new file mode 100644
index 0000000..3e236e3
--- /dev/null
+++ b/ssh_experiments/main.py
@@ -0,0 +1,48 @@
+# coding: utf-8
+
+import getpass
+import paramiko
+
+paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
+
+from base64 import decodebytes
+
+PKEY_PATH = "/home/olf/.ssh/westnetz"
+
+# First we setup the hostkeys
+# Hardcoded, because I'm a loser
+keydata_jumphost = b'''AAAAB3NzaC1yc2EAAAADAQABAAABAQCo/1QuGzXuAqj3kgfKgVqqPqOeiYsb5s9UlDZNhC+EuFdTwp6jANtVy2IFEMoVfJopSS1kaCTmZVqRg+nf+RTioBsyZ/0BmR3mZ7HtN0DJuucPj0FrguOxFkpDAaobzjLpbk9Ckz+Ji5VJgvJliuel3zvNQpTSXB8S/ryWZ5+wrVAPu5UQUkAezaw+fw7AD69bjQjcPzmKYJ5yIVf3w2aNGM5FXdtcgMH26dHbS5uPhNjSmTgBDtngivb5NP9QqIEtAzIU1WhSc0RQr5OccSiKAkNZ2WrD1IDOOg2tKaWHKqPZ0wQYz4eiD5lhlEhFKuj1SVft/nLAFxhcDgdy7hLR'''
+key_jumphost = paramiko.RSAKey(data=decodebytes(keydata_jumphost))
+keydata_sw_halle = b'''AAAAB3NzaC1yc2EAAAADAQABAAAAgQDFzOaMJ/afAtOpjxv8+4U170nEoi1ngCZ7f5CHL1eQd7P73Y+DzZiJX2h5uYYseBx4OLDElNvLEgR80q8qz1NrLMO3lHR3wXQYiRZyWObUG6sIqD2+VNi7iLDdec3sXVItZk3M5wLm0EpZU9iY6chDFIFF8I2QmCP0S/HLWtgvhQ=='''
+key_sw_halle = paramiko.RSAKey(data=decodebytes(keydata_sw_halle))
+
+## get private Key
+key_password = getpass.getpass()
+key = paramiko.RSAKey.from_private_key_file(PKEY_PATH, key_password)
+
+
+def connect(host, user, pkey, passphrase, gateway=None):
+    client = paramiko.SSHClient()
+    client.get_host_keys().add('jumphost.lej.westnetz.org', 'ssh-rsa', key_jumphost)
+    client.get_host_keys().add('sw-halle.int.westnetz.org', 'ssh-rsa', key_sw_halle)
+    sock = None
+    if gateway:
+        gw_client = connect(gateway, user, pkey, passphrase)
+        sock = gw_client.get_transport().open_channel(
+            'direct-tcpip', (host, 22), ('', 0)
+        )
+    kwargs = dict(
+        hostname=host,
+        port=22,
+        passphrase=passphrase,
+        pkey=pkey,
+        username=user,
+        sock=sock,
+        allow_agent=False,
+        look_for_keys=False,
+        disabled_algorithms= dict(pubkeys=['rsa-sha2-256', 'rsa-sha2-512'])
+    )
+    client.connect(**kwargs)
+    return client
+
+c = connect("sw-halle.int.westnetz.org", "olf", key, key_password, "jumphost.lej.westnetz.org")
diff --git a/ssh_experiments/requirements.txt b/ssh_experiments/requirements.txt
new file mode 100644
index 0000000..c747290
--- /dev/null
+++ b/ssh_experiments/requirements.txt
@@ -0,0 +1 @@
+paramiko==2.11.1