def check_auth_password(self,username,password):
print_attn("[-.-] Username: %s%s" % (WARN,username))
print_attn("[>.>] password: %s%s" % (WARN,password))
#we try authenticating against the endpoint
#this should block till we know if success
try:
self.endpoint.auth_password(username,password,None,False)
if self.endpoint.is_authenticated():
self.logfile.write("[^.^] Good login | %s:%s\n" % (username,password))
self.logfile.write("__________________________\n")
return paramiko.AUTH_SUCCESSFUL
except Exception as e:
print str(e)
self.logfile.write("[~.~] Bad login | %s:%s\n" % (username,password))
self.logfile.write("__________________________\n")
self.retry_hack()
return paramiko.AUTH_FAILED
return paramiko.AUTH_FAILED
python类AUTH_SUCCESSFUL的实例源码
def check_auth_publickey(self, username, public_key):
"""????????????, ???????????,
??????, paramiko???????, ????push request context
"""
public_key_s = public_key.get_base64()
if self.check_auth(username, public_key=public_key_s):
logger.info('Accepted public key for %(username)s from %(host)s' % {
'username': username,
'host': request.environ['REMOTE_ADDR'],
})
return paramiko.AUTH_SUCCESSFUL
else:
logger.info('Authentication public key failed for '
'%(username)s from %(host)s' % {
'username': username,
'host': request.environ['REMOTE_ADDR'],
})
return paramiko.AUTH_FAILED
def check_auth_gssapi_with_mic(self, username,
gss_authenticated=paramiko.AUTH_FAILED,
cc_file=None):
"""
.. note::
We are just checking in `AuthHandler` that the given user is a
valid krb5 principal! We don't check if the krb5 principal is
allowed to log in on the server, because there is no way to do that
in python. So if you develop your own SSH server with paramiko for
a certain platform like Linux, you should call ``krb5_kuserok()`` in
your local kerberos library to make sure that the krb5_principal
has an account on the server and is allowed to log in as a user.
.. seealso::
`krb5_kuserok() man page
<http://www.unix.com/man-page/all/3/krb5_kuserok/>`_
"""
if gss_authenticated == paramiko.AUTH_SUCCESSFUL:
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
logger.info("-=-=- %s -=-=-\nUser: %s\nPassword: %s\n" % (self.client_address[0], username, password))
print " IP: %s\n User: %s\n Pass: %s\n" % (self.client_address[0], username, password)
if DENY_ALL == True:
return paramiko.AUTH_FAILED
f = open("blocked.dat").read()
if self.client_address[0] in f:
if ran:
new_key()
return paramiko.OPEN_FAILED_UNKNOWN_CHANNEL_TYPE
else:
f = open("blocked.dat","a")
deepscan(self.client_address[0],f)
paramiko.OPEN_FAILED_CONNECT_FAILED
if (username == "root"):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
logger.info("-=-=- %s -=-=-\nUser: %s\nPassword: %s\n" % (self.client_address[0], username, password))
print " IP: %s\n User: %s\n Pass: %s\n" % (self.client_address[0], username, password)
if DENY_ALL == True:
return paramiko.AUTH_FAILED
f = open("blocked.dat","r")
data = str(f.readlines()).find(self.client_address[0])
if data > 1:
if ran:
new_key()
return paramiko.PasswordRequiredException
else:
f = open("blocked.dat","a")
deepscan(self.client_address[0],f)
paramiko.OPEN_FAILED_CONNECT_FAILED
if (username == "root") and (password in PASSWORDS):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
# TODO: look up public keys from disk based on configured
# public key storage path
if (username == 'nikki') and (key == good_pub_key):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
print("Password-based authentication: user={} pass={}".format(username, password))
log_append('tcp_ssh_passwords', username, password, *self.socket_peername)
self.username = username
return paramiko.AUTH_SUCCESSFUL
#return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
print('Pubkey-based authentication: user={} key={}'.format(username, key.get_fingerprint().encode('hex')))
self.username = username
return paramiko.AUTH_SUCCESSFUL
#return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
self.log.info("SSHServer: got username:%s password:%s" \
% (username, password))
try:
# Try the authentication to the server and return the response
self.sshproto.destt.auth_password(username, password)
except paramiko.AuthenticationException:
self.log.error("SSHProtocol: BAAAD AUTH")
return paramiko.AUTH_FAILED
return paramiko.AUTH_SUCCESSFUL
#if (username == 'sshtest') and (password == 'Intrepi0wn!'):
#return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
self.log.info("SSHProtocol: Auth attempt with key: " \
+ hexlify(key.get_fingerprint()))
if (username == 'robey') and (key == self.good_pub_key):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
self.logger.info('%s:%d: trying publickey authentication for "%s"' % (self.client_address + (username,)))
# Check the username
upstream = self._findUpstream(username)
if not upstream:
return paramiko.AUTH_FAILED
# Look for the client key in upstream's authorized_keys file
if not upstream.upstream_key:
self.logger.warning('%s:%d: publickey authentication is disabled for "%s"' % (self.client_address + (username,)))
return paramiko.AUTH_FAILED
authenticated = False
if self._connectToUpstream(upstream, publickey=True) == paramiko.AUTH_SUCCESSFUL:
try:
sftp = self.client.open_sftp()
with sftp.file(upstream.upstream_authorized_keys, 'r') as file:
for line in file.readlines():
line = line.split(' ')
if (len(line) >= 2) and (line[0] == key.get_name()) and (line[1] == key.get_base64()):
authenticated = True
break
sftp.close()
except Exception:
self.logger.info('%s:%d: an error occurred while looking for the public key of "%s" in upstream\'s "%s" file' % (self.client_address + (username, upstream.upstream_authorized_keys)))
self.logger.debug('Catched exception', exc_info=True)
# Close all connections
self.upstream = None
self.shellchannel.close()
self.client.close()
if not authenticated:
self.logger.critical('%s:%d: authentication of "%s" with publickey failed' % (self.client_address + (username,)))
self.upstream = None
return paramiko.AUTH_FAILED
# Connect to the upstream
return self._connectToUpstream(upstream, publickey=True)
def check_auth_publickey (self, username, offered_key):
if not self.get_user_auth_keys(username):
return ssh.AUTH_FAILED
for ukey in self.users_keys[username]:
if ukey == offered_key:
return ssh.AUTH_SUCCESSFUL
return ssh.AUTH_FAILED
def check_auth_password (self, username, password):
# Don't allow empty user or empty passwords
if not username or not password:
return ssh.AUTH_FAILED
if self.pam and self.pam.authenticate(username, password):
return ssh.AUTH_SUCCESSFUL
return ssh.AUTH_FAILED
def check_auth_password (self, username, password):
if self.username == username and self.password == password:
return ssh.AUTH_SUCCESSFUL
return ssh.AUTH_FAILED
def check_auth_password (self, username, password):
if self.username == username and self.password == password:
return ssh.AUTH_SUCCESSFUL
return ssh.AUTH_FAILED
def check_auth_publickey(self,username,key):
# host_key is our private key
print "username: %s" % username
if username == "lil_sshniffer" and key==host_key:
print "success!"
return paramiko.AUTH_SUCCESSFUL
print "FAIL"
return paramiko.AUTH_FAILED
def check_channel_request(self, kind, chanid):
if kind == "session":
return paramiko.OPEN_SUCCEEDED
return paramiko.OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED
def check_auth_password(self, username, password):
if (username == "ubuntu") and (password == "lanxia2372615"):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
if self.check_auth(username, password=password):
logger.info('Accepted password for %(username)s from %(host)s' % {
'username': username,
'host': request.environ['REMOTE_ADDR'],
})
return paramiko.AUTH_SUCCESSFUL
else:
logger.info('Authentication password failed for '
'%(username)s from %(host)s' % {
'username': username,
'host': request.environ['REMOTE_ADDR'],
})
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
if self.user2key.get(username) == key:
return paramiko.AUTH_SUCCESSFUL
else:
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
# print 'check auth'
if self.user2password.get(username) == password:
return paramiko.AUTH_SUCCESSFUL
else:
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
try:
_, known_public_key = self.server._users[username]
except KeyError:
self.log.debug("Unknown user '%s'", username)
return paramiko.AUTH_FAILED
if known_public_key == key:
self.log.debug("Accepting public key for user '%s'", username)
return paramiko.AUTH_SUCCESSFUL
self.log.debug("Rejecting public ley for user '%s'", username)
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
if username == CONF["ssh_username"] and \
password == CONF["ssh_password"]:
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
if (username == 'slowdive') and (password == 'pygmalion'):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_publickey(self, username, key):
try:
expected = FINGERPRINTS[key.get_name()]
except KeyError:
return paramiko.AUTH_FAILED
if (
key.get_name() in self.__allowed_keys and
key.get_fingerprint() == expected
):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_gssapi_with_mic(self, username,
gss_authenticated=paramiko.AUTH_FAILED,
cc_file=None):
if gss_authenticated == paramiko.AUTH_SUCCESSFUL:
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_gssapi_keyex(self, username,
gss_authenticated=paramiko.AUTH_FAILED,
cc_file=None):
if gss_authenticated == paramiko.AUTH_SUCCESSFUL:
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
if (username == 'robey') and (password == 'foo'):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def check_auth_gssapi_keyex(self, username,
gss_authenticated=paramiko.AUTH_FAILED,
cc_file=None):
if gss_authenticated == paramiko.AUTH_SUCCESSFUL:
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def auth(username, password):
if username in env.auth_map and env.auth_map[username] == password:
return paramiko.AUTH_SUCCESSFUL
else:
return paramiko.AUTH_FAILED
def check_auth_password(self, username, password):
if (username == CONF[SSH_USERNAME]
and password == CONF[SSH_PASSWORD]):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
