Connect to device via existing paramiko.Channel

[svg30]

The ncclient library has the ability to connect to the device using a previously created connection (paramiko.Channel) by passing the desired object in the sock parameter. This is necessary, for example, if you connect via a previously created SSH tunnel. PyEZ doesn't have that option. You need to add the ability to transfer the sock parameter and use it further when opening the connection

in Device.init() add
self._sock = kvargs.get("sock", None)

in Device.open()
...
self._conn = netconf_ssh.connect(
host=self._hostname,
port=self._port,
sock_fd=self._sock_fd,
username=self._auth_user,
password=self._auth_password,
hostkey_verify=False,
key_filename=self._ssh_private_key_file,
allow_agent=allow_agent,
look_for_keys=look_for_keys,
ssh_config=self._sshconf_lkup(),
timeout=self._conn_open_timeout,
sock=self._sock,
device_params={
"name": "junos",
"local": self.class.ON_JUNOS,
"use_filter": self._use_filter,
},
)

[dineshbaburam91]

@svg30 Could you please share the ncclient example for this usecase to validate?

[svg30]

import paramiko
from ncclient.manager import connect_ssh

JH_IP = 'jump_host_ip'
JH_NAME = 'jump_host_user'
JH_PWD = 'jump_host_pwd'
USER_NAME = 'device_user_name'
USER_PWD = 'device_password'
DEV_IP = 'device_ip'

def get_new_channel_via_jump_host(ip, local_port):
    vm = paramiko.SSHClient()
    vm.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    vm.connect(JH_IP, username=JH_NAME, password=JH_PWD)
    transport = vm.get_transport()
    dest_addr = (ip, 22)
    local_addr = ('127.0.0.1', local_port)
    return transport.open_channel("direct-tcpip", dest_addr, local_addr)


def connect_to_device(ip):
    local_port = 40000
    channel = get_new_channel_via_jump_host(ip, local_port)
    dev_connect_params = {
        'host': '127.0.0.1',
        'username': USER_NAME,
        'password': USER_PWD,
        'port': local_port,
        'sock': channel,
        'device_params': {'name':'junos'},      
        'hostkey_verify': False
    }
    return connect_ssh(**dev_connect_params)

def main():
    connect = connect_to_device(DEV_IP)
    result = connect.command('show version', format='text')  
    print(result)

if __name__ == "__main__":
    main()

[dineshbaburam91]

@svg30 PyEZ already supported jump host usecases.

Refer Example:
#732

[dineshbaburam91]

@svg30 Did you get the chance to refer to the example and try it?

[svg30]

@dineshbaburam91
This option using the sock_fd parameter is used in the case of outband-ssh (the remote device initiates the connection) and such a scenario is also supported by the ncclient library, where there is a parameter of the same name. The sock parameter is used in another case, when you need to connect to a remote device through the ssh tunnel created using paramiko.Channel. I was unable to get the desired behavior using sock_fd, however, after making the PyEZ code changes mentioned in the first post (transparent transfer of the sock parameter to the ncclient library), everything worked great