SSH eXtensions
Project description
sshx (SSH eXtensions)
sshx is a lightweight wrapper for ssh/scp command, which has the following features:
- Remember your ssh account
- Connect to your account with a short command, without typing password
- Enable jump host for your connection
- Create ssh forwarding with a short command, without typing password
- Create socks5 proxy from ssh dynamic port forwarding
- Enable jump host for your port forwarding
- Copy files from/to your account with a short command, without typing password
- Enable jump host for your scp connection
Installation
Supported platform: Python 3 on Linux, macOS, WSL/cygwin/msys2 for Windows).
Attention:
- Native Windows support was removed.
- Python 2 support was removed.
Install from pypi
pip install sshx
Install from source
pip install git+https://github.com/WqyJh/sshx
# Or
python setup.py install
Quick Start
-
Initialization.
Perform only once after you've installed sshx.
sshx init
-
Adding an account.
sshx add myhost -l test@192.168.9.155
(This command will ask you to type your password and sshx would store the encrypted password.)
-
Connect to the account.
sshx connect myhost
Usage
Initialization
sshx init
performs initialization.
It will automatically create the following files which storing the account info. If the files are damaged you'll probably
lost all the account records, so DON'T TOUCH IT. If this happened, use this command to re-init and use
add
command to re-add them.
$ sshx init
$ tree ~/.sshx
~/.sshx
└── .accounts
You can set environment variable SSHX_HOME
to customize the location of configurations, the default value if ~/.sshx
。
Force initialization (Dangerous): delete the previous configuration and perform initialization.
sshx init --force
Add accounts
sshx add
adds an account.
# add an account in an simple way
sshx add myhost -l user@host:port
# add an account and specify an password for authentication
sshx add myhost -H host -P port -u user -p
# add an account and specify an identity file for authentication
sshx add myhost -H host -P port -u user -i identity_file
# add an account and specify both password and identity file for authentication
sshx add myhost -H host -P port -u user -p -i identity_file
# add an account named myhost2 and specify an password for authentication
# use pre-added myhost as it's jump host
sshx add -l user@host:port -v myhost myhost2
- Host and user options are required for adding an account.
- Either a password or a identity option is required for adding an account. You can also specify both of them for an account. In this case, only using identity for authentication (maybe improved later).
- Password are input from the prompt, which won't show in the screen.
Show accounts
sshx list
lists all the accounts in the following format.
name host user via
----- ----- ----- -----
host1 192.168.7.1 root
host2 192.168.7.2 test host1
host3 192.168.7.3 root host2
sshx show
show details for a specified account.
sshx show host1 # Show account info
sshx show host2 -p # Show account info with password
Delete accounts
sshx del
deletes an account.
sshx del host1
Update accounts
sshx update
updates an account.
The supported options are the same with add
command, all the specified fields will be updated.
# change the host1's host field to domain.com
sshx update host1 -H domain.com
# change the host1's password
sshx update host1 -p
# change the host1's identity to identity2
sshx update host1 -i identity2
# change the host1's name to host2
sshx update host1 -n host2
Connect accounts
sshx connect
connect to an account.
# Connect to host1 directly.
sshx connect host1
# Connect to host1 using host2 as jump host.
# If the host1 was originally has an jump host,
# this argument would temporarily override it.
sshx connect host1 -v host2
# Connect to hsot1 using host2 as jump host,
# while the host2 is using host3 as jump host.
sshx connect host1 -v host2,host3
Note that if you use -v
option, all of the accounts'
via field will be ignored.
Create socks5 proxies
sshx socks
creates socks5 proxies.
# create socks proxy on port 1080
sshx socks host1
# create socks proxy on 0.0.0.0:1081
sshx socks host1 -p 0.0.0.0:1081
# create socks proxy with jump host
sshx socks host1 -v host2
# create socks proxy on background
sshx socks host1 -b
Why create socks5 proxies with ssh?
Because it's very simple and safe.
simple
no configurations and installations, all you need is just an ssh serversafe
all traffic will be encrypted by ssh, safer thanshadowsocks
Create port forwardings
sshx forward
creates port fowardings.
sshx forward host1 [-f <map1> [map2]] [-rf <rmap1> [rmap2]] [-v host2[,host3]]
map: [bind_address]:bind_port:remote_address:remote_port
rmap: bind_address:bind_port:local_address:local_port
For example:
# Forward localhost:8888 to 192.168.77.7:80,
# while the host1 is the intermedia server,
# so you must ensure the host1 could dial to 192.168.77.7:80.
sshx forward host1 -f :8888:192.168.77.7:80
# Forward host1:8888 to 192.168.99.9:8888.
# When you access localhost:8000 on host1,
# the connection would be forward to 192.168.99.9:8888,
# while your computer is working as a intermediate server
# so you have to ensure your computer has access to 192.168.99.9:8888.
sshx forward host1 -r :8000:192.168.99.9:8888
- You can use
-f
and-rf
arguments simultaneously. - You can also specify multiple maps after either
-f
or-rf
. - You can use
-v
option to specify jump hosts just as connect.
Copy files
sshx scp/scp2
copy files to/from servers.
# Copy local files to host1
sshx scp <src> host1:<dst>
# Copy remote files from host1 to local
sshx scp host1:<src> <dst>
# Copy local files to host1, using host2 as jump host
sshx scp <src> host1:<dst> -v host2
# Copy remote files to local, using host2 as jump host
# and using host3 as host2's jump host.
sshx scp host1:<src> <dst> -v host2,host3
sshx scp2
has same usage with sshx scp
, but different underlying. On some platform with old version of openssh-clients (including ssh
, scp
), -J
or -oProxyJump
may not be supported, sshx scp
doesn't work. sshx scp2
works on both old version and new version of openssh-clients, because it creates port forwarding with jump hosts, and call scp
without ProxyJump
option.
TODO:
# Copy remote files from host1 to host2
sshx scp host1:<src> host2:<dst>
Execute command
sshx exec
execute an remote command.
# Execute `ls -al` on host1
sshx exec host1 -- ls -al
# Execute an command with tty
sshx exec host1 --tty -- /bin/bash
# Execute an command on host1 via host2
sshx exec -v host2 host1 -- ls -al
The arguments after --
is the commandline to be executed remotely.
Global Arguments
-d, --debug
--interval INTEGER RANGE ServerAliveInterval for ssh_config.
--countmax INTEGER RANGE ServerAliveCountMax for ssh_config.
--forever Keep ssh connection forever.
--retry RETRY Reconnect after connection closed, repeat
for retry times. Supported values are
"always" or non negative integer. If retry
was enabled, --interval must be greater than
0.
--retry-interval INTEGER RANGE Sleep seconds before every retry.
--retry
and --retry-interval
can only be used for connect
, forward
, socks
and exec
commands.
Create a socks5 proxy and always reconnect immediately when the connection was closed.
sshx --interval 1 --countmax 1 --retry always socks host1
Create a socks5 proxy and always reconnect after 5s when the connection was closed.
sshx --interval 1 --countmax 1 --retry always --retry-interval 5 socks host1
Create a socks5 proxy and reconnect for 5 times when the connection was close.
sshx --interval 1 --countmax 1 --retry 5 socks host1
Create a ssh connection and set the ServerAlive options. The following options make the ssh client sends a keepalive probe to server after no data was transfered for 30s and after probing for 60 times the connection would be closed (idle for 1800s).
sshx --interval 30 --countmax 60 connect host1
--forever
option is an alias for --interval 60 --countmax 52560000
, which means the ssh connection would be closed after idle for 100 years (long enough :). You can also set a value longer than --forever
.
Security option
The default initialization would randomly generate a passphrase to encrypt the passwords, but the passphrase is also stored in config file. It's easy to decrypt the passwords if someone got the config file. That's the default security strategy, which assume you would protect your config file.
The security option is to ask user to set a passphrase and ask for the passphrase from the prompt to decrypt the passwords. The passphrase won't be stored in config file while a hash of it will be stored to verify the passphrase.
If you need more ensurance the security of the passwords even if the config file was revealed, please enable the security option.
Enable security option during initialization:
sshx init --security
It will ask you the passphrase from the prompt.
Enable security option for an existing config:
sshx config --security-on
After you enable the security option, sshx
would ask the passphrase from the prompt every time you access the passwords of the account, such as sshx show -p
and sshx connect
.
You can change the passphrase with the following command:
sshx config --chphrase
Test
python setup.py test
Changelog
pip install auto-changelog # npm install -g auto-changelog
auto-changelog --latest-version <version>
Changelog
0.27.1
New Features
- add --forever option to keep ssh connection alive forever
- add socks via
- add daemonize for running in background
- add security option
Fixes
- set expect() to never timeout for foreground
- fix timeout of forward & socks
- fix scp with jump and add tests
- fix local variable 'p' referenced before assignment
0.23.1
Fixes
- fix password echo when network is bad
0.23.0
New Features
- add order for click commands
- add click cli
Fixes
- fix tests
- fix expecting and interact
- fix password revealing when reconnecting failed
0.21.9
New Features
- add keep alive & retry config
- add -b/--background for forward & socks command
Fixes
- handle_update
0.19.8
New Features
- add sort and reverse for command list
- add command exec
Fixes
- (update): fix rename account
- fix find_vias
- fix update error
0.17.5
New Features
- add socks command
- add debug switch
- add command show
Fixes
- fix unittest
- fix uploading failure on OSX
0.4.3
New Features
- remove python 2 support
0.3.1
New Features
- add logging
Fixes
- remove prints
0.3.0
New Features
- add scp via multiple jump hosts
- add connect via multiple jump hosts
- add jump host for scp
- add scp command
- forward without a shell
- add sshx forward command
Fixes
- fix tests.test_connect
0.2.1
New Features
- add via argument for connect
0.2.0
New Features
- add jump host in command line
- add jump connection for pexpect
Fixes
- fix jump connection error
0.1.0
New Features
- Add test for add command's abbreviation
- Add abbrev syntax for add command
- Add auto-adjust window size
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for sshx-0.27.1-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5e00d40e9238c296086e9cfa3aec24991567a12c738c1ba0d206c769bca5790a |
|
MD5 | d988b77e76269ce81badd5cf7cbce810 |
|
BLAKE2b-256 | fa9f59500406babe4f0de05edb16fc18fa67a19dbb3c965433a6cd72161ff1b5 |