Looking for an example to load/use a public ssh key with pysftp

Question

I am working on a script in python using pysftp to establish an sftp connection. This script will run in Windows (Server 2012R2). The version of pysftp I have installed requires a host key, so I contacted my vendor and have acquired the public key from them. What I can't figure out is how to use this public key in my pysftp connection. I understand in pysftp 0.2.9 there is a new property (remote_server_key) but I can't find any examples of how to use it, and I can't use cnopts.hostkeys = none

Does anyone have an example of how to use/integrate a specific public key for the sftp server/host?

Please note this is not about the private key/public pair for my connection (I have those keys and they work fine) - this is about the host's public key.

Yes, I posted the "answer" workaround below. Hope that helps you! — Michael Linde, Apr 12 '17 at 19:24

score 3 · Answer 1 · answered Aug 13 '20 at 08:36

Please note that the .pem file format should be like the below one (I generated it via puttygen)

-----BEGIN RSA PRIVATE KEY-----
MIIEog***********************************************
*****************************************************
-----END RSA PRIVATE KEY-----

Use the below code to perform the transfer.

import pysftp
hostname = 's-ad7**********.server.transfer.us-east-1.amazonaws.com'
username = '***'
path = 'C:\\keys\\<your_private_key_file>.pem'
def sftptransfer():
    cnopts = pysftp.CnOpts()
    cnopts.hostkeys = None  
    with pysftp.Connection(hostname, username=username, private_key=path, cnopts=cnopts) as sftp:
        sftp.put('<path of input file>', '<target directory path>') # target dirctory path is optional
        sftp.close()

sftptransfer()

score 1 · Answer 2 · edited Sep 13 '19 at 15:18

1

Ok, so I'm going to "answer" this with a workaround. What I ended up doing was creating the equivalent of the known_hosts file in the "expected" location for paramiko/pysftp.

First you generate a known_hosts file. The simple parameters are the FQDN (or IPaddress) of the sftp host and the public key of the server you are connecting to.

Example:

sftp.myserver.com ssh-rsa AAB3nzawerdvDLGiyasdf...

Once you have that file created (and named known_hosts) use an elevated command prompt or powershell session to create a .ssh directory at the root of the home directory of the user who will be running the script.

cd c:\Users\serviceaccount

md .ssh

Then copy the known_hosts file into that directory.

Now set up your pysftp session:

import pysftp
cnopts = pysftp.CnOpts()
sftpConnect = pysftp.Connection(host="sftp.myserver.com", username="myusername", private_key="c:\\path\to\my\openssh.key", private_key_pass="randompassword", port=22, cnopts=cnopts)

That worked for me just now.

edited Sep 13 '19 at 15:18

imTachu

3,759
4
29
56

answered Apr 12 '17 at 19:23

Michael Linde

51
1
1
6

Where do you get the `private_key_pass` variable from? I'm assuming you're using the public ssh key provided by the host. – Alex F Apr 12 '17 at 19:53
I used putty keygen to generate the public/private key pair and shared the public key to the recipient. – Michael Linde Oct 30 '17 at 21:41
@AlexF If the key was created with a password you'll need to provide that password as `private_key_pass`. Your key might not have a password in which case you can just pass the path to the key. – Mike Davlantes Aug 21 '20 at 17:56

Looking for an example to load/use a public ssh key with pysftp

2 Answers2