Status of PySecure

A couple of months ago, I was looking for a Python SSH/SFTP solution. The only one that turned up and had some credibility was Paramiko. It’s pure Python, and reliable. It works great, but it hasn’t moved beyond RSA and DSA keys. This proved a problem with OpenSSH’s default now being ECDSA.

I spent some time getting into ECDSA so that I could extend Paramiko to include it. I was either going to integrate python-ecdsa or resign myself to compromising the pure-Python nature of Paramiko and calling OpenSSL. However, right as I got to this point, I thought of libssh, and, sure enough, it [allegedly] supports ECDSA as of recently. I immediately began to write a Python library to make the whole process elegant and clean.

We’re nearing completion (see PySecure). It’s easy to connect to a host via password or key. Some of the available and tested features:

  • Local and reverse port forwarding
  • Open a remote shell
  • Enumerate remote files with SFTP.
  • Manipulate a file. This object has all of the standard filesystem functions, and is also a full “file-like” object. It can be read and written like any other file.
  • Remote filesystem recursion and mirroring.

I love the last feature.

I’m currently working on the X11-forwarding, but it requires some back-and-forth with the libssh developers. It also turns out that their EC support might need some debugging. It looks like they’re actively working on it. They’ve been very responsive.