2010-10-30

pysshsftp: proof-of-concept SFTP client for Unix which uses the OpenSSH ssh(1) command-line tool

This blog post is an announcement for pysshsftp, a proof-of-concept, educational SFTP client for Unix, which uses the OpenSSH ssh(1) command-line tool (for establishing the secure connection), but it doesn't use the sftp(1) command-line tool (so it can e.g. upload files without truncating them first).

Only very little part of the SFTP protocol has been implemented so far (initialization, uploading, and stat()ting files). The SFTP protocol was reverse-engineered from sftp-client.c in the OpenSSH 5.1 source code.

The motivation behind writing pysshsftp was to have an SFTP client which

  • supports uploading files without truncating them (the OpenSSH sftp(1) always truncates the file before uplading data bytes);
  • can be easily scripted from Python;
  • uses the OpenSSH(1) command-line tool for establishing the secure connection (other Python libraries like pysftp and paramiko can't use the user's public key configuration properly by default: they don't support passphrase reading for passphrase-protected keys, they don't support reading keys from ssh-agent, and they don't support reading ~/.ssh/id_rsa and ~/.ssh/id_dsa exactly the same way as OpenSSH uses them).

3 comments:

Jean-Paul Calderone said...

Hi,

Have you looked at Twisted Conch at all? I think it meets all of your requirements. It's a little hairy to use right now, but that's mainly because it's only about 3/4ths finished - if someone with a real interest in SSH were to spend some time polishing it, it could be a very nice library. Want to give it a go? :)

OmahaPythonUsersGroup said...

Patches are always welcome at pysftp.

pts said...

@Jean-Paul Calderone: Thanks for mentioning Twisted Conch. It can be a good choice for some requirements, but it fails to meet my requirement of using the ssh(1) command-line tool (for full compatibility with the user's ~/.ssh/* ).

@OmahaPythonUsersGroup: The fundamental design difference between pysftp and pysshsftp is that pysshsftp uses the ssh(1) command-line tool. If pysftp had that feature is well, pysshsftp would become unnecessary (except for its educational value). Sorry, I can't volunteer for adding the ssh(1) feature to pysftp.