Changelog¶
Next 3.x bugfix release
[Bug]: Check for
None
transport members insideChannel
when closing the channel; this likely doesn’t come up much in the real world, but was causing warnings in the test suite.[Support] #2178: Apply
codespell
to the codebase, which found a lot of very old minor spelling mistakes in docstrings. Also modernize many instances of*largs
vs*args
and**kwarg
vs**kwargs
. Patch courtesy of Yaroslav Halchenko, with review from Brian Skinn.
3.5.0 2024-09-15
[Feature] #982: (via #2444, which was a rebase of #2157) Add support for AES-GCM encryption ciphers (128 and 256 bit variants). Thanks to Alex Gaynor for the report (& for cryptography review), Shen Cheng for the original PR, and Chris Mason for the updated PR; plus as usual to everyone who tested the patches and reported their results!
This functionality has been tested in client mode against OpenSSH 9.0, 9.2, and 9.6, as well as against a number of proprietary appliance SSH servers.
3.4.1 2024-08-11
[Bug] #2353: Fix a 64-bit-ism in the test suite so the tests don’t encounter a false negative on 32-bit systems. Reported by Stanislav Levin.
[Bug] #2420: Modify a test-harness skiptest check to work with newer versions of Cryptography. Props to Paul Howarth for the patch.
[Bug] #2419: (fixed in #2421) Massage our import of the TripleDES cipher to support Cryptography >=43; this should prevent
CryptographyDeprecationWarning
from appearing upon import. Thanks to Erick Alejo for the report and Bryan Banda for the patch.
3.3.2 2024-08-11
[Bug] #2353: Fix a 64-bit-ism in the test suite so the tests don’t encounter a false negative on 32-bit systems. Reported by Stanislav Levin.
[Bug] #2420: Modify a test-harness skiptest check to work with newer versions of Cryptography. Props to Paul Howarth for the patch.
[Bug] #2419: (fixed in #2421) Massage our import of the TripleDES cipher to support Cryptography >=43; this should prevent
CryptographyDeprecationWarning
from appearing upon import. Thanks to Erick Alejo for the report and Bryan Banda for the patch.
3.4.0 2023-12-18
[Feature]:
Transport
grew a newpacketizer_class
kwarg for overriding the packet-handler class used internally. Mostly for testing, but advanced users may find this useful when doing deep hacks.[Bug]: Tweak
ext-info-(c|s)
detection during KEXINIT protocol phase; the original implementation made assumptions based on an OpenSSH implementation detail.[Bug]: Address CVE 2023-48795 (aka the “Terrapin Attack”, a vulnerability found in the SSH protocol re: treatment of packet sequence numbers) as follows:
The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko currently only implements
hmac-sha2-(256|512)-etm
in tandem withAES-CBC
. If you are unable to upgrade to Paramiko versions containing the below fixes right away, you may instead use thedisabled_algorithms
connection option to disable the ETM MACs and/or the CBC ciphers (this option is present in Paramiko >=2.6).As the fix for the vulnerability requires both ends of the connection to cooperate, the below changes will only take effect when the remote end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode, as of this patch version) and configured to use the new “strict kex” mode. Paramiko will always attempt to use “strict kex” mode if offered by the server, unless you override this by specifying
strict_kex=False
inTransport.__init__
.Paramiko will now raise an
SSHException
subclass (MessageOrderError
) when protocol messages are received in unexpected order. This includes situations like receivingMSG_DEBUG
orMSG_IGNORE
during initial key exchange, which are no longer allowed during strict mode.Key (re)negotiation – i.e.
MSG_NEWKEYS
, whenever it is encountered – now resets packet sequence numbers. (This should be invisible to users during normal operation, only causing exceptions if the exploit is encountered, which will usually result in, again,MessageOrderError
.)Sequence number rollover will now raise
SSHException
if it occurs during initial key exchange (regardless of strict mode status).
Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk for submitting details on the CVE prior to release.
3.3.1 2023-07-28
[Bug]: Cleaned up some very old root level files, mostly just to exercise some of our doc build and release machinery. This changelog entry intentionally left blank!
nothing-to-see-here-move-along.gif
3.3.0 2023-07-28
[Feature] #2058: (solves #1587 and possibly others) Add an explicit
max_concurrent_prefetch_requests
argument toparamiko.client.SSHClient.get
andparamiko.client.SSHClient.getfo
, allowing users to limit the number of concurrent requests used during prefetch. Patch by@kschoelhorn
, with a test by@bwinston-sdp
.[Feature] #1907: (solves #1992) Add support and tests for
Match final …
(frequently used in ProxyJump configurations to exclude the jump host) to our SSH config parser. Patch by@commonism
.
3.2.0 2023-05-25
[Feature]:
PKey
grew a new.fingerprint
property which emits a fingerprint string matching the SHA256+Base64 values printed by various OpenSSH tooling (egssh-add -l
,ssh -v
). This is intended to help troubleshoot Paramiko-vs-OpenSSH behavior and will eventually replace the venerableget_fingerprint
method.[Feature]:
PKey
grew a new.algorithm_name
property which displays the key algorithm; this is typically derived from the value ofget_name
. For example, ED25519 keys have aget_name
ofssh-ed25519
(the SSH protocol key type field value), and now have aalgorithm_name
ofED25519
.[Feature]:
PKey
now offers convenience “meta-constructors”, static methods that simplify the process of instantiating the correct subclass for a given key input.For example,
PKey.from_path
can load a file path without knowing a priori what type of key it is (thanks to some handy methods within our cryptography dependency). Going forwards, we expect this to be the primary method of loading keys by user code that runs on “human time” (i.e. where some minor efficiencies are worth the convenience).In addition,
PKey.from_type_string
now exists, and is being used in some internals to load ssh-agent keys.As part of these changes,
PKey
and friends grew anidentifiers
classmethod; this is inspired by thesupported_key_format_identifiers
classmethod (which now refers to the new method.) This also includes adding a.name
attribute to most key classes (which will eventually replace.get_name()
.[Feature]: Enhanced
AgentKey
with new attributes, such as:Added a
comment
attribute (and constructor argument);Agent.get_keys()
now uses this kwarg to store any comment field sent over by the agent. The original version of the agent feature inexplicably did not store the comment anywhere.Agent-derived keys now attempt to instantiate a copy of the appropriate key class for access to other algorithm-specific members (eg key size). This is available as the
.inner_key
attribute.
Note
This functionality is now in use in Fabric’s new
--list-agent-keys
feature, as well as in Paramiko’s debug logging.[Feature] #387: Users of
SSHClient
can now configure the authentication logic Paramiko uses when connecting to servers; this functionality is intended for advanced users and higher-level libraries such as Fabric. Seeauth_strategy
for details.Fabric’s co-temporal release includes a proof-of-concept use of this feature, implementing an auth flow much closer to that of the OpenSSH client (versus Paramiko’s legacy behavior). It is strongly recommended that if this interests you, investigate replacing any direct use of
SSHClient
with Fabric’sConnection
.Warning
This feature is EXPERIMENTAL; please see its docs for details.
[Feature]: Implement
_fields()
onAgentKey
so that it may be compared (via==
) with otherPKey
instances.[Bug]:
AgentKey
had a dangling Python 3 incompatible__str__
method returning bytes. This method has been removed, allowing the superclass’ (PKey
) method to run instead.[Bug] #23: Since its inception, Paramiko has (for reasons lost to time) implemented authentication as a side effect of handling affirmative replies to
MSG_SERVICE_REQUEST
protocol messages. What this means is Paramiko makes one such request before everyMSG_USERAUTH_REQUEST
, i.e. every auth attempt.OpenSSH doesn’t care if clients send multiple service requests, but other server implementations are often stricter in what they accept after an initial service request (due to the RFCs not being clear). This can result in odd behavior when a user doesn’t authenticate successfully on the very first try (for example, when the right key for a target host is the third in one’s ssh-agent).
This version of Paramiko now contains an opt-in
Transport
subclass,ServiceRequestingTransport
, which more-correctly implements service request handling in the Transport, and uses an auth-handler subclass internally which has been similarly adapted. Users wanting to try this new experimental code path may hand this class toSSHClient.connect
as itstransport_factory
kwarg.Warning
This feature is EXPERIMENTAL and its code may be subject to change.
- In addition:
minor backwards incompatible changes exist in the new code paths, most notably the removal of the (inconsistently applied and rarely used)
event
arguments to theauth_xxx
methods.GSSAPI support has only been partially implemented, and is untested.
Note
Some minor backwards-compatible changes were made to the existing Transport and AuthHandler classes to facilitate the new code. For example,
Transport._handler_table
andAuthHandler._client_handler_table
are now properties instead of raw attributes.[Bug] #2012: (also #1961 and countless others) The
server-sig-algs
andRSA-SHA2
features added around Paramiko 2.9 or so, had the annoying side effect of not working with servers that don’t support either of those feature sets, requiring use ofdisabled_algorithms
to forcibly disable the SHA2 algorithms on Paramiko’s end.The experimental
ServiceRequestingTransport
(noted in its own entry in this changelog) includes a fix for this issue, specifically by falling back to the same algorithm as the in-use pubkey if it’s in the algorithm list (leaving the “first algorithm in said list” as an absolute final fallback).[Bug]: Fixed a very sneaky bug found at the apparently rarely-traveled intersection of
RSA-SHA2
keys, certificates, SSH agents, and stricter-than-OpenSSH server targets. This manifested as yet another “well, if we turn off SHA2 at one end or another, everything works again” problem, for example with version 12 of the Teleport server endpoint.This has been fixed; Paramiko tweaked multiple aspects of how it requests agent signatures, and the agent appears to do the right thing now.
Thanks to Ryan Stoner for the bug report and testing.
3.1.0 2023-03-10
[Feature] #2173: Accept single tabs as field separators (in addition to single spaces) in
<paramiko.hostkeys.HostKeyEntry.from_line>
for parity with OpenSSH’s KnownHosts parser. Patched by Alex Chavkin.[Feature] #2013: (solving #2009, plus others) Add an explicit
channel_timeout
keyword argument toparamiko.client.SSHClient.connect
, allowing users to configure the previously-hardcoded default value of 3600 seconds. Thanks to@VakarisZ
and@ilija-lazoroski
for the report and patch, with credit to Mike Salvatore for patch review.[Support] #2178: Apply
codespell
to the codebase, which found a lot of very old minor spelling mistakes in docstrings. Also modernize many instances of*largs
vs*args
and**kwarg
vs**kwargs
. Patch courtesy of Yaroslav Halchenko, with review from Brian Skinn.
3.0.0 2023-01-20
[Bug]: A handful of lower-level classes (notably
paramiko.message.Message
andparamiko.pkey.PKey
) previously returnedbytes
objects from their implementation of__str__
, even under Python 3; and there was never any__bytes__
method.These issues have been fixed by renaming
__str__
to__bytes__
and relying on Python’s default “stringification returns the output of__repr__
” behavior re: any real attempts tostr()
such objects.[Bug] #2165: Streamline some redundant (and costly) byte conversion calls in the packetizer and the core SFTP module. This should lead to some SFTP speedups at the very least. Thanks to Alex Gaynor for the patch.
[Bug] #2110: Remove some unnecessary
__repr__
calls when handling bytes-vs-str conversions. This was apparently doing a lot of unintentional data processing, which adds up in some use cases – such as SFTP transfers, which may now be significantly faster. Kudos to Shuhua Zhong for catch & patch.[Support]: Drop support for Python versions less than 3.6, including Python 2. So long and thanks for all the fish!
Warning
This change is backwards incompatible. However, our packaging metadata has been updated to include
python_requires
, so this should not cause breakage unless you’re on an old installation method that can’t read this metadata.Note
As part of this change, our dependencies have been updated; eg we now require Cryptography>=3.3, up from 2.5.
[Support]: Remove the now irrelevant
paramiko.py3compat
module.Warning
This change is backwards incompatible. Such references should be search-and-replaced with their modern Python 3.6+ equivalents; in some cases, still-useful methods or values have been moved to
paramiko.util
(most) orparamiko.common
(byte_*
).[Support]:
paramiko.common.asbytes
has been moved toparamiko.util.asbytes
.Warning
This change is backwards incompatible if you were directly using this function (which is unlikely).
[Support]:
PKey.__cmp__
has been removed. Ordering-oriented comparison of key files is unlikely to have ever made sense (the old implementation attempted to order by the hashes of the key material) and so we have not bothered setting up__lt__
and friends at this time. The class continues to have its original__eq__
untouched.Warning
This change is backwards incompatible if you were actually trying to sort public key objects (directly or indirectly). Please file bug reports detailing your use case if you have some intractable need for this behavior, and we’ll consider adding back the necessary Python 3 magic methods so that it works as before.
[Support]: The behavior of private key classes’ (ie anything inheriting from
PKey
) private key writing methods used to perform a manual, extrachmod
call after writing. This hasn’t been strictly necessary since the mid 2.x release line (when key writing started giving themode
argument toos.open
), and has now been removed entirely.This should only be observable if you were mocking Paramiko’s system calls during your own testing, or similar.
[Support] #732: (also re: #630)
SSHConfig
used to straight-up delete theproxycommand
key from config lookup results when the source config saidProxyCommand none
. This has been altered to preserve the key and give it the Python valueNone
, thus making the Python representation more in line with the source config file.Warning
This change is backwards incompatible if you were relying on the old (1.x, 2.x) behavior for some reason (eg assuming all
proxycommand
values were valid subcommand strings).[Support]:
paramiko.util.retry_on_signal
(and any internal uses of same, and also any internal retries ofEINTR
on eg socket operations) has been removed. As of Python 3.5, per PEP 475, this functionality (and retryingEINTR
generally) is now part of the standard library.Warning
This change is backwards incompatible if you were explicitly importing/using this particular function. The observable behavior otherwise should not be changing.
2.12.0 2022-11-04
[Feature] #2125: (also re: #2054) Add a
transport_factory
kwarg toSSHClient.connect
for advanced users to gain more control over early Transport setup and manipulation. Thanks to Noah Pederson for the patch.
2.11.1 2022-11-04
[Bug]: bug:
1637
(via #1599) RaiseSSHException
explicitly when blank private key data is loaded, instead of the natural result ofIndexError
. This should help more bits of Paramiko or Paramiko-adjacent codebases to correctly handle this class of error. Credit: Nicholas Dietz.[Bug] #1822: (via, and relating to, far too many other issues to mention here) Update
SSHClient
so it explicitly closes its wrapped socket object upon encountering socket errors at connection time. This should help somewhat with certain classes of memory leaks, resource warnings, and/or errors (though we hasten to remind everyone that Client and Transport have their own.close()
methods for use in non-error situations!). Patch courtesy of@YoavCohen
.
2.10.6 2022-11-04
[Bug]: bug:
1637
(via #1599) RaiseSSHException
explicitly when blank private key data is loaded, instead of the natural result ofIndexError
. This should help more bits of Paramiko or Paramiko-adjacent codebases to correctly handle this class of error. Credit: Nicholas Dietz.[Bug] #1822: (via, and relating to, far too many other issues to mention here) Update
SSHClient
so it explicitly closes its wrapped socket object upon encountering socket errors at connection time. This should help somewhat with certain classes of memory leaks, resource warnings, and/or errors (though we hasten to remind everyone that Client and Transport have their own.close()
methods for use in non-error situations!). Patch courtesy of@YoavCohen
.
2.11.0 2022-05-16
[Feature] #1951: Add SSH config token expansion (eg
%h
,%p
) when parsingProxyJump
directives. Patch courtesy of Bruno Inec.[Support] #2004: (via #2011) Apply unittest
skipIf
to tests currently using SHA1 in their critical path, to avoid failures on systems starting to disable SHA1 outright in their crypto backends (eg RHEL 9). Report & patch via Paul Howarth.[Support] #1838: (via #1870/#2028) Update
camelCase
method calls against thethreading
module to besnake_case
; this and related tweaks should fix some deprecation warnings under Python 3.10. Thanks to Karthikeyan Singaravelan for the report,@Narendra-Neerukonda
for the patch, and to Thomas Grainger and Jun Omae for patch workshopping.[Support] #2038: (via #2039) Recent versions of Cryptography have deprecated Blowfish algorithm support; in lieu of an easy method for users to remove it from the list of algorithms Paramiko tries to import and use, we’ve decided to remove it from our “preferred algorithms” list. This will both discourage use of a weak algorithm, and avoid warnings. Credit for report/patch goes to Mike Roest.
2.10.5 2022-05-16
[Bug] #2008: (via #2010) Windows-native SSH agent support as merged in 2.10 could encounter
Errno 22
OSError
exceptions in some scenarios (eg server not cleanly closing a relevant named pipe). This has been worked around and should be less problematic. Reported by Danilo Campana Fuchs and patched by Jun Omae.[Bug] #2017: OpenSSH 7.7 and older has a bug preventing it from understanding how to perform SHA2 signature verification for RSA certificates (specifically certs - not keys), so when we added SHA2 support it broke all clients using RSA certificates with these servers. This has been fixed in a manner similar to what OpenSSH’s own client does: a version check is performed and the algorithm used is downgraded if needed. Reported by Adarsh Chauhan, with fix suggested by Jun Omae.
[Bug] #1933: Align signature verification algorithm with OpenSSH re: zero-padding signatures which don’t match their nominal size/length. This shouldn’t affect most users, but will help Paramiko-implemented SSH servers handle poorly behaved clients such as PuTTY. Thanks to Jun Omae for catch & patch.
2.9.5 2022-05-16
[Bug] #2008: (via #2010) Windows-native SSH agent support as merged in 2.10 could encounter
Errno 22
OSError
exceptions in some scenarios (eg server not cleanly closing a relevant named pipe). This has been worked around and should be less problematic. Reported by Danilo Campana Fuchs and patched by Jun Omae.[Bug] #2017: OpenSSH 7.7 and older has a bug preventing it from understanding how to perform SHA2 signature verification for RSA certificates (specifically certs - not keys), so when we added SHA2 support it broke all clients using RSA certificates with these servers. This has been fixed in a manner similar to what OpenSSH’s own client does: a version check is performed and the algorithm used is downgraded if needed. Reported by Adarsh Chauhan, with fix suggested by Jun Omae.
[Bug] #1933: Align signature verification algorithm with OpenSSH re: zero-padding signatures which don’t match their nominal size/length. This shouldn’t affect most users, but will help Paramiko-implemented SSH servers handle poorly behaved clients such as PuTTY. Thanks to Jun Omae for catch & patch.
2.10.4 2022-04-25
[Bug] #2035: Servers offering certificate variants of hostkey algorithms (eg
ssh-rsa-cert-v01@openssh.com
) could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part of connection handshaking. This has been fixed.[Bug] #1964: (via #2024 as also reported in #2023)
PKey
instances’__eq__
did not have the usual safety guard in place to ensure they were being compared to anotherPKey
object, causing occasional spuriousBadHostKeyException
(among other things). This has been fixed. Thanks to Shengdun Hua for the original report/patch and to Christopher Papke for the final version of the fix.[Support] #1838: (via #1870/#2028) Update
camelCase
method calls against thethreading
module to besnake_case
; this and related tweaks should fix some deprecation warnings under Python 3.10. Thanks to Karthikeyan Singaravelan for the report,@Narendra-Neerukonda
for the patch, and to Thomas Grainger and Jun Omae for patch workshopping.
2.9.4 2022-04-25
[Bug] #2035: Servers offering certificate variants of hostkey algorithms (eg
ssh-rsa-cert-v01@openssh.com
) could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part of connection handshaking. This has been fixed.[Bug] #1964: (via #2024 as also reported in #2023)
PKey
instances’__eq__
did not have the usual safety guard in place to ensure they were being compared to anotherPKey
object, causing occasional spuriousBadHostKeyException
(among other things). This has been fixed. Thanks to Shengdun Hua for the original report/patch and to Christopher Papke for the final version of the fix.[Support] #1838: (via #1870/#2028) Update
camelCase
method calls against thethreading
module to besnake_case
; this and related tweaks should fix some deprecation warnings under Python 3.10. Thanks to Karthikeyan Singaravelan for the report,@Narendra-Neerukonda
for the patch, and to Thomas Grainger and Jun Omae for patch workshopping.
2.10.3 2022-03-18
[Bug] #2002: (via #2003) Switch from module-global to thread-local storage when recording thread IDs for a logging helper; this should avoid one flavor of memory leak for long-running processes. Catch & patch via Richard Kojedzinszky.
[Bug] #1963: (via #1977) Certificate-based pubkey auth was inadvertently broken when adding SHA2 support; this has been fixed. Reported by Erik Forsberg and fixed by Jun Omae.
2.9.3 2022-03-18
[Bug] #2001: Fix Python 2 compatibility breakage introduced in 2.10.1. Spotted by Christian Hammond.
Warning
This is almost certainly the last time we will fix Python 2 related errors! Please see the roadmap.
[Bug] #2002: (via #2003) Switch from module-global to thread-local storage when recording thread IDs for a logging helper; this should avoid one flavor of memory leak for long-running processes. Catch & patch via Richard Kojedzinszky.
[Bug] #1963: (via #1977) Certificate-based pubkey auth was inadvertently broken when adding SHA2 support; this has been fixed. Reported by Erik Forsberg and fixed by Jun Omae.
2.10.2 2022-03-14
[Bug] #2001: Fix Python 2 compatibility breakage introduced in 2.10.1. Spotted by Christian Hammond.
Warning
This is almost certainly the last time we will fix Python 2 related errors! Please see the roadmap.
2.10.1 2022-03-11
[Bug]: (CVE-2022-24302) Creation of new private key files using
PKey
subclasses was subject to a race condition between file creation & mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files.This has been patched by using
os.open
andos.fdopen
to ensure new files are opened with the correct mode immediately. We’ve left the subsequent explicitchmod
in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates.Thanks to Jan Schejbal for the report & feedback on the solution, and to Jeremy Katz at Tidelift for coordinating the disclosure.
2.10.0 2022-03-11
[Feature] #1509: (via #1868, #1837) Add support for OpenSSH’s Windows agent as a fallback when Putty/WinPageant isn’t available or functional. Reported by
@benj56
with patches/PRs from@lewgordon
and Patrick Spendrin.[Feature] #1976: Add support for the
%C
token when parsing SSH config files. Foundational PR submitted by@jbrand42
.[Bug] #892: Significantly speed up low-level read/write actions on
SFTPFile
objects by usingbytearray
/memoryview
. This is unlikely to change anything for users of the higher level methods likeSFTPClient.get
orSFTPClient.getfo
, but users ofSFTPClient.open
will likely see orders of magnitude improvements for files larger than a few megabytes in size.Thanks to
@jkji
for the original report and to Sevastian Tchernov for the patch.[Support] #1985: Add
six
explicitly to install-requires; it snuck into active use at some point but has only been indicated by transitive dependency onbcrypt
until they somewhat-recently dropped it. This will be short-lived until we drop Python 2 support. Thanks to Sondre Lillebø Gundersen for catch & patch.
2.9.2 2022-01-08
[Bug]: Enhanced log output when connecting to servers that do not support
server-sig-algs
extensions, making the new-as-of-2.9 defaulting to SHA2 pubkey algorithms more obvious when it kicks in.[Bug]: Connecting to servers which support
server-sig-algs
but which have no overlap between that list and what a Paramiko client supports, now raise an exception instead of defaulting torsa-sha2-512
(since the use ofserver-sig-algs
allows us to know what the server supports).
2.9.1 2021-12-24
[Bug] #1955: Server-side support for
rsa-sha2-256
andssh-rsa
wasn’t fully operable after 2.9.0’s release (signatures for RSA pubkeys were always run throughrsa-sha2-512
instead). Report and early stab at a fix courtesy of Jun Omae.
2.9.0 2021-12-23
[Feature] #1643: (also #1925, #1644, #1326) Add support for SHA-2 variants of RSA key verification algorithms (as described in RFC 8332) as well as limited SSH extension negotiation (RFC 8308).
Warning
This change is slightly backwards incompatible, insofar as action is required if your target systems do not support either RSA2 or the
server-sig-algs
protocol extension.Specifically, you need to specify
disabled_algorithms={'keys': ['rsa-sha2-256', 'rsa-sha2-512']}
in eitherSSHClient
orTransport
. See below for details on why.How SSH servers/clients decide when and how to use this functionality can be complicated; Paramiko’s support is as follows:
Client verification of server host key during key exchange will now prefer
rsa-sha2-512
,rsa-sha2-256
, and legacyssh-rsa
algorithms, in that order, instead of justssh-rsa
.Note that the preference order of other algorithm families such as
ed25519
andecdsa
has not changed; for example, those two groups are still preferred over RSA.
Server mode will now offer all 3 RSA algorithms for host key verification during key exchange, similar to client mode, if it has been configured with an RSA host key.
Client mode key exchange now sends the
ext-info-c
flag signaling support forMSG_EXT_INFO
, and support for parsing the latter (specifically, itsserver-sig-algs
flag) has been added.Client mode, when performing public key authentication with an RSA key or cert, will act as follows:
In all cases, the list of algorithms to consider is based on the new
preferred_pubkeys
list (see below) anddisabled_algorithms
(specifically, itspubkeys
key); this list, like with host keys, prefers SHA2-512, SHA2-256 and SHA1, in that order.When the server does not send
server-sig-algs
, Paramiko will attempt the first algorithm in the above list. Clients connecting to legacy servers should thus usedisabled_algorithms
to turn off SHA2.When the server does send
server-sig-algs
, the first algorithm supported by both ends is used, or if there is none, it falls back to the previous behavior.
SSH agent support grew the ability to specify algorithm flags when requesting private key signatures; this is now used to forward SHA2 algorithms when appropriate.
Server mode is now capable of pubkey auth involving SHA-2 signatures from clients, provided one’s server implementation actually provides for doing so.
This includes basic support for sending
MSG_EXT_INFO
(containingserver-sig-algs
only) to clients advertisingext-info-c
in their key exchange list.
In order to implement the above, the following API additions were made:
PKey.sign_ssh_data
: Grew an extra, optionalalgorithm
keyword argument (defaulting toNone
for most subclasses, and to"ssh-rsa"
forRSAKey
).A new
SSHException
subclass was added,IncompatiblePeer
, and is raised in all spots where key exchange aborts due to algorithmic incompatibility.Like all other exceptions in that module, it inherits from
SSHException
, and as we did not change anything else about the raising (i.e. the attributes and message text are the same) this change is backwards compatible.
Transport
grew a_preferred_pubkeys
attribute and matchingpreferred_pubkeys
property to match the other, kex-focused, such members. This allows client pubkey authentication to honor thedisabled_algorithms
feature.
Thanks to Krisztián Kovács for the report and an early stab at a patch, as well as the numerous users who submitted feedback on the issue, including but not limited to: Christopher Rabotin, Sam Bull, and Manfred Kaiser.
2.8.1 2021-11-28
[Bug]: (also #908) Update
PKey
and subclasses to compare (__eq__
) via direct field/attribute comparison instead of hashing (while retaining the existing behavior of__hash__
via a slight refactor). Big thanks to Josh Snyder and Jun Omae for the reports, and to Josh Snyder for reproduction details & patch.Warning
This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 which is running with
PYTHONHASHSEED=0
) it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key.This could enable attacks such as, but not limited to, the following:
Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim. We see this as the most plausible attack using this flaw.
Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack. This impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques.
[Bug] #1257: (also #1266) Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically
TypeError
and its internalUnsupportedAlgorithm
). These exception classes will now becomeSSHException
instances instead of bubbling up. Thanks to Ignat Semenov for the report and@tylergarcianet
for an early patch.[Bug] #1024: Deleting items from
HostKeys
would incorrectly raiseKeyError
even for valid keys, due to a logic bug. This has been fixed. Report & patch credit: Jia Zhang.[Bug] #985: (via #992) Fix listdir failure when server uses a locale. Now on Python 2.7
SFTPAttributes
will decode abbreviated month names correctly rather than raiseUnicodeDecodeError`
. Patch courtesy of Martin Packman.
2.8.0 2021-10-09
[Feature] #1846: Add a
prefetch
keyword argument toSFTPClient.get
/SFTPClient.getfo
so users who need to skip SFTP prefetching are able to conditionally turn it off. Thanks to Github user@h3ll0r
for the PR.[Bug] #1462: (via #1882) Newer server-side key exchange algorithms not intended to use SHA1 (
diffie-hellman-group14-sha256
,diffie-hellman-group16-sha512
) were incorrectly using SHA1 after all, due to a bug causing them to ignore thehash_algo
class attribute. This has been corrected. Big thanks to@miverson
for the report and to Benno Rice for the patch.[Support] #1722: Remove leading whitespace from OpenSSH RSA test suite static key fixture, to conform better to spec. Credit: Alex Gaynor.
[Support] #1727: Add missing test suite fixtures directory to MANIFEST.in, reinstating the ability to run Paramiko’s tests from an sdist tarball. Thanks to Sandro Tosi for reporting the issue and to Blazej Michalik for the PR.
[Support]: Update our CI to catch issues with sdist generation, installation and testing.
[Support]: Administrivia overhaul, including but not limited to:
Migrate CI to CircleCI
Primary dev branch is now
main
(renamed)Many README edits for clarity, modernization etc; including a bunch more (and consistent) status badges & unification with main project site index
PyPI page much more fleshed out (long_description is now filled in with the README; sidebar links expanded; etc)
flake8, pytest configs split out of setup.cfg into their own files
Invoke/invocations (used by maintainers/contributors) upgraded to modern versions
2.7.2 2020-08-30
[Bug] #1723: Fix incorrectly swapped order of
p
andq
numbers when loading OpenSSH-format RSA private keys. At minimum this should address a slowdown when using such keys, and it also means Paramiko works with Cryptography 3.1 and above (which complains strenuously when this problem appears). Thanks to Alex Gaynor for the patch.[Bug]: Fix incorrect string formatting causing unhelpful error message annotation when using Kerberos/GSSAPI. (Thanks, newer version of flake8!)
[Support] #1722: Remove leading whitespace from OpenSSH RSA test suite static key fixture, to conform better to spec. Credit: Alex Gaynor.
[Support] #1727: Add missing test suite fixtures directory to MANIFEST.in, reinstating the ability to run Paramiko’s tests from an sdist tarball. Thanks to Sandro Tosi for reporting the issue and to Blazej Michalik for the PR.
[Support]: Update our CI to catch issues with sdist generation, installation and testing.
2.7.1 2019-12-09
[Bug] #1565: (via #1566) Fix a bug in support for ECDSA keys under the newly supported OpenSSH key format. Thanks to Pierce Lopez for the patch.
[Bug] #1567: The new-style private key format (added in 2.7) suffered from an unpadding bug which had been fixed earlier for Ed25519 (as that key type has always used the newer format). That fix has been refactored and applied to the base key class, courtesy of Pierce Lopez.
2.7.0 2019-12-03
[Feature]: Add new convenience classmethod constructors to
SSHConfig
:from_text
,from_file
, andfrom_path
. No more annoying two-step process![Feature] #897: Implement most ‘canonical hostname’
ssh_config
functionality (CanonicalizeHostname
,CanonicalDomains
,CanonicalizeFallbackLocal
, andCanonicalizeMaxDots
;CanonicalizePermittedCNAMEs
has not yet been implemented). All were previously silently ignored. Reported by Michael Leinartas.[Feature] #717: Implement support for the
Match
keyword inssh_config
files. Previously, this keyword was simply ignored & keywords inside such blocks were treated as if they were part of the previous block. Thanks to Michael Leinartas for the initial patchset.Note
This feature adds a new optional install dependency, Invoke, for managing
Match exec
subprocesses.[Feature]: A couple of outright
SSHConfig
parse errors were previously represented as vanillaException
instances; as part of recent feature work a more specific exception class,ConfigParseError
, has been created. It is now also used in those older spots, which is naturally backwards compatible.[Feature] #602: (via #1343, #1313, #618) Implement support for OpenSSH 6.5-style private key files (typically denoted as having
BEGIN OPENSSH PRIVATE KEY
headers instead of PEM format’sBEGIN RSA PRIVATE KEY
or similar). If you were getting any sort of weird auth error from “modern” keys generated on newer operating system releases (such as macOS Mojave), this is the first update to try.Major thanks to everyone who contributed or tested versions of the patch, including but not limited to: Kevin Abel, Michiel Tiller, Pierce Lopez, and Jared Hobbs.
[Bug]: Perform deduplication of
IdentityFile
contents duringssh_config
parsing; previously, if your config would result in the same value being encountered more than once,IdentityFile
would contain that many copies of the same string.[Bug]: Paramiko’s use of
subprocess
forProxyCommand
support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine. However, any resultingImportError
was lost instead of preserved for raising (in the rare cases where a user tried leveragingProxyCommand
in such an environment). This has been fixed.[Bug]:
ssh_config
token expansion used a different method of determining the local username ($USER
env var), compared to what the (much older) client connection code does (getpass.getuser
, which includes$USER
but may check other variables first, and is generally much more comprehensive). Both modules now usegetpass.getuser
.[Support]: Explicitly document which ssh_config features we currently support. Previously users just had to guess, which is simply no good.
[Support]: Additional installation
extras_require
“flavors” (ed25519
,invoke
, andall
) have been added to our packaging metadata; see the install docs for details.
2.6.0 2019-06-23
[Feature] #1463: Add a new keyword argument to
SSHClient.connect
andTransport
,disabled_algorithms
, which allows selectively disabling one or more kex/key/cipher/etc algorithms. This can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko’s own implementation thereof.[Bug] #322:
SSHClient.exec_command
previously returned a naiveChannelFile
object for itsstdin
value; such objects don’t know to properly shut down the remote end’s stdin when they.close()
. This lead to issues (such as hangs) when running remote commands that read from stdin.A new subclass,
ChannelStdinFile
, has been created which closes remote stdin when it itself is closed.exec_command
has been updated to use that class for itsstdin
return value.Thanks to Brandon Rhodes for the report & steps to reproduce.
[Support] #1311: (for #584, replacing #1166) Add backwards-compatible support for the
gssapi
GSSAPI library, as the previous backend (python-gssapi
) has since become defunct. This change also includes tests for the GSSAPI functionality.Big thanks to Anselm Kruis for the patch and to Sebastian Deiß (author of our initial GSSAPI functionality) for review.
Note
This feature also adds
setup.py
‘extras’ support for installing Paramiko asparamiko[gssapi]
, which pulls in the optional dependencies you had to get by hand previously.Note
To be very clear, this patch does not remove support for the older
python-gssapi
library. We may remove that support in a later release, but for now, either library will work. Please upgrade togssapi
when you can, however, aspython-gssapi
is no longer maintained upstream.[Support] #1440: (with initial fixes via #1460) Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some
super()
calls.The definitions of exceptions’
__init__
methods have not changed, nor have any log messages been altered, so this should be backwards compatible for everything except the actual exceptions’__str__()
outputs.Thanks to Fabian Büchler for original report & Pierce Lopez for the foundational patch.
2.5.1 2019-06-23
2.4.3 2019-06-23
[Bug] #1306: (via #1400) Fix Ed25519 key handling so certain key comment lengths don’t cause
SSHException("Invalid key")
(this was technically a bug in how padding, or lack thereof, is calculated/interpreted). Thanks to@parke
for the bug report & Pierce Lopez for the patch.[Support] #1378: Add support for the modern (as of Python 3.3) import location of
MutableMapping
(used in host key management) to avoid the old location becoming deprecated in Python 3.8. Thanks to Josh Karpel for catch & patch.
2.5.0 2019-06-09
[Feature] #1212: Updated
SSHConfig.lookup
so it returns a new, type-casting-friendly dict subclass (SSHConfigDict
) in lieu of dict literals. This ought to be backwards compatible, and allows an easier way to check boolean or int typessh_config
values. Thanks to Chris Rose for the patch.[Feature] #532: (via #1384 and #1258) Add support for Curve25519 key exchange (aka
curve25519-sha256@libssh.org
). Thanks to Alex Gaynor and Dan Fuhry for supplying patches.[Feature] #1233: (also #1229, #1332) Add support for encrypt-then-MAC (ETM) schemes (
hmac-sha2-256-etm@openssh.com
,hmac-sha2-512-etm@openssh.com
) and two newer Diffie-Hellman group key exchange algorithms (group14
, using SHA256; andgroup16
, using SHA512). Patch courtesy of Edgar Sousa.[Support] #1191: Update our install docs with (somewhat) recently added additional dependencies; we previously only required Cryptography, but the docs never got updated after we incurred
bcrypt
andpynacl
requirements for Ed25519 key support.Additionally,
pyasn1
was never actually hard-required; it was necessary during a development branch, and is used by the optional GSSAPI support, but is not required for regular installation. Thus, it has been removed from oursetup.py
and its imports in the GSSAPI code made optional.Credit to
@stevenwinfield
for highlighting the outdated install docs.[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.[Support] #1378: Add support for the modern (as of Python 3.3) import location of
MutableMapping
(used in host key management) to avoid the old location becoming deprecated in Python 3.8. Thanks to Josh Karpel for catch & patch.[Support] #1379: (also #1369) Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API.
This removes a bunch of warnings of the style
CryptographyDeprecationWarning: encode_point has been deprecated on EllipticCurvePublicNumbers and will be removed in a future version. Please use EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed point encoding
and similar, which users who had eventually upgraded to Cryptography 2.x would encounter.Warning
This change is backwards incompatible if you are unable to upgrade your version of Cryptography. Please see Cryptography’s own changelog for details on what may change when you upgrade; for the most part the only changes involved dropping older Python versions (such as 2.6, 3.3, or some PyPy editions) which Paramiko itself has already dropped.
2.4.2 2018-09-18
[Bug] #1283: Fix exploit (CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.
Specifically, steps have been taken to start separating client and server related message types in the message handling tables within
Transport
andAuthHandler
; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).Thanks to Daniel Hoffman for the detailed report.
[Bug]: Modify protocol message handling such that
Transport
does not respond toMSG_UNIMPLEMENTED
with its ownMSG_UNIMPLEMENTED
. This behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
2.3.3 2018-09-18
[Bug] #1283: Fix exploit (CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.
Specifically, steps have been taken to start separating client and server related message types in the message handling tables within
Transport
andAuthHandler
; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).Thanks to Daniel Hoffman for the detailed report.
[Bug]: Modify protocol message handling such that
Transport
does not respond toMSG_UNIMPLEMENTED
with its ownMSG_UNIMPLEMENTED
. This behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
2.2.4 2018-09-18
[Bug] #1283: Fix exploit (CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.
Specifically, steps have been taken to start separating client and server related message types in the message handling tables within
Transport
andAuthHandler
; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).Thanks to Daniel Hoffman for the detailed report.
[Bug]: Modify protocol message handling such that
Transport
does not respond toMSG_UNIMPLEMENTED
with its ownMSG_UNIMPLEMENTED
. This behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
2.1.6 2018-09-18
[Bug] #1283: Fix exploit (CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.
Specifically, steps have been taken to start separating client and server related message types in the message handling tables within
Transport
andAuthHandler
; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).Thanks to Daniel Hoffman for the detailed report.
[Bug]: Modify protocol message handling such that
Transport
does not respond toMSG_UNIMPLEMENTED
with its ownMSG_UNIMPLEMENTED
. This behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
2.0.9 2018-09-18
[Bug] #1283: Fix exploit (CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.
Specifically, steps have been taken to start separating client and server related message types in the message handling tables within
Transport
andAuthHandler
; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).Thanks to Daniel Hoffman for the detailed report.
[Bug]: Modify protocol message handling such that
Transport
does not respond toMSG_UNIMPLEMENTED
with its ownMSG_UNIMPLEMENTED
. This behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).[Support] #1262: Add
*.pub
files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
2.4.1 2018-03-12
[Bug] #1039: Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] #1168: Add newer key classes for Ed25519 and ECDSA to
paramiko.__all__
so that code introspecting that attribute, or usingfrom paramiko import *
(such as some IDEs) sees them. Thanks to@patriksevallius
for the patch.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
2.3.2 2018-03-12
[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1039: Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] #1168: Add newer key classes for Ed25519 and ECDSA to
paramiko.__all__
so that code introspecting that attribute, or usingfrom paramiko import *
(such as some IDEs) sees them. Thanks to@patriksevallius
for the patch.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
[Support]: Include LICENSE file in wheel archives.
2.2.3 2018-03-12
[Bug] #1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an
AttributeError
aboutpublic_blob
.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1039: Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] #1168: Add newer key classes for Ed25519 and ECDSA to
paramiko.__all__
so that code introspecting that attribute, or usingfrom paramiko import *
(such as some IDEs) sees them. Thanks to@patriksevallius
for the patch.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
[Support]: Include LICENSE file in wheel archives.
2.1.5 2018-03-12
[Bug] #1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an
AttributeError
aboutpublic_blob
.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1039: Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] #1168: Add newer key classes for Ed25519 and ECDSA to
paramiko.__all__
so that code introspecting that attribute, or usingfrom paramiko import *
(such as some IDEs) sees them. Thanks to@patriksevallius
for the patch.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
[Support]: Include LICENSE file in wheel archives.
2.0.8 2018-03-12
[Bug] #1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an
AttributeError
aboutpublic_blob
.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1039: Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] #1168: Add newer key classes for Ed25519 and ECDSA to
paramiko.__all__
so that code introspecting that attribute, or usingfrom paramiko import *
(such as some IDEs) sees them. Thanks to@patriksevallius
for the patch.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
[Support]: Include LICENSE file in wheel archives.
1.18.5 2018-03-12
[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
1.17.6 2018-03-12
[Bug] #1055: (also #1056, #1057, #1058, #1059) Fix up host-key checking in our GSSAPI support, which was previously using an incorrect API call. Thanks to Anselm Kruis for the patches.
[Bug] #1108: Rename a private method keyword argument (which was named
async
) so that we’re compatible with the upcoming Python 3.7 release (whereasync
is a new keyword.) Thanks to@vEpiphyte
for the report.[Bug] #1175: Fix a security flaw (CVE-2018-7750) in Paramiko’s server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
2.4.0 2017-11-14
[Feature]: Add a new
passphrase
kwarg toSSHClient.connect
so users may disambiguate key-decryption passphrases from password-auth passwords. (This is a backwards compatible change;password
will still pull double duty as a passphrase whenpassphrase
is not given.)[Support] #1070: Drop Python 2.6 and Python 3.3 support; now only 2.7 and 3.4+ are supported. If you’re unable to upgrade from 2.6 or 3.3, please stick to the Paramiko 2.3.x (or below) release lines.
[Support]: Include LICENSE file in wheel archives.
[Support] #1100: Updated the test suite & related docs/metadata/config to be compatible with pytest instead of using the old, custom, crufty unittest-based
test.py
.This includes marking known-slow tests (mostly the SFTP ones) so they can be filtered out by
inv test
’s default behavior; as well as other minor tweaks to test collection and/or display (for example, GSSAPI tests are collected, but skipped, instead of not even being collected by default as intest.py
.)[Support]: Update
tearDown
of client test suite to avoid hangs due to eternally blockingaccept()
calls on the internal server thread (which can occur when test code raises an exception before actually connecting to the server.)
2.3.1 2017-09-22
[Bug] #1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an
AttributeError
aboutpublic_blob
.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.
2.3.0 2017-09-18
[Feature] #1042: (also partially #531) Implement basic client-side certificate authentication (as per the OpenSSH vendor extension.)
The core implementation is
PKey.load_certificate
and its corresponding.public_blob
attribute on key objects, which is honored in the auth and transport modules. Additionally,SSHClient.connect
will now automatically load certificate data alongside private key data when one has appropriately-named cert files (e.g.id_rsa-cert.pub
) - see its docstring for details.Thanks to Jason Rigby for a first draft (#531) and to Paul Kapp for the second draft, upon which the current functionality has been based (with modifications.)
Note
This support is client-focused; Paramiko-driven server code is capable of handling cert-bearing pubkey auth packets, but it does not interpret any cert-specific fields, so the end result is functionally identical to a vanilla pubkey auth process (and thus requires e.g. prepopulated authorized-keys data.) We expect full server-side cert support to follow later.
[Feature] #1013: Added pre-authentication banner support for the server interface (
ServerInterface.get_banner
plus related support inTransport/AuthHandler
.) Patch courtesy of Dennis Kaarsemaker.[Feature] #1026: Update
Ed25519Key
so its constructor offers the samefile_obj
parameter as its sibling key classes. Credit: Michal Kuffa.[Feature] #1063: Add a
gss_trust_dns
option toClient
andTransport
to allow explicitly setting whether or not DNS canonicalization should occur when using GSSAPI. Thanks to Richard E. Silverman for the report & Sebastian Deiß for initial patchset.[Bug] #60: (via #1037) Paramiko originally defaulted to zlib compression level 9 (when one connects with
compression=True
; it defaults to off.) This has been found to be quite wasteful and tends to cause much longer transfers in most cases, than is necessary.OpenSSH defaults to compression level 6, which is a much more reasonable setting (nearly identical compression characteristics but noticeably, sometimes significantly, faster transmission); Paramiko now uses this value instead.
Thanks to Damien Dubé for the report and
@DrNeutron
for investigating & submitting the patch.[Support] #1012: (via #1016) Enhance documentation around the new
SFTP.posix_rename
method so it’s referenced in the ‘standard’rename
method for increased visibility. Thanks to Marius Flage for the report.[Support] #1041: Modify logic around explicit disconnect messages, and unknown-channel situations, so that they rely on centralized shutdown code instead of running their own. This is at worst removing some unnecessary code, and may help with some situations where Paramiko hangs at the end of a session. Thanks to Paul Kapp for the patch.
[Support]: Display exception type and message when logging auth-rejection messages (ones reading
Auth rejected: unsupported or mangled public key
); previously this error case had a bare except and did not display exactly why the key failed. It will now append info such asKeyError: 'some-unknown-type-string'
or similar.[Support]: Ed25519 keys never got proper API documentation support; this has been fixed.
[Support] #979: Update how we use Cryptography’s signature/verification methods so we aren’t relying on a deprecated API. Thanks to Paul Kehrer for the patch.
Warning
This bumps the minimum Cryptography version from 1.1 to 1.5. Such an upgrade should be backwards compatible and easy to do. See their changelog for additional details.
2.2.2 2017-09-18
[Bug] #945: (backport of #910 and re: #865) SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Bug] #1055: (also #1056, #1057, #1058, #1059) Fix up host-key checking in our GSSAPI support, which was previously using an incorrect API call. Thanks to Anselm Kruis for the patches.
[Bug] #1060: Fix key exchange (kex) algorithm list for GSSAPI authentication; previously, the list used solely out-of-date algorithms, and now contains newer ones listed preferentially before the old. Credit: Anselm Kruis.
[Bug] #1061: Clean up GSSAPI authentication procedures so they do not prevent normal fallback to other authentication methods on failure. (In other words, presence of GSSAPI functionality on a target server precluded use of _any_ other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm Kruis.
[Bug] #1065: Add rekeying support to GSSAPI connections, which was erroneously missing. Without this fix, any attempt to renegotiate the transport keys for a
gss-kex
-authedTransport
would cause a MIC failure and terminate the connection. Thanks to Sebastian Deiß and Anselm Kruis for the patch.
2.1.4 2017-09-18
[Bug] #990: The (added in 2.2.0)
bcrypt
dependency should have been on version 3.1.3 or greater (was initially set to 3.0.0 or greater.) Thanks to Paul Howarth for the report.[Bug] #993: Ed25519 host keys were not comparable/hashable, causing an exception if such a key existed in a
known_hosts
file. Thanks to Oleh Prypin for the report and Pierce Lopez for the fix.[Bug] #945: (backport of #910 and re: #865) SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Bug] #1055: (also #1056, #1057, #1058, #1059) Fix up host-key checking in our GSSAPI support, which was previously using an incorrect API call. Thanks to Anselm Kruis for the patches.
[Bug] #1060: Fix key exchange (kex) algorithm list for GSSAPI authentication; previously, the list used solely out-of-date algorithms, and now contains newer ones listed preferentially before the old. Credit: Anselm Kruis.
[Bug] #1061: Clean up GSSAPI authentication procedures so they do not prevent normal fallback to other authentication methods on failure. (In other words, presence of GSSAPI functionality on a target server precluded use of _any_ other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm Kruis.
[Bug] #1065: Add rekeying support to GSSAPI connections, which was erroneously missing. Without this fix, any attempt to renegotiate the transport keys for a
gss-kex
-authedTransport
would cause a MIC failure and terminate the connection. Thanks to Sebastian Deiß and Anselm Kruis for the patch.
2.0.7 2017-09-18
[Bug] #990: The (added in 2.2.0)
bcrypt
dependency should have been on version 3.1.3 or greater (was initially set to 3.0.0 or greater.) Thanks to Paul Howarth for the report.[Bug] #993: Ed25519 host keys were not comparable/hashable, causing an exception if such a key existed in a
known_hosts
file. Thanks to Oleh Prypin for the report and Pierce Lopez for the fix.[Bug] #945: (backport of #910 and re: #865) SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Bug] #1055: (also #1056, #1057, #1058, #1059) Fix up host-key checking in our GSSAPI support, which was previously using an incorrect API call. Thanks to Anselm Kruis for the patches.
[Bug] #1060: Fix key exchange (kex) algorithm list for GSSAPI authentication; previously, the list used solely out-of-date algorithms, and now contains newer ones listed preferentially before the old. Credit: Anselm Kruis.
[Bug] #1061: Clean up GSSAPI authentication procedures so they do not prevent normal fallback to other authentication methods on failure. (In other words, presence of GSSAPI functionality on a target server precluded use of _any_ other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm Kruis.
[Bug] #1065: Add rekeying support to GSSAPI connections, which was erroneously missing. Without this fix, any attempt to renegotiate the transport keys for a
gss-kex
-authedTransport
would cause a MIC failure and terminate the connection. Thanks to Sebastian Deiß and Anselm Kruis for the patch.
1.18.4 2017-09-18
[Bug] #945: (backport of #910 and re: #865) SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Bug] #1055: (also #1056, #1057, #1058, #1059) Fix up host-key checking in our GSSAPI support, which was previously using an incorrect API call. Thanks to Anselm Kruis for the patches.
2.2.1 2017-06-13
[Bug] #990: The (added in 2.2.0)
bcrypt
dependency should have been on version 3.1.3 or greater (was initially set to 3.0.0 or greater.) Thanks to Paul Howarth for the report.[Bug] #993: Ed25519 host keys were not comparable/hashable, causing an exception if such a key existed in a
known_hosts
file. Thanks to Oleh Prypin for the report and Pierce Lopez for the fix.
2.2.0 2017-06-09
[Feature] #325: (via #972) Add Ed25519 support, for both host keys and user authentication. Big thanks to Alex Gaynor for the patch.
Note
This change adds the
bcrypt
andpynacl
Python libraries as dependencies. No C-level dependencies beyond those previously required (for Cryptography) have been added.[Feature] #951: Add support for ECDH key exchange (kex), specifically the algorithms
ecdh-sha2-nistp256
,ecdh-sha2-nistp384
, andecdh-sha2-nistp521
. They now come before the olderdiffie-hellman-*
family of kex algorithms in the preferred-kex list. Thanks to Shashank Veerapaneni for the patch & Pierce Lopez for a follow-up.[Feature] #857: Allow
SSHClient.set_missing_host_key_policy
to accept policy classes _or_ instances, instead of only instances, thus fixing a long-standing gotcha for unaware users.[Feature] #869: Add an
auth_timeout
kwarg toSSHClient.connect
(default: 30s) to avoid hangs when the remote end becomes unresponsive during the authentication step. Credit to@timsavage
.Note
This technically changes behavior, insofar as very slow auth steps >30s will now cause timeout exceptions instead of completing. We doubt most users will notice; those affected can simply give a higher value to
auth_timeout
.[Feature] #65: (via #471) Add support for OpenSSH’s SFTP
posix-rename
protocol extension (section 3.3 of OpenSSH’s protocol extension document), via a newposix_rename
method inSFTPClient
andSFTPServerInterface
. Thanks to Wren Turkal for the initial patch & Mika Pflüger for the enhanced, merged PR.[Support] #866: (also #838) Remove an old test-related file we don’t support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition.
[Support] #974: Overhaul the codebase to be PEP-8, etc, compliant (i.e. passes the maintainer’s preferred flake8 configuration) and add a
flake8
step to the Travis config. Big thanks to Dorian Pula![Support]: A big formatting pass to clean up an enormous number of invalid Sphinx reference links, discovered by switching to a modern, rigorous nitpicking doc-building mode.
[Support] #956: Switch code coverage service from coveralls.io to codecov.io (& then disable the latter’s auto-comments.) Thanks to Nikolai Røed Kristiansen for the patch.
[Support] #921: Tighten up the
__hash__
implementation for various key classes; less code is good code. Thanks to Francisco Couzo for the patch.[Support] #906: Clean up a handful of outdated imports and related tweaks. Thanks to Pierce Lopez.
2.1.3 2017-06-09
[Bug] #683: Make
util.log_to_file
append instead of replace. Thanks to@vlcinsky
for the report.[Bug] #949: SSHClient and Transport could cause a memory leak if there’s a connection problem or protocol error, even if
Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and Pierce Lopez for assistance.[Bug] #794: (via #981) Prior support for
ecdsa-sha2-nistp(384|521)
algorithms didn’t fully extend to covering host keys, preventing connection to hosts which only offer these key types and no others. This is now fixed. Thanks to@ncoult
and@kasdoe
for reports and Pierce Lopez for the patch.[Bug] #900: (via #911) Prefer newer
ecdsa-sha2-nistp
keys over RSA and DSA keys during host key selection. This improves compatibility with OpenSSH, both in terms of general behavior, and also re: ability to properly leverage OpenSSH-modifiedknown_hosts
files. Credit:@kasdoe
for original report/PR and Pierce Lopez for the second draft.[Bug] #667: The RC4/arcfour family of ciphers has been broken since version 2.0; but since the algorithm is now known to be completely insecure, we are opting to remove support outright instead of fixing it. Thanks to Alex Gaynor for catch & patch.
[Bug] #983: Move
sha1
above the now-arguably-brokenmd5
in the list of preferred MAC algorithms, as an incremental security improvement for users whose target systems offer both. Credit: Pierce Lopez.[Bug] #741: (also #809, #772; all via #912) Writing encrypted/password-protected private key files was silently broken since 2.0 due to an incorrect API call; this has been fixed.
Includes a directly related fix, namely adding the ability to read
AES-256-CBC
ciphered private keys (which is now what we tend to write out as it is Cryptography’s default private key cipher.)Thanks to
@virlos
for the original report, Chris Harris and@ibuler
for initial draft PRs, and@jhgorrell
for the final patch.[Bug] #971: Allow any type implementing the buffer API to be used with
BufferedFile
,Channel
, andSFTPFile
. This resolves a regression introduced in 1.13 with the Python 3 porting changes, when using types such asmemoryview
. Credit: Martin Packman.[Bug] #984: Enhance default cipher preference order such that
aes(192|256)-cbc
are preferred overblowfish-cbc
. Thanks to Alex Gaynor.[Bug] #865: SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Support] #974: Overhaul the codebase to be PEP-8, etc, compliant (i.e. passes the maintainer’s preferred flake8 configuration) and add a
flake8
step to the Travis config. Big thanks to Dorian Pula![Support]: A big formatting pass to clean up an enormous number of invalid Sphinx reference links, discovered by switching to a modern, rigorous nitpicking doc-building mode.
[Support] #956: Switch code coverage service from coveralls.io to codecov.io (& then disable the latter’s auto-comments.) Thanks to Nikolai Røed Kristiansen for the patch.
2.0.6 2017-06-09
[Bug] #683: Make
util.log_to_file
append instead of replace. Thanks to@vlcinsky
for the report.[Bug] #949: SSHClient and Transport could cause a memory leak if there’s a connection problem or protocol error, even if
Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and Pierce Lopez for assistance.[Bug] #794: (via #981) Prior support for
ecdsa-sha2-nistp(384|521)
algorithms didn’t fully extend to covering host keys, preventing connection to hosts which only offer these key types and no others. This is now fixed. Thanks to@ncoult
and@kasdoe
for reports and Pierce Lopez for the patch.[Bug] #900: (via #911) Prefer newer
ecdsa-sha2-nistp
keys over RSA and DSA keys during host key selection. This improves compatibility with OpenSSH, both in terms of general behavior, and also re: ability to properly leverage OpenSSH-modifiedknown_hosts
files. Credit:@kasdoe
for original report/PR and Pierce Lopez for the second draft.[Bug] #667: The RC4/arcfour family of ciphers has been broken since version 2.0; but since the algorithm is now known to be completely insecure, we are opting to remove support outright instead of fixing it. Thanks to Alex Gaynor for catch & patch.
[Bug] #983: Move
sha1
above the now-arguably-brokenmd5
in the list of preferred MAC algorithms, as an incremental security improvement for users whose target systems offer both. Credit: Pierce Lopez.[Bug] #741: (also #809, #772; all via #912) Writing encrypted/password-protected private key files was silently broken since 2.0 due to an incorrect API call; this has been fixed.
Includes a directly related fix, namely adding the ability to read
AES-256-CBC
ciphered private keys (which is now what we tend to write out as it is Cryptography’s default private key cipher.)Thanks to
@virlos
for the original report, Chris Harris and@ibuler
for initial draft PRs, and@jhgorrell
for the final patch.[Bug] #971: Allow any type implementing the buffer API to be used with
BufferedFile
,Channel
, andSFTPFile
. This resolves a regression introduced in 1.13 with the Python 3 porting changes, when using types such asmemoryview
. Credit: Martin Packman.[Bug] #984: Enhance default cipher preference order such that
aes(192|256)-cbc
are preferred overblowfish-cbc
. Thanks to Alex Gaynor.[Bug] #865: SSHClient now requests the type of host key it has (e.g. from known_hosts) and does not consider a different type to be a “Missing” host key. This fixes a common case where an ECDSA key is in known_hosts and the server also has an RSA host key. Thanks to Pierce Lopez.
[Support] #974: Overhaul the codebase to be PEP-8, etc, compliant (i.e. passes the maintainer’s preferred flake8 configuration) and add a
flake8
step to the Travis config. Big thanks to Dorian Pula![Support]: A big formatting pass to clean up an enormous number of invalid Sphinx reference links, discovered by switching to a modern, rigorous nitpicking doc-building mode.
[Support] #956: Switch code coverage service from coveralls.io to codecov.io (& then disable the latter’s auto-comments.) Thanks to Nikolai Røed Kristiansen for the patch.
1.18.3 2017-06-09
[Bug] #683: Make
util.log_to_file
append instead of replace. Thanks to@vlcinsky
for the report.[Bug] #949: SSHClient and Transport could cause a memory leak if there’s a connection problem or protocol error, even if
Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and Pierce Lopez for assistance.[Bug] #971: Allow any type implementing the buffer API to be used with
BufferedFile
,Channel
, andSFTPFile
. This resolves a regression introduced in 1.13 with the Python 3 porting changes, when using types such asmemoryview
. Credit: Martin Packman.[Support] #956: Switch code coverage service from coveralls.io to codecov.io (& then disable the latter’s auto-comments.) Thanks to Nikolai Røed Kristiansen for the patch.
1.17.5 2017-06-09
[Bug] #683: Make
util.log_to_file
append instead of replace. Thanks to@vlcinsky
for the report.[Bug] #949: SSHClient and Transport could cause a memory leak if there’s a connection problem or protocol error, even if
Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and Pierce Lopez for assistance.[Bug] #971: Allow any type implementing the buffer API to be used with
BufferedFile
,Channel
, andSFTPFile
. This resolves a regression introduced in 1.13 with the Python 3 porting changes, when using types such asmemoryview
. Credit: Martin Packman.[Support] #956: Switch code coverage service from coveralls.io to codecov.io (& then disable the latter’s auto-comments.) Thanks to Nikolai Røed Kristiansen for the patch.
2.1.2 2017-02-20
[Bug] #895: Fix a bug in server-mode concerning multiple interactive auth steps (which were incorrectly responded to). Thanks to Dennis Kaarsemaker for catch & patch.
[Bug] #44: (via #891)
SSHClient
now gives its internalTransport
a handle on itself, preventing garbage collection of the client until the session is closed. Without this, some code which returns stream or transport objects without the client that generated them, would result in premature session closure when the client was GCd. Credit:@w31rd0
for original report, Omer Anson for the patch.[Bug] #862: (via #863) Avoid test suite exceptions on platforms lacking
errno.ETIME
(which seems to be some FreeBSD and some Windows environments.) Thanks to Sofian Brabez.[Bug] #853: Tweak how
RSAKey.__str__
behaves so it doesn’t causeTypeError
under Python 3. Thanks to Francisco Couzo for the report.[Support] #866: (also #838) Remove an old test-related file we don’t support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition.
2.0.5 2017-02-20
[Bug] #895: Fix a bug in server-mode concerning multiple interactive auth steps (which were incorrectly responded to). Thanks to Dennis Kaarsemaker for catch & patch.
[Bug] #44: (via #891)
SSHClient
now gives its internalTransport
a handle on itself, preventing garbage collection of the client until the session is closed. Without this, some code which returns stream or transport objects without the client that generated them, would result in premature session closure when the client was GCd. Credit:@w31rd0
for original report, Omer Anson for the patch.[Bug] #862: (via #863) Avoid test suite exceptions on platforms lacking
errno.ETIME
(which seems to be some FreeBSD and some Windows environments.) Thanks to Sofian Brabez.[Bug] #853: Tweak how
RSAKey.__str__
behaves so it doesn’t causeTypeError
under Python 3. Thanks to Francisco Couzo for the report.[Support] #866: (also #838) Remove an old test-related file we don’t support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition.
1.18.2 2017-02-20
[Bug] #895: Fix a bug in server-mode concerning multiple interactive auth steps (which were incorrectly responded to). Thanks to Dennis Kaarsemaker for catch & patch.
[Bug] #713: (via #714 and #889) Don’t pass initialization vectors to PyCrypto when dealing with counter-mode ciphers; newer PyCrypto versions throw an exception otherwise (older ones simply ignored this parameter altogether). Thanks to
@jmh045000
for report & patches.[Bug] #44: (via #891)
SSHClient
now gives its internalTransport
a handle on itself, preventing garbage collection of the client until the session is closed. Without this, some code which returns stream or transport objects without the client that generated them, would result in premature session closure when the client was GCd. Credit:@w31rd0
for original report, Omer Anson for the patch.[Bug] #862: (via #863) Avoid test suite exceptions on platforms lacking
errno.ETIME
(which seems to be some FreeBSD and some Windows environments.) Thanks to Sofian Brabez.[Bug] #853: Tweak how
RSAKey.__str__
behaves so it doesn’t causeTypeError
under Python 3. Thanks to Francisco Couzo for the report.[Support] #866: (also #838) Remove an old test-related file we don’t support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition.
1.17.4 2017-02-20
[Bug] #895: Fix a bug in server-mode concerning multiple interactive auth steps (which were incorrectly responded to). Thanks to Dennis Kaarsemaker for catch & patch.
[Bug] #713: (via #714 and #889) Don’t pass initialization vectors to PyCrypto when dealing with counter-mode ciphers; newer PyCrypto versions throw an exception otherwise (older ones simply ignored this parameter altogether). Thanks to
@jmh045000
for report & patches.[Bug] #44: (via #891)
SSHClient
now gives its internalTransport
a handle on itself, preventing garbage collection of the client until the session is closed. Without this, some code which returns stream or transport objects without the client that generated them, would result in premature session closure when the client was GCd. Credit:@w31rd0
for original report, Omer Anson for the patch.[Bug] #862: (via #863) Avoid test suite exceptions on platforms lacking
errno.ETIME
(which seems to be some FreeBSD and some Windows environments.) Thanks to Sofian Brabez.[Bug] #853: Tweak how
RSAKey.__str__
behaves so it doesn’t causeTypeError
under Python 3. Thanks to Francisco Couzo for the report.[Support] #866: (also #838) Remove an old test-related file we don’t support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition.
2.1.1 2016-12-12
[Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to
invoke_shell
to fail withAttributeError
. This has been fixed. Patch credit: Kirk Byers.[Bug]: Accidentally merged the new features from 1.18.0 into the 2.0.x bugfix-only branch. This included merging a bug in one of those new features (breaking
invoke_shell
with anAttributeError
.) The offending code has been stripped out of the 2.0.x line (but of course, remains in 2.1.x and above.)[Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to
invoke_shell
to fail withAttributeError
. This has been fixed. Patch credit: Kirk Byers.
2.0.4 2016-12-12
[Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to
invoke_shell
to fail withAttributeError
. This has been fixed. Patch credit: Kirk Byers.[Bug]: Accidentally merged the new features from 1.18.0 into the 2.0.x bugfix-only branch. This included merging a bug in one of those new features (breaking
invoke_shell
with anAttributeError
.) The offending code has been stripped out of the 2.0.x line (but of course, remains in 2.1.x and above.)[Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to
invoke_shell
to fail withAttributeError
. This has been fixed. Patch credit: Kirk Byers.
1.18.1 2016-12-12
[Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to
invoke_shell
to fail withAttributeError
. This has been fixed. Patch credit: Kirk Byers.
2.1.0 2016-12-09
[Feature] #398: Add an
environment
dict argument toClient.exec_command
(plus the lower levelChannel.update_environment
andChannel.set_environment_variable
methods) which implements theenv
SSH message type. This means the remote shell environment can be set without the use ofVARNAME=value
shell tricks, provided the server’sAcceptEnv
lists the variables you need to set. Thanks to Philip Lorenz for the pull request.[Feature] #780: (also #779, and may help users affected by #520) Add an optional
timeout
parameter toTransport.start_client
(and feed it the value of the configured connection timeout when used withinSSHClient
.) This helps prevent situations where network connectivity isn’t timing out, but the remote server is otherwise unable to service the connection in a timely manner. Credit to@sanseihappa
.[Support] #854: Fix incorrect docstring/param-list for
Transport.auth_gssapi_keyex
so it matches the real signature. Caught by@Score_Under
.[Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
[Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.
2.0.3 2016-12-09
[Bug] #681: Fix a Python3-specific bug re: the handling of read buffers when using
ProxyCommand
. Thanks to Paul Kapp for catch & patch.[Bug] #334: Make the
subprocess
import inproxy.py
lazy so users on platforms without it (such as Google App Engine) can import Paramiko successfully. (Relatedly, make it easier to tweak an active socket check timeout [inTransport
] which was previously hardcoded.) Credit: Shinya Okano.[Bug] #789: Add a missing
.closed
attribute (plus._closed
because reasons) toProxyCommand
so the earlier partial fix for #520 works in situations where one is gatewaying viaProxyCommand
.[Bug] #742: (also re: #559) Catch
AssertionError
thrown by Cryptography when attempting to load bad ECDSA keys, turning it into anSSHException
. This moves the behavior in line with other “bad keys” situations, re: Paramiko’s main auth loop. Thanks to MengHuan Yu for the patch.[Bug] #824: Fix the implementation of
PKey.write_private_key_file
(this method is only publicly defined on subclasses; the fix was in the private real implementation) so it passes the correct params toopen()
. This bug apparently went unnoticed and unfixed for 12 entire years. Congrats to John Villalovos for noticing & submitting the patch![Bug] #802: (via #804) Update our vendored Windows API module to address errors of the form
AttributeError: 'module' object has no attribute 'c_ssize_t'
. Credit to Jason R. Coombs.[Support] #854: Fix incorrect docstring/param-list for
Transport.auth_gssapi_keyex
so it matches the real signature. Caught by@Score_Under
.[Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
[Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.
1.18.0 2016-12-09
[Feature] #398: Add an
environment
dict argument toClient.exec_command
(plus the lower levelChannel.update_environment
andChannel.set_environment_variable
methods) which implements theenv
SSH message type. This means the remote shell environment can be set without the use ofVARNAME=value
shell tricks, provided the server’sAcceptEnv
lists the variables you need to set. Thanks to Philip Lorenz for the pull request.[Feature] #780: (also #779, and may help users affected by #520) Add an optional
timeout
parameter toTransport.start_client
(and feed it the value of the configured connection timeout when used withinSSHClient
.) This helps prevent situations where network connectivity isn’t timing out, but the remote server is otherwise unable to service the connection in a timely manner. Credit to@sanseihappa
.[Support] #819: Document how lacking
gmp
headers at install time can cause a significant performance hit if you build PyCrypto from source. (Most system-distributed packages already have this enabled.)[Support] #854: Fix incorrect docstring/param-list for
Transport.auth_gssapi_keyex
so it matches the real signature. Caught by@Score_Under
.[Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
[Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.
1.17.3 2016-12-09
[Bug] #681: Fix a Python3-specific bug re: the handling of read buffers when using
ProxyCommand
. Thanks to Paul Kapp for catch & patch.[Bug] #334: Make the
subprocess
import inproxy.py
lazy so users on platforms without it (such as Google App Engine) can import Paramiko successfully. (Relatedly, make it easier to tweak an active socket check timeout [inTransport
] which was previously hardcoded.) Credit: Shinya Okano.[Bug] #789: Add a missing
.closed
attribute (plus._closed
because reasons) toProxyCommand
so the earlier partial fix for #520 works in situations where one is gatewaying viaProxyCommand
.[Bug] #824: Fix the implementation of
PKey.write_private_key_file
(this method is only publicly defined on subclasses; the fix was in the private real implementation) so it passes the correct params toopen()
. This bug apparently went unnoticed and unfixed for 12 entire years. Congrats to John Villalovos for noticing & submitting the patch![Bug] #802: (via #804) Update our vendored Windows API module to address errors of the form
AttributeError: 'module' object has no attribute 'c_ssize_t'
. Credit to Jason R. Coombs.[Support] #819: Document how lacking
gmp
headers at install time can cause a significant performance hit if you build PyCrypto from source. (Most system-distributed packages already have this enabled.)[Support] #854: Fix incorrect docstring/param-list for
Transport.auth_gssapi_keyex
so it matches the real signature. Caught by@Score_Under
.[Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
[Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.
2.0.2 2016-07-25
[Bug] #758: Apply type definitions to
_winapi
module from jaraco.windows 3.6.1. This should address issues on Windows platforms that often result in errors likeArgumentError: [...] int too long to convert
. Thanks to@swohlerLL
for the report and Jason R. Coombs for the patch.[Bug] #774: Add a
_closed
private attribute toChannel
objects so that they continue functioning when used as proxy sockets under Python 3 (e.g. asdirect-tcpip
gateways for other Paramiko connections.)[Bug] #673: (via #681) Fix protocol banner read errors (
SSHException
) which would occasionally pop up when usingProxyCommand
gatewaying. Thanks to@Depado
for the initial report and Paul Kapp for the fix.
1.17.2 2016-07-25
[Bug] #758: Apply type definitions to
_winapi
module from jaraco.windows 3.6.1. This should address issues on Windows platforms that often result in errors likeArgumentError: [...] int too long to convert
. Thanks to@swohlerLL
for the report and Jason R. Coombs for the patch.[Bug] #774: Add a
_closed
private attribute toChannel
objects so that they continue functioning when used as proxy sockets under Python 3 (e.g. asdirect-tcpip
gateways for other Paramiko connections.)[Bug] #673: (via #681) Fix protocol banner read errors (
SSHException
) which would occasionally pop up when usingProxyCommand
gatewaying. Thanks to@Depado
for the initial report and Paul Kapp for the fix.
1.16.3 2016-07-25
[Bug] #758: Apply type definitions to
_winapi
module from jaraco.windows 3.6.1. This should address issues on Windows platforms that often result in errors likeArgumentError: [...] int too long to convert
. Thanks to@swohlerLL
for the report and Jason R. Coombs for the patch.[Bug] #774: Add a
_closed
private attribute toChannel
objects so that they continue functioning when used as proxy sockets under Python 3 (e.g. asdirect-tcpip
gateways for other Paramiko connections.)[Bug] #673: (via #681) Fix protocol banner read errors (
SSHException
) which would occasionally pop up when usingProxyCommand
gatewaying. Thanks to@Depado
for the initial report and Paul Kapp for the fix.
2.0.1 2016-06-21
[Bug] #537: Fix a bug in
BufferedPipe.set_event
which could cause deadlocks/hangs when one usesselect.select
againstChannel
objects (or otherwise callsChannel.fileno
after the channel has closed). Thanks to Przemysław Strzelczak for the report & reproduction case, and to Krzysztof Rusek for the fix.[Bug] #520: (Partial fix) Fix at least one instance of race condition driven threading hangs at end of the Python interpreter session. (Includes a docs update as well - always make sure to
.close()
your clients!)
1.17.1 2016-06-21
[Bug] #537: Fix a bug in
BufferedPipe.set_event
which could cause deadlocks/hangs when one usesselect.select
againstChannel
objects (or otherwise callsChannel.fileno
after the channel has closed). Thanks to Przemysław Strzelczak for the report & reproduction case, and to Krzysztof Rusek for the fix.[Bug] #520: (Partial fix) Fix at least one instance of race condition driven threading hangs at end of the Python interpreter session. (Includes a docs update as well - always make sure to
.close()
your clients!)
1.16.2 2016-06-21
[Bug] #537: Fix a bug in
BufferedPipe.set_event
which could cause deadlocks/hangs when one usesselect.select
againstChannel
objects (or otherwise callsChannel.fileno
after the channel has closed). Thanks to Przemysław Strzelczak for the report & reproduction case, and to Krzysztof Rusek for the fix.[Bug] #520: (Partial fix) Fix at least one instance of race condition driven threading hangs at end of the Python interpreter session. (Includes a docs update as well - always make sure to
.close()
your clients!)
2.0.0 2016-04-28
[Feature] #394: Replace PyCrypto with the Python Cryptographic Authority (PyCA) ‘Cryptography’ library suite. This improves security, installability, and performance; adds PyPy support; and much more.
There aren’t enough ways to thank Alex Gaynor for all of his work on this, and then his patience while the maintainer let his PR grow moss for a year and change. Paul Kehrer came in with an assist, and I think I saw Olle Lundberg,
@techtonik
and@johnthagen
supplying backup as well. Thanks to all!Warning
This is a backwards incompatible change.
However, it should only affect installation requirements; no API changes are intended or expected. Please report any such breakages as bugs.
See our updated installation docs for details on what is now required to install Paramiko; many/most users should be able to simply
pip install -U paramiko
(especially if you upgrade to pip 8).[Feature] #731: (working off the earlier #611) Add support for 384- and 512-bit elliptic curve groups in ECDSA key types (aka
ecdsa-sha2-nistp384
/ecdsa-sha2-nistp521
). Thanks to Michiel Tiller and@CrazyCasta
for the patches.
1.17.0 2016-04-28
[Feature] #588: Add missing file-like object methods for
BufferedFile
andSFTPFile
. Thanks to Adam Meily for the patch.[Bug] #649: Update the module in charge of handling SSH moduli so it’s consistent with OpenSSH behavior re: prime number selection. Thanks to Damien Tournoud for catch & patch.
[Support] #636: Clean up and enhance the README (and rename it to
README.rst
from justREADME
). Thanks to@LucasRMehl
.[Support] #697: Remove whitespace in our
setup.py
’sinstall_requires
as it triggers occasional bugs in some versions ofsetuptools
. Thanks to Justin Lecher for catch & original patch.[Support] #612: Identify & work around a race condition in the test for handshake timeouts, which was causing frequent test failures for a subset of contributors as well as Travis-CI (usually, but not always, limited to Python 3.5). Props to Ed Kellett for assistance during some of the troubleshooting.
[Support] #621: Annotate some public attributes on
Channel
such as.closed
. Thanks to Sergey Vasilyev for the report.[Support] #729: Clean up
setup.py
to always usesetuptools
, not doing so was a historical artifact from bygone days. Thanks to Alex Gaynor.
1.16.1 2016-04-28
[Bug] #652: Fix behavior of
gssapi-with-mic
auth requests so they fail gracefully (allowing followup via other auth methods) instead of raising an exception. Patch courtesy of@jamercee
.[Bug] #499: Strip trailing/leading whitespace from lines when parsing SSH config files - this brings things in line with OpenSSH behavior. Thanks to Alfredo Esteban for the original report and Nick Pillitteri for the patch.
[Bug] #632: Fix logic bug in the SFTP client’s callback-calling functionality; previously there was a chance the given callback would fire twice at the end of a transfer. Thanks to
@ab9-er
for catch & original patch.[Bug] #613: (via #619) Update to
jaraco.windows
3.4.1 to fix some errors related toctypes
on Windows platforms. Credit to Jason R. Coombs.[Bug] #617: (aka fabric/fabric#1429; via #679; related: #678, #685, #615 & #616) Fix up
NoValidConnectionsError
so it pickles correctly, and fix a related Python 3 compatibility issue. Thanks to Rebecca Schlussel for the report & Marius Gedminas for the patch.[Bug] #716: Fix a Python 3 compatibility issue when handling two-factor authentication. Thanks to Mateusz Kowalski for the catch & original patch.
[Bug] #577: (via #578; should also fix #718, #560) Fix stalled/hung SFTP downloads by cleaning up some threading lock issues. Thanks to Stephen C. Pope for the patch.
[Bug] #676: (via #677) Fix a backwards incompatibility issue that cropped up in
SFTPFile.prefetch
re: the erroneously non-optionalfile_size
parameter. Should only affect users who manually callprefetch
. Thanks to@stevevanhooser
for catch & patch.[Bug] #670: Due to an earlier bugfix, less-specific
Host
blocks’ProxyCommand
values were overridingProxyCommand none
in more-specificHost
blocks. This has been fixed in a backwards compatible manner (i.e.ProxyCommand none
continues to appear as a total lack of anyproxycommand
key in parsed config structures). Thanks to Pat Brisbin for the catch.[Support] #636: Clean up and enhance the README (and rename it to
README.rst
from justREADME
). Thanks to@LucasRMehl
.[Support] #697: Remove whitespace in our
setup.py
’sinstall_requires
as it triggers occasional bugs in some versions ofsetuptools
. Thanks to Justin Lecher for catch & original patch.[Support] #612: Identify & work around a race condition in the test for handshake timeouts, which was causing frequent test failures for a subset of contributors as well as Travis-CI (usually, but not always, limited to Python 3.5). Props to Ed Kellett for assistance during some of the troubleshooting.
[Support] #621: Annotate some public attributes on
Channel
such as.closed
. Thanks to Sergey Vasilyev for the report.[Support] #729: Clean up
setup.py
to always usesetuptools
, not doing so was a historical artifact from bygone days. Thanks to Alex Gaynor.
1.15.5 2016-04-28
[Bug] #401: Fix line number reporting in log output regarding invalid
known_hosts
line entries. Thanks to Dylan Thacker-Smith for catch & patch.[Bug] #652: Fix behavior of
gssapi-with-mic
auth requests so they fail gracefully (allowing followup via other auth methods) instead of raising an exception. Patch courtesy of@jamercee
.[Bug] #499: Strip trailing/leading whitespace from lines when parsing SSH config files - this brings things in line with OpenSSH behavior. Thanks to Alfredo Esteban for the original report and Nick Pillitteri for the patch.
[Bug] #632: Fix logic bug in the SFTP client’s callback-calling functionality; previously there was a chance the given callback would fire twice at the end of a transfer. Thanks to
@ab9-er
for catch & original patch.[Bug] #613: (via #619) Update to
jaraco.windows
3.4.1 to fix some errors related toctypes
on Windows platforms. Credit to Jason R. Coombs.[Bug] #617: (aka fabric/fabric#1429; via #679; related: #678, #685, #615 & #616) Fix up
NoValidConnectionsError
so it pickles correctly, and fix a related Python 3 compatibility issue. Thanks to Rebecca Schlussel for the report & Marius Gedminas for the patch.[Bug] #716: Fix a Python 3 compatibility issue when handling two-factor authentication. Thanks to Mateusz Kowalski for the catch & original patch.
[Bug] #577: (via #578; should also fix #718, #560) Fix stalled/hung SFTP downloads by cleaning up some threading lock issues. Thanks to Stephen C. Pope for the patch.
[Bug] #676: (via #677) Fix a backwards incompatibility issue that cropped up in
SFTPFile.prefetch
re: the erroneously non-optionalfile_size
parameter. Should only affect users who manually callprefetch
. Thanks to@stevevanhooser
for catch & patch.[Bug] #670: Due to an earlier bugfix, less-specific
Host
blocks’ProxyCommand
values were overridingProxyCommand none
in more-specificHost
blocks. This has been fixed in a backwards compatible manner (i.e.ProxyCommand none
continues to appear as a total lack of anyproxycommand
key in parsed config structures). Thanks to Pat Brisbin for the catch.[Support] #525: Update the vendored Windows API addon to a more recent edition. Also fixes #193, #488, #498. Thanks to Jason Coombs.
[Support] #636: Clean up and enhance the README (and rename it to
README.rst
from justREADME
). Thanks to@LucasRMehl
.[Support] #697: Remove whitespace in our
setup.py
’sinstall_requires
as it triggers occasional bugs in some versions ofsetuptools
. Thanks to Justin Lecher for catch & original patch.[Support] #612: Identify & work around a race condition in the test for handshake timeouts, which was causing frequent test failures for a subset of contributors as well as Travis-CI (usually, but not always, limited to Python 3.5). Props to Ed Kellett for assistance during some of the troubleshooting.
[Support] #621: Annotate some public attributes on
Channel
such as.closed
. Thanks to Sergey Vasilyev for the report.[Support] #729: Clean up
setup.py
to always usesetuptools
, not doing so was a historical artifact from bygone days. Thanks to Alex Gaynor.
1.16.0 2015-11-04
[Feature] #167: Add
get_hostnames
for easier introspection of a loaded SSH config file or object. Courtesy of Søren Løvborg.[Feature] #356: (also #596, #365, #341, #164, #581, and a bunch of other duplicates besides) Add support for SHA-2 based key exchange (kex) algorithm
diffie-hellman-group-exchange-sha256
and (H)MAC algorithmshmac-sha2-256
andhmac-sha2-512
.This change includes tweaks to debug-level logging regarding algorithm-selection handshakes; the old all-in-one log line is now multiple easier-to-read, printed-at-handshake-time log lines.
Thanks to the many people who submitted patches for this functionality and/or assisted in testing those patches. That list includes but is not limited to, and in no particular order: Matthias Witte, Dag Wieers, Ash Berlin, Etienne Perot, Gert van Dijk,
@GuyShaanan
, Aaron Bieber,@cyphase
, and Eric Brown.[Feature] #604: Add support for the
aes192-ctr
andaes192-cbc
ciphers. Thanks to Michiel Tiller for noticing it was as easy as tweaking some key sizes :D[Feature] #467: (also #139, #412) Fully enable two-factor authentication (e.g. when a server requires
AuthenticationMethods pubkey,keyboard-interactive
). Thanks to@perryjrandall
for the patch and to@nevins-b
and Matt Robenolt for additional support.[Bug] #22: Try harder to connect to multiple network families (e.g. IPv4 vs IPv6) in case of connection issues; this helps with problems such as hosts which resolve both IPv4 and IPv6 addresses but are only listening on IPv4. Thanks to Dries Desmet for original report and Torsten Landschoff for the foundational patchset.
[Bug] #502: Fix ‘exec’ requests in server mode to use
get_string
instead ofget_text
to avoidUnicodeDecodeError
on non-UTF-8 input. Thanks to Anselm Kruis for the patch & discussion.[Bug] #194: (also #562, #530, #576) Streamline use of
stat
when downloading SFTP files viaSFTPClient.get
; this avoids triggering bugs in some off-spec SFTP servers such as IBM Sterling. Thanks to@muraleee
for the initial report and to Torkil Gustavsen for the patch.[Support] #419: Modernize a bunch of the codebase internals to leverage decorators. Props to
@beckjake
for realizing we’re no longer on Python 2.2 :D[Support] #421: Modernize threading calls to use newer API. Thanks to Olle Lundberg.
[Support] #422: Clean up some unused imports. Courtesy of Olle Lundberg.
[Support] #431: Replace handrolled
ssh_config
parsing code with use of theshlex
module. Thanks to Yan Kalchevskiy.[Support] #582: Fix some old
setup.py
related helper code which was breakingbdist_dumb
on Mac OS X. Thanks to Peter Odding for the patch.[Support] #516: Document
AgentRequestHandler
. Thanks to@toejough
for report & suggestions.[Support] #554: Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch.
[Support] #594: Correct some post-Python3-port docstrings to specify
bytes
type instead ofstr
. Credit to@redixin
.[Support] #525: Update the vendored Windows API addon to a more recent edition. Also fixes #193, #488, #498. Thanks to Jason Coombs.
1.15.4 2015-11-02
[Bug] #565: Don’t explode with
IndexError
when reading private key files lacking an-----END <type> PRIVATE KEY-----
footer. Patch courtesy of Prasanna Santhanam.[Bug] #359: Use correct attribute name when trying to use Python 3’s
int.bit_length
method; prior to fix, the Python 2 custom fallback implementation was always used, even on Python 3. Thanks to Alex Gaynor.[Bug] #366: Fix
SFTPAttributes
so its string representation doesn’t raise exceptions on empty/initialized instances. Patch by Ulrich Petri.[Support] #594: Correct some post-Python3-port docstrings to specify
bytes
type instead ofstr
. Credit to@redixin
.
1.14.3 2015-11-02
[Bug] #402: Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless
TypeError
with a human-readableAuthenticationException
. Credit to Ken Jordan for the fix and Yvan Marques for original report.[Bug] #353: (via #482) Fix a bug introduced in the Python 3 port which caused
OverFlowError
(and other symptoms) in SFTP functionality. Thanks to@dboreham
for leading the troubleshooting charge, and to Scott Maxwell for the final patch.[Bug] #469: (also #488, #461 and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner of the cherry-pick lottery.
[Bug] #404: Print details when displaying
BadHostKeyException
objects (expected vs received data) instead of just “hey shit broke”. Patch credit: Loic Dachary.[Bug] #490: Skip invalid/unparsable lines in
known_hosts
files, instead of raisingSSHException
. This brings Paramiko’s behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm.[Bug] #491: (combines #62 and #439) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to
@vazir
and@dacut
for the original patches and to Olle Lundberg for reimplementation.[Bug] #565: Don’t explode with
IndexError
when reading private key files lacking an-----END <type> PRIVATE KEY-----
footer. Patch courtesy of Prasanna Santhanam.[Bug] #359: Use correct attribute name when trying to use Python 3’s
int.bit_length
method; prior to fix, the Python 2 custom fallback implementation was always used, even on Python 3. Thanks to Alex Gaynor.[Bug] #366: Fix
SFTPAttributes
so its string representation doesn’t raise exceptions on empty/initialized instances. Patch by Ulrich Petri.[Support] #516: Document
AgentRequestHandler
. Thanks to@toejough
for report & suggestions.[Support] #554: Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch.
[Support] #594: Correct some post-Python3-port docstrings to specify
bytes
type instead ofstr
. Credit to@redixin
.
1.13.4 2015-11-02
[Bug] #402: Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless
TypeError
with a human-readableAuthenticationException
. Credit to Ken Jordan for the fix and Yvan Marques for original report.[Bug] #353: (via #482) Fix a bug introduced in the Python 3 port which caused
OverFlowError
(and other symptoms) in SFTP functionality. Thanks to@dboreham
for leading the troubleshooting charge, and to Scott Maxwell for the final patch.[Bug] #469: (also #488, #461 and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner of the cherry-pick lottery.
[Bug] #404: Print details when displaying
BadHostKeyException
objects (expected vs received data) instead of just “hey shit broke”. Patch credit: Loic Dachary.[Bug] #490: Skip invalid/unparsable lines in
known_hosts
files, instead of raisingSSHException
. This brings Paramiko’s behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm.[Bug] #491: (combines #62 and #439) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to
@vazir
and@dacut
for the original patches and to Olle Lundberg for reimplementation.[Bug] #565: Don’t explode with
IndexError
when reading private key files lacking an-----END <type> PRIVATE KEY-----
footer. Patch courtesy of Prasanna Santhanam.[Bug] #359: Use correct attribute name when trying to use Python 3’s
int.bit_length
method; prior to fix, the Python 2 custom fallback implementation was always used, even on Python 3. Thanks to Alex Gaynor.[Bug] #366: Fix
SFTPAttributes
so its string representation doesn’t raise exceptions on empty/initialized instances. Patch by Ulrich Petri.[Support] #516: Document
AgentRequestHandler
. Thanks to@toejough
for report & suggestions.[Support] #554: Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch.
[Support] #594: Correct some post-Python3-port docstrings to specify
bytes
type instead ofstr
. Credit to@redixin
.
1.15.3 2015-10-02
[Bug] #402: Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless
TypeError
with a human-readableAuthenticationException
. Credit to Ken Jordan for the fix and Yvan Marques for original report.[Bug] #353: (via #482) Fix a bug introduced in the Python 3 port which caused
OverFlowError
(and other symptoms) in SFTP functionality. Thanks to@dboreham
for leading the troubleshooting charge, and to Scott Maxwell for the final patch.[Bug] #469: (also #488, #461 and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner of the cherry-pick lottery.
[Bug] #404: Print details when displaying
BadHostKeyException
objects (expected vs received data) instead of just “hey shit broke”. Patch credit: Loic Dachary.[Bug] #490: Skip invalid/unparsable lines in
known_hosts
files, instead of raisingSSHException
. This brings Paramiko’s behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm.[Bug] #491: (combines #62 and #439) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to
@vazir
and@dacut
for the original patches and to Olle Lundberg for reimplementation.[Bug] #496: Fix a handful of small but critical bugs in Paramiko’s GSSAPI support (note: this includes switching from PyCrypo’s Random to
os.urandom
). Thanks to Anselm Kruis for catch & patch.[Support] #516: Document
AgentRequestHandler
. Thanks to@toejough
for report & suggestions.[Support] #554: Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch.
1.15.2 2014-12-19
[Bug] #320: Update our win_pageant module to be Python 3 compatible. Thanks to
@sherbang
and@adamkerz
for the patches.[Bug] #429: Server-level debug message logging was overlooked during the Python 3 compatibility update; Python 3 clients attempting to log SSH debug packets encountered type errors. This is now fixed. Thanks to
@mjmaenpaa
for the catch.[Bug] #459: Tighten up agent connection closure behavior to avoid spurious
ResourceWarning
display in some situations. Thanks to@tkrapp
for the catch.[Bug] #266: Change numbering of
Transport
channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to@egroeper
for catch & patch.[Bug] #415: Fix
ssh_config
parsing to correctly interpretProxyCommand none
as the lack of a proxy command, instead of as a literal command string of"none"
. Thanks to Richard Spiers for the catch & Sean Johnson for the fix.[Bug] #428: Fix an issue in
BufferedFile
(primarily used in the SFTP modules) concerning incorrect behavior byreadlines
on files whose size exceeds the buffer size. Thanks to@achapp
for catch & patch.[Bug] #455: Tweak packet size handling to conform better to the OpenSSH RFCs; this helps address issues with interactive program cursors. Courtesy of Jeff Quast.
[Bug] #413: (also #414, #420, #454) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for report & initial patchset and to Chris Adams & John Morrissey for followup improvements.
[Support] #419: Modernize a bunch of the codebase internals to leverage decorators. Props to
@beckjake
for realizing we’re no longer on Python 2.2 :D[Support] #421: Modernize threading calls to use newer API. Thanks to Olle Lundberg.
[Support] #422: Clean up some unused imports. Courtesy of Olle Lundberg.
[Support] #431: Replace handrolled
ssh_config
parsing code with use of theshlex
module. Thanks to Yan Kalchevskiy.
1.14.2 2014-12-19
[Bug] #399: SSH agent forwarding (potentially other functionality as well) would hang due to incorrect values passed into the new window size arguments for
Transport
(thanks to a botched merge). This has been corrected. Thanks to Dylan Thacker-Smith for the report & patch.[Bug] #320: Update our win_pageant module to be Python 3 compatible. Thanks to
@sherbang
and@adamkerz
for the patches.[Bug] #429: Server-level debug message logging was overlooked during the Python 3 compatibility update; Python 3 clients attempting to log SSH debug packets encountered type errors. This is now fixed. Thanks to
@mjmaenpaa
for the catch.[Bug] #459: Tighten up agent connection closure behavior to avoid spurious
ResourceWarning
display in some situations. Thanks to@tkrapp
for the catch.[Bug] #266: Change numbering of
Transport
channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to@egroeper
for catch & patch.[Bug] #415: Fix
ssh_config
parsing to correctly interpretProxyCommand none
as the lack of a proxy command, instead of as a literal command string of"none"
. Thanks to Richard Spiers for the catch & Sean Johnson for the fix.[Bug] #428: Fix an issue in
BufferedFile
(primarily used in the SFTP modules) concerning incorrect behavior byreadlines
on files whose size exceeds the buffer size. Thanks to@achapp
for catch & patch.[Bug] #455: Tweak packet size handling to conform better to the OpenSSH RFCs; this helps address issues with interactive program cursors. Courtesy of Jeff Quast.
[Bug] #413: (also #414, #420, #454) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for report & initial patchset and to Chris Adams & John Morrissey for followup improvements.
[Support] #249: Consolidate version information into one spot. Thanks to Gabi Davar for the reminder.
[Support] #378: Minor code cleanup in the SSH config module courtesy of Olle Lundberg.
[Support] #419: Modernize a bunch of the codebase internals to leverage decorators. Props to
@beckjake
for realizing we’re no longer on Python 2.2 :D[Support] #421: Modernize threading calls to use newer API. Thanks to Olle Lundberg.
[Support] #422: Clean up some unused imports. Courtesy of Olle Lundberg.
[Support] #431: Replace handrolled
ssh_config
parsing code with use of theshlex
module. Thanks to Yan Kalchevskiy.
1.13.3 2014-12-19
[Bug] #399: SSH agent forwarding (potentially other functionality as well) would hang due to incorrect values passed into the new window size arguments for
Transport
(thanks to a botched merge). This has been corrected. Thanks to Dylan Thacker-Smith for the report & patch.[Bug] #320: Update our win_pageant module to be Python 3 compatible. Thanks to
@sherbang
and@adamkerz
for the patches.[Bug] #429: Server-level debug message logging was overlooked during the Python 3 compatibility update; Python 3 clients attempting to log SSH debug packets encountered type errors. This is now fixed. Thanks to
@mjmaenpaa
for the catch.[Bug] #459: Tighten up agent connection closure behavior to avoid spurious
ResourceWarning
display in some situations. Thanks to@tkrapp
for the catch.[Bug] #266: Change numbering of
Transport
channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to@egroeper
for catch & patch.[Bug] #415: Fix
ssh_config
parsing to correctly interpretProxyCommand none
as the lack of a proxy command, instead of as a literal command string of"none"
. Thanks to Richard Spiers for the catch & Sean Johnson for the fix.[Bug] #428: Fix an issue in
BufferedFile
(primarily used in the SFTP modules) concerning incorrect behavior byreadlines
on files whose size exceeds the buffer size. Thanks to@achapp
for catch & patch.[Bug] #455: Tweak packet size handling to conform better to the OpenSSH RFCs; this helps address issues with interactive program cursors. Courtesy of Jeff Quast.
[Bug] #413: (also #414, #420, #454) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for report & initial patchset and to Chris Adams & John Morrissey for followup improvements.
[Support] #249: Consolidate version information into one spot. Thanks to Gabi Davar for the reminder.
[Support] #378: Minor code cleanup in the SSH config module courtesy of Olle Lundberg.
[Support] #419: Modernize a bunch of the codebase internals to leverage decorators. Props to
@beckjake
for realizing we’re no longer on Python 2.2 :D[Support] #421: Modernize threading calls to use newer API. Thanks to Olle Lundberg.
[Support] #422: Clean up some unused imports. Courtesy of Olle Lundberg.
[Support] #431: Replace handrolled
ssh_config
parsing code with use of theshlex
module. Thanks to Yan Kalchevskiy.
1.15.1 2014-09-22
1.15.0 2014-09-18
[Feature] #131: Add a
listdir_iter
method toSFTPClient
allowing for more efficient, async/generator based file listings. Thanks to John Begeman.[Feature] #184: Support quoted values in SSH config file parsing. Credit to Yan Kalchevskiy.
[Feature] #218: Add support for ECDSA private keys on the client side. Thanks to
@aszlig
for the patch.[Feature] #372: Update default window & packet sizes to more closely adhere to the pertinent RFC; also expose these settings in the public API so they may be overridden by client code. This should address some general speed issues such as #175. Big thanks to Olle Lundberg for the update.
[Feature] #362: Allow users to control the SSH banner timeout. Thanks to Cory Benfield.
[Feature] #267: (also #250, #241, #228) Add GSS-API / SSPI (e.g. Kerberos) key exchange and authentication support (installation docs here). Mega thanks to Sebastian Deiß, with assist by Torsten Landschoff.
Note
Unix users should be aware that the
python-gssapi
library (a requirement for using this functionality) only appears to support Python 2.7 and up at this time.[Bug] #335: Fix ECDSA key generation (generation of brand new ECDSA keys was broken previously). Thanks to
@solarw
for catch & patch.[Bug] #234: Lower logging levels for a few overly-noisy log messages about secure channels. Thanks to David Pursehouse for noticing & contributing the fix.
[Bug] #298: Don’t perform point validation on ECDSA keys in
known_hosts
files, since a) this can cause significant slowdown when such keys exist, and b)known_hosts
files are implicitly trustworthy. Thanks to Kieran Spear for catch & patch.Note
This change bumps up the version requirement for the
ecdsa
library to0.11
.[Bug] #373: Attempt to fix a handful of issues (such as #354) related to infinite loops and threading deadlocks. Thanks to Olle Lundberg as well as a handful of community members who provided advice & feedback via IRC.
[Bug] #346: Fix an issue in private key files’ encryption salts that could cause tracebacks and file corruption if keys were re-encrypted. Credit to Xavier Nunn.
[Support] #371: Add Travis support & docs update for Python 3.4. Thanks to Olle Lundberg.
[Support] #169: Minor refactor of
paramiko.sftp_client.SFTPClient.put
thanks to Abhinav Upadhyay.[Support] #229: Fix a couple of incorrectly-copied docstrings’
.. versionadded::
RST directives. Thanks to Aarni Koskela for the catch.[Support] #324: A bevvy of documentation typo fixes, courtesy of Roy Wellington.
[Support] #249: Consolidate version information into one spot. Thanks to Gabi Davar for the reminder.
[Support] #378: Minor code cleanup in the SSH config module courtesy of Olle Lundberg.
[Support] #377: Factor
Channel
openness sanity check into a decorator. Thanks to Olle Lundberg for original patch.[Support] #374: (also #375) Old code cleanup courtesy of Olle Lundberg.
[Support] #393: Replace internal use of PyCrypto’s
SHA.new
with the stdlib’shashlib.sha1
. Thanks to Alex Gaynor.
1.14.1 2014-08-25
[Bug] #285: (also #352) Update our Python 3
b()
compatibility shim to handlebuffer
objects correctly; this fixes a frequently reported issue affecting many users, including users of thebzr
software suite. Thanks to@basictheprogram
for the initial report, Jelmer Vernooij for the fix and Andrew Starr-Bochicchio & Jeremy T. Bouse (among others) for discussion & feedback.[Bug] #239: Add Windows-style CRLF support to SSH config file parsing. Props to Christopher Swenson.
[Bug] #272: Fix a bug where
known_hosts
parsing hashed the input hostname as well as the hostnames from theknown_hosts
file, on every comparison. Thanks to@sigmunau
for final patch and@ostacey
for the original report.[Bug] #312:
paramiko.transport.Transport
had a bug in its__repr__
which surfaces during errors encountered within its__init__
, causing problematic tracebacks in such situations. Thanks to Simon Percivall for catch & patch.[Bug] #376: Be less aggressive about expanding variables in
ssh_config
files, which results in a speedup of SSH config parsing. Credit to Olle Lundberg.[Support] #169: Minor refactor of
paramiko.sftp_client.SFTPClient.put
thanks to Abhinav Upadhyay.[Support] #229: Fix a couple of incorrectly-copied docstrings’
.. versionadded::
RST directives. Thanks to Aarni Koskela for the catch.[Support] #324: A bevvy of documentation typo fixes, courtesy of Roy Wellington.
1.13.2 2014-08-25
[Bug] #285: (also #352) Update our Python 3
b()
compatibility shim to handlebuffer
objects correctly; this fixes a frequently reported issue affecting many users, including users of thebzr
software suite. Thanks to@basictheprogram
for the initial report, Jelmer Vernooij for the fix and Andrew Starr-Bochicchio & Jeremy T. Bouse (among others) for discussion & feedback.[Bug] #239: Add Windows-style CRLF support to SSH config file parsing. Props to Christopher Swenson.
[Bug] #272: Fix a bug where
known_hosts
parsing hashed the input hostname as well as the hostnames from theknown_hosts
file, on every comparison. Thanks to@sigmunau
for final patch and@ostacey
for the original report.[Bug] #312:
paramiko.transport.Transport
had a bug in its__repr__
which surfaces during errors encountered within its__init__
, causing problematic tracebacks in such situations. Thanks to Simon Percivall for catch & patch.[Bug] #376: Be less aggressive about expanding variables in
ssh_config
files, which results in a speedup of SSH config parsing. Credit to Olle Lundberg.[Support] #169: Minor refactor of
paramiko.sftp_client.SFTPClient.put
thanks to Abhinav Upadhyay.[Support] #229: Fix a couple of incorrectly-copied docstrings’
.. versionadded::
RST directives. Thanks to Aarni Koskela for the catch.[Support] #324: A bevvy of documentation typo fixes, courtesy of Roy Wellington.
1.14.0 2014-05-07
[Support] #284: Add Python language trove identifiers to
setup.py
. Thanks to Alex Gaynor for catch & patch.[Support] #290: (also #292) Add support for building universal (Python 2+3 compatible) wheel files during the release process. Courtesy of Alex Gaynor.
[Support] #295: Swap out a bunch of PyCrypto hash functions with use of
hashlib
. Thanks to Alex Gaynor.[Support] #297: Replace PyCrypto’s
Random
withos.urandom
for improved speed and security. Thanks again to Alex.[Support] #299: Use deterministic signatures for ECDSA keys for improved security. Thanks to Alex Gaynor.
1.13.1 2014-05-07
[Bug] #235: Improve string type testing in a handful of spots (e.g.
s/if type(x) is str/if isinstance(x, basestring)/g
.) Thanks to@ksamuel
for the report.[Bug] #308: Fix regression in dsskey.py that caused sporadic signature verification failures. Thanks to Chris Rose.
[Bug]: Fix logging error in sftp_client for filenames containing the ‘%’ character. Thanks to Antoine Brenner.
[Bug]: Added self.args for exception classes. Used for unpickling. Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru.
[Bug]:
paramiko.file.BufferedFile.read
incorrectly returned text strings after the Python 3 migration, despite bytes being more appropriate for file contents (which may be binary or of an unknown encoding.) This has been addressed.Note
paramiko.file.BufferedFile.readline
continues to return strings, not bytes, as “lines” only make sense for textual data. It assumes UTF-8 by default.This should fix this issue raised on the Obnam mailing list. Thanks to Antoine Brenner for the patch.
1.12.4 2014-05-07
[Bug] #235: Improve string type testing in a handful of spots (e.g.
s/if type(x) is str/if isinstance(x, basestring)/g
.) Thanks to@ksamuel
for the report.[Bug] #308: Fix regression in dsskey.py that caused sporadic signature verification failures. Thanks to Chris Rose.
[Bug]: Fix logging error in sftp_client for filenames containing the ‘%’ character. Thanks to Antoine Brenner.
[Bug]: Added self.args for exception classes. Used for unpickling. Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru.
[Bug]:
paramiko.file.BufferedFile.read
incorrectly returned text strings after the Python 3 migration, despite bytes being more appropriate for file contents (which may be binary or of an unknown encoding.) This has been addressed.Note
paramiko.file.BufferedFile.readline
continues to return strings, not bytes, as “lines” only make sense for textual data. It assumes UTF-8 by default.This should fix this issue raised on the Obnam mailing list. Thanks to Antoine Brenner for the patch.
1.11.6 2014-05-07
[Bug] #235: Improve string type testing in a handful of spots (e.g.
s/if type(x) is str/if isinstance(x, basestring)/g
.) Thanks to@ksamuel
for the report.[Bug] #308: Fix regression in dsskey.py that caused sporadic signature verification failures. Thanks to Chris Rose.
[Bug]: Fix logging error in sftp_client for filenames containing the ‘%’ character. Thanks to Antoine Brenner.
[Bug]: Added self.args for exception classes. Used for unpickling. Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru.
[Bug]:
paramiko.file.BufferedFile.read
incorrectly returned text strings after the Python 3 migration, despite bytes being more appropriate for file contents (which may be binary or of an unknown encoding.) This has been addressed.Note
paramiko.file.BufferedFile.readline
continues to return strings, not bytes, as “lines” only make sense for textual data. It assumes UTF-8 by default.This should fix this issue raised on the Obnam mailing list. Thanks to Antoine Brenner for the patch.
1.13.0 2014-03-13
[Feature] #58: Allow client code to access the stored SSH server banner via
Transport.get_banner
. Thanks to@Jhoanor
for the patch.[Feature] #16: Python 3 support! Our test suite passes under Python 3, and it (& Fabric’s test suite) continues to pass under Python 2. Python 2.5 is no longer supported with this change!
The merged code was built on many contributors’ efforts, both code & feedback. In no particular order, we thank Daniel Goertzen, Ivan Kolodyazhny, Tomi Pieviläinen, Jason R. Coombs, Jan N. Schulze,
@Lazik
, Dorian Pula, Scott Maxwell, Tshepang Lekhonkhobe, Aaron Meurer, and Dave Halter.[Support] #256: Convert API documentation to Sphinx, yielding a new API docs website to replace the old Epydoc one. Thanks to Olle Lundberg for the initial conversion work.
1.12.3 2014-03-13
[Bug]: Use constant-time hash comparison operations where possible, to protect against timing-based attacks. Thanks to Alex Gaynor for the patch.
[Support] #256: Convert API documentation to Sphinx, yielding a new API docs website to replace the old Epydoc one. Thanks to Olle Lundberg for the initial conversion work.
1.11.5 2014-03-13
[Bug]: Use constant-time hash comparison operations where possible, to protect against timing-based attacks. Thanks to Alex Gaynor for the patch.
[Support] #256: Convert API documentation to Sphinx, yielding a new API docs website to replace the old Epydoc one. Thanks to Olle Lundberg for the initial conversion work.
1.10.7 2014-03-13
[Bug]: Use constant-time hash comparison operations where possible, to protect against timing-based attacks. Thanks to Alex Gaynor for the patch.
[Support] #256: Convert API documentation to Sphinx, yielding a new API docs website to replace the old Epydoc one. Thanks to Olle Lundberg for the initial conversion work.
1.12.2 2014-02-14
[Bug] #193: (and its attentant PRs #230 & #253) Fix SSH agent problems present on Windows. Thanks to David Hobbs for initial report and to Aarni Koskela & Olle Lundberg for the patches.
[Bug] #34: (PR #35) Fix SFTP prefetching incompatibility with some SFTP servers regarding request/response ordering. Thanks to Richard Kettlewell.
[Bug] #268: Fix some missed renames of
ProxyCommand
related error classes. Thanks to Marius Gedminas for catch & patch.[Bug] #252: (Fabric #1020) Enhanced the implementation of
ProxyCommand
to avoid a deadlock/hang condition that frequently occurs atTransport
shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original reports and to Marius Gedminas for helping test nontrivial use cases.
1.11.4 2014-02-14
[Bug] #193: (and its attentant PRs #230 & #253) Fix SSH agent problems present on Windows. Thanks to David Hobbs for initial report and to Aarni Koskela & Olle Lundberg for the patches.
[Bug] #34: (PR #35) Fix SFTP prefetching incompatibility with some SFTP servers regarding request/response ordering. Thanks to Richard Kettlewell.
[Bug] #268: Fix some missed renames of
ProxyCommand
related error classes. Thanks to Marius Gedminas for catch & patch.[Bug] #252: (Fabric #1020) Enhanced the implementation of
ProxyCommand
to avoid a deadlock/hang condition that frequently occurs atTransport
shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original reports and to Marius Gedminas for helping test nontrivial use cases.
1.10.6 2014-02-14
[Bug] #193: (and its attentant PRs #230 & #253) Fix SSH agent problems present on Windows. Thanks to David Hobbs for initial report and to Aarni Koskela & Olle Lundberg for the patches.
[Bug] #34: (PR #35) Fix SFTP prefetching incompatibility with some SFTP servers regarding request/response ordering. Thanks to Richard Kettlewell.
[Bug] #268: Fix some missed renames of
ProxyCommand
related error classes. Thanks to Marius Gedminas for catch & patch.[Bug] #252: (Fabric #1020) Enhanced the implementation of
ProxyCommand
to avoid a deadlock/hang condition that frequently occurs atTransport
shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original reports and to Marius Gedminas for helping test nontrivial use cases.
1.12.1 2014-01-08
1.11.3 2014-01-08
[Bug] #176: Fix AttributeError bugs in known_hosts file (re)loading. Thanks to Nathan Scowcroft for the patch & Martin Blumenstingl for the initial test case.
1.10.5 2014-01-08
[Bug] #176: Fix AttributeError bugs in known_hosts file (re)loading. Thanks to Nathan Scowcroft for the patch & Martin Blumenstingl for the initial test case.
1.12.0 2013-09-27
[Feature] #136: Add server-side support for the SSH protocol’s ‘env’ command. Thanks to Benjamin Pollack for the patch.
[Feature] #152: Add tentative support for ECDSA keys. This adds the ecdsa module as a new dependency of Paramiko. The module is available at warner/python-ecdsa on Github and ecdsa on PyPI.
Note that you might still run into problems with key negotiation – Paramiko picks the first key that the server offers, which might not be what you have in your known_hosts file.
Mega thanks to Ethan Glasser-Camp for the patch.
1.11.2 2013-09-27
[Bug] #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher for catch & patch.
[Bug] #200: Fix an exception-causing typo in
demo_simple.py
. Thanks to Alex Buchanan for catch & Dave Foster for patch.[Bug] #179: Fix a missing variable causing errors when an ssh_config file has a non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch & patch.
[Bug] #156: Fix potential deadlock condition when using Channel objects as sockets (e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold for catch & patch.
1.10.4 2013-09-27
[Bug] #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher for catch & patch.
[Bug] #200: Fix an exception-causing typo in
demo_simple.py
. Thanks to Alex Buchanan for catch & Dave Foster for patch.[Bug] #179: Fix a missing variable causing errors when an ssh_config file has a non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch & patch.
1.11.1 2013-09-20
[Bug] #168: Update config handling to properly handle multiple ‘localforward’ and ‘remoteforward’ keys. Thanks to Emre Yılmaz for the patch.
[Bug] #36: Fix the port-forwarding demo to avoid file descriptor errors. Thanks to Jonathan Halcrow for catch & patch.
[Bug] #162: Clean up HMAC module import to avoid deadlocks in certain uses of SSHClient. Thanks to Gernot Hillier for the catch & suggested fix.
1.10.3 2013-09-20
[Bug] #168: Update config handling to properly handle multiple ‘localforward’ and ‘remoteforward’ keys. Thanks to Emre Yılmaz for the patch.
[Bug] #36: Fix the port-forwarding demo to avoid file descriptor errors. Thanks to Jonathan Halcrow for catch & patch.
[Bug] #162: Clean up HMAC module import to avoid deadlocks in certain uses of SSHClient. Thanks to Gernot Hillier for the catch & suggested fix.
1.11.0 2013-07-26
[Bug] #87: Ensure updates to
known_hosts
files account for any updates to said files after Paramiko initially read them. (Includes related fix to guard against duplicate entries during subsequentknown_hosts
loads.) Thanks to@sunweaver
for the contribution.[Bug] #98: On Windows, when interacting with the PuTTY PAgeant, Paramiko now creates the shared memory map with explicit Security Attributes of the user, which is the same technique employed by the canonical PuTTY library to avoid permissions issues when Paramiko is running under a different UAC context than the PuTTY Ageant process. Thanks to Jason R. Coombs for the patch.
[Support] #100: Remove use of PyWin32 in
win_pageant
module. Module was already dependent on ctypes for constructing appropriate structures and had ctypes implementations of all functionality. Thanks to Jason R. Coombs for the patch.
1.10.2 2013-07-26
1.10.1 2013-04-05
[Bug] #154: (Fabric #876) Forwarded SSH agent connections left stale local pipes lying around, which could cause local (and sometimes remote or network) resource starvation when running many agent-using remote commands. Thanks to Kevin Tegtmeier for catch & patch.
[Bug] #142: (Fabric #811) SFTP put of empty file will still return the attributes of the put file. Thanks to Jason R. Coombs for the patch.
1.10.0 2013-03-01
[Feature] #80: Expose the internal “is closed” property of the file transfer class
BufferedFile
as.closed
, better conforming to Python’s file interface. Thanks to@smunaut
and James Hiscock for catch & patch.[Feature] #113: Add
timeout
parameter toSSHClient.exec_command
for easier setting of the command’s internal channel object’s timeout. Thanks to Cernov Vladimir for the patch.[Feature] #71: Add
SFTPClient.putfo
and.getfo
methods to allow direct uploading/downloading of file-like objects. Thanks to Eric Buehl for the patch.[Feature] #115: Add convenience
get_pty
kwarg toClient.exec_command
so users not manually controlling a channel object can still toggle PTY creation. Thanks to Michael van der Kolff for the patch.[Feature] #116: Limit
Message.get_bytes
to an upper bound of 1MB to protect against potential DoS vectors. Thanks to@mvschaik
for catch & patch.[Feature] #127: Turn
SFTPFile
into a context manager. Thanks to Michael Williamson for the patch.[Feature] #128: Defer FQDN resolution until needed, when parsing SSH config files. Thanks to Parantapa Bhattacharya for catch & patch.
[Feature] #110: Honor SSH config
AddressFamily
setting when looking up local host’s FQDN. Thanks to John Hensley for the patch.[Feature] #93: Overhaul SSH config parsing to be in line with
man ssh_config
(& the behavior ofssh
itself), including addition of parameter expansion within config values. Thanks to Olle Lundberg for the patch.[Feature] #66: Batch SFTP writes to help speed up file transfers. Thanks to Olle Lundberg for the patch.
[Bug] #102: Forego random padding for packets when running under
*-ctr
ciphers. This corrects some slowdowns on platforms where random byte generation is inefficient (e.g. Windows). Thanks to@warthog618
for catch & patch, and Michael van der Kolff for code/technique review.[Bug] #133: Fix handling of window-change events to be on-spec and not attempt to wait for a response from the remote sshd; this fixes problems with less common targets such as some Cisco devices. Thanks to Phillip Heller for catch & patch.
[Support] #94: Remove duplication of SSH port constant. Thanks to Olle Lundberg for the catch.