#!/usr/bin/env python2 from subprocess import call, Popen, PIPE, STDOUT, check_output import paho.mqtt.client as mqtt import shlex import random from uuid import getnode as get_mac import ast import sys, os import re MQTT_SERVER = 'mqtt.suanzi.ai' MQTT_PORT = 1883 # The alive time new ssh session exist. It means if no client connect to this device through ssh tunnel in 5 minutes, # this new sessin will terminate. ALIVE_TIME = 60 * 5 SSH_SERVER = 'autossh.suanzi.ai' PORT_RANGE = (20000, 40000) USER = 'autossh' PASSWORD = 'hard2guess' def getAvailablePort(host, ports): while True: port = random.randint(ports[0], ports[1]) command = 'nc -z -v -w3 ' + host + ' ' + str(port) p = Popen(command, shell=True, stdout=PIPE, stderr=STDOUT) pout = p.communicate()[0].strip() if p.returncode == 0: continue if 'Connection refused' in pout: return port else: print pout def get_mac_str(): mac = hex(get_mac()) m = re.sub('^0x|L$', '', mac) return '{:0>12}'.format(m) def get_hostname(): return check_output("/bin/hostname", shell=True).strip(); def check_ssh_connection(port): command = '/bin/ps aux | /bin/grep -E \'ssh.*' + str(port) + '\' | /bin/grep -v grep | wc -l'; output = check_output(command, shell=True) print 'output: ', output if int(output) == 0: return False else: return True def try_use_rsa(): pub = os.getenv('HOME') + "/.ssh/id_rsa.pub" if not os.path.isfile(pub): # generate id_rsa.pub command = 'ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -P ""' print command print call(command, shell=True) # copy id_rsa.pub command = 'sshpass -p' + PASSWORD + ' ssh-copy-id -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile /dev/null" ' + USER + '@' + SSH_SERVER print command print call(command, shell=True) def exec_ssh(port): print "#### start establish ssh forwarding connection port, ", port if port == None: raise Exception('Port not avaliable') command = 'sshpass -p' + PASSWORD + ' ssh -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile /dev/null" -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -fCR ' + str(port) +':localhost:22 ' + USER + '@' + SSH_SERVER + ' sleep ' + str(ALIVE_TIME) print command ret = call(shlex.split(command), shell=False) if check_ssh_connection(port): return ret else: ## if sshpass fails (sometimes when another process has large CPU usage (100%) , no ssh connection, try another, try_use_rsa() command = 'ssh -o "PasswordAuthentication=no" -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile /dev/null" -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -fCR ' + str(port) +':localhost:22 ' + USER + '@' + SSH_SERVER + ' sleep ' + str(ALIVE_TIME) print command ret = call(shlex.split(command), shell=False) return ret def on_connect(client, userdata, flags, rc): client.subscribe(userdata['id']) client.subscribe('all') print("Connected with result code "+str(rc)) def on_message(client, userdata, msg): print('Receive topic:' + msg.topic + ' payload: ' +str(msg.payload)) payload = ast.literal_eval(str(msg.payload)) from_id = payload['from'] if payload['type'] == 'request': if payload['command'] == 'ssh': port = getAvailablePort(SSH_SERVER, PORT_RANGE) if exec_ssh(port) == 0: print "#### OK, SSH forwarding connection established, port, ", port response = {'from': userdata['id'], 'type':'response', 'command':payload['command'], 'data':port} client.publish(payload['from'], str(response)) else: raise Exception ('run ssh failed') if payload['command'] == 'list': response = {'from': userdata['id'], 'type':'response', 'command':payload['command'], 'data': get_hostname()} client.publish(payload['from'], str(response)) if __name__ == '__main__': id = get_mac_str() print 'Mac: ', id client = mqtt.Client(userdata={'id':id}) client.on_connect = on_connect client.on_message = on_message client.connect(MQTT_SERVER, MQTT_PORT, 60) client.loop_forever()