mirror.MikroTik/casterbyte.Sara
1
0
Fork 0
mirror of https://github.com/casterbyte/Sara.git synced 2025-07-18 17:54:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add ssh key login

Browse source 
This commit introduces a new option that is mutually exclusive with --password.
The goal of this change is to enable the use of non-password-protected ssh keys in order to access the RouterOS's cli.
This commit is contained in:
Matthieu Pignolet 2025-05-25 11:05:23 +04:00 committed by Matthieu Pignolet
parent 848b2bbeb7
commit 4ae35cff38
No known key found for this signature in database
GPG key ID: 892400B3FD4E40FB
1 changed files with 17 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

19
sara.py
View file

@ -44,13 +44,14 @@ def banner():
print() print()
# Establish SSH connection to the RouterOS device using Netmiko # Establish SSH connection to the RouterOS device using Netmiko
def connect_to_router(ip, username, password, port): def connect_to_router(ip, username, password, port, key_file):
device = { device = {
"device_type": "mikrotik_routeros", "device_type": "mikrotik_routeros",
"host": ip, "host": ip,
"username": username, "username": username,
"password": password, "password": password,
"port": port, "port": port,
"key_file": key_file,
} }
try: try:
print(Fore.GREEN + Style.BRIGHT + f"[*] Connecting to RouterOS at {ip}:{port}") print(Fore.GREEN + Style.BRIGHT + f"[*] Connecting to RouterOS at {ip}:{port}")
@ -741,6 +742,7 @@ def main():
parser.add_argument("--ip", help="The address of your MikroTik router") parser.add_argument("--ip", help="The address of your MikroTik router")
parser.add_argument("--username", help="SSH username (RO account can be used)") parser.add_argument("--username", help="SSH username (RO account can be used)")
parser.add_argument("--password", help="SSH password") parser.add_argument("--password", help="SSH password")
parser.add_argument("--ssh-key", help="SSH key")
parser.add_argument("--port", type=int, default=22, help="SSH port (default: 22)") parser.add_argument("--port", type=int, default=22, help="SSH port (default: 22)")
args = parser.parse_args() args = parser.parse_args()
@ -748,18 +750,29 @@ def main():
parser.print_help() parser.print_help()
sys.exit(0) sys.exit(0)
if not args.ip or not args.username or not args.password: if not args.ip:
print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Missing required arguments") print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Missing required arguments")
print(Fore.YELLOW + "[!] Use 'sara --help' for more information") print(Fore.YELLOW + "[!] Use 'sara --help' for more information")
sys.exit(1) sys.exit(1)
if not args.username or (not args.password and not args.ssh_key):
print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Missing required arguments")
print(Fore.YELLOW + "[!] Use 'sara --help' for more information")
sys.exit(1)
if args.password and args.ssh_key:
print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Can't use both password & ssh_key authentication")
print(Fore.YELLOW + "[!] Use 'sara --help' for more information")
sys.exit(1)
confirm_legal_usage() confirm_legal_usage()
# Start timer # Start timer
start_time = time.time() start_time = time.time()
# Connecting to the router # Connecting to the router
connection = connect_to_router(args.ip, args.username, args.password, args.port) connection = connect_to_router(args.ip, args.username, args.password, args.port, args.ssh_key)
# Execute all implemented security checks in sequence # Execute all implemented security checks in sequence
check_routeros_version(connection) check_routeros_version(connection)