Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
|version| |python| |license| |ci| |coverage|
.. |version| image:: https://img.shields.io/pypi/v/paramiko :target: https://pypi.org/project/paramiko/ :alt: PyPI - Package Version .. |python| image:: https://img.shields.io/pypi/pyversions/paramiko :target: https://pypi.org/project/paramiko/ :alt: PyPI - Python Version .. |license| image:: https://img.shields.io/pypi/l/paramiko :target: https://github.com/paramiko/paramiko/blob/main/LICENSE :alt: PyPI - License .. |ci| image:: https://img.shields.io/circleci/build/github/paramiko/paramiko/main :target: https://app.circleci.com/pipelines/github/paramiko/paramiko :alt: CircleCI .. |coverage| image:: https://img.shields.io/codecov/c/gh/paramiko/paramiko :target: https://app.codecov.io/gh/paramiko/paramiko :alt: Codecov
Paramiko is a pure-Python [#]_ (3.6+) implementation of the SSHv2 protocol
[#], providing both client and server functionality. It provides the
foundation for the high-level SSH library Fabric <https://fabfile.org>
,
which is what we recommend you use for common client use-cases such as running
remote shell commands or transferring files.
Direct use of Paramiko itself is only intended for users who need advanced/low-level primitives or want to run an in-Python sshd.
For installation information, changelogs, FAQs and similar, please visit our main project website <https://paramiko.org>
; for API details, see the versioned docs <https://docs.paramiko.org>
. Additionally, the project
maintainer keeps a roadmap <http://bitprophet.org/projects#roadmap>
_ on his
personal site.
.. [#]
Paramiko relies on cryptography <https://cryptography.io>
_ for crypto
functionality, which makes use of C and Rust extensions but has many
precompiled options available. See our installation page <https://www.paramiko.org/installing.html>
_ for details.
.. [#] OpenSSH's RFC specification page is a fantastic resource and collection of links that we won't bother replicating here: https://www.openssh.com/specs.html
OpenSSH itself also happens to be our primary reference implementation:
when in doubt, we consult how they do things, unless there are good reasons
not to. There are always some gaps, but we do our best to reconcile them
when possible.
FAQs
SSH2 protocol library
We found that paramiko demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.