ssh-handler 1.0.0__tar.gz

ssh_handler-1.0.0/PKG-INFO

@@ -0,0 +1,182 @@
+Metadata-Version: 2.4
+Name: ssh-handler
+Version: 1.0.0
+Summary: Extensive SSH/SFTP/SCP/FTP handler built on Paramiko, for test automation, CLIs and PyQt5 tools.
+Author: Naveen
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+Requires-Dist: paramiko>=3.0
+Provides-Extra: secure
+Requires-Dist: keyring>=23.0; extra == "secure"
+Provides-Extra: scp
+Requires-Dist: scp>=0.14; extra == "scp"
+Provides-Extra: gui
+Requires-Dist: PyQt5>=5.15; extra == "gui"
+Provides-Extra: all
+Requires-Dist: keyring>=23.0; extra == "all"
+Requires-Dist: scp>=0.14; extra == "all"
+Requires-Dist: PyQt5>=5.15; extra == "all"
+
+# ssh_handler
+
+An extensive **SSH / SFTP / SCP / FTP** handler built on [Paramiko](https://www.paramiko.org/),
+packaged so the *same* code works in three places:
+
+- a **test-automation framework** (raise-on-error, pytest fixtures, parallel fleet ops),
+- a **standalone CLI** (`python -m ssh_handler …`, argument-driven),
+- a **PyQt5 tool** (safe mode + log streaming via Qt signals, off the GUI thread).
+
+Passwords are wrapped in a `Secret` and stored in the **OS credential vault** — they
+never appear in logs, reprs, tracebacks, or on disk in plaintext.
+
+## Install
+
+```bash
+pip install -e .                 # core (paramiko)
+pip install -e ".[all]"          # + keyring, scp, PyQt5
+# or just the pieces you need:
+pip install -e ".[secure]"       # keyring  (confidential password storage)
+pip install -e ".[scp]"          # scp      (SCP-protocol transfers)
+pip install -e ".[gui]"          # PyQt5    (the worker)
+```
+
+## Quick start
+
+```python
+from ssh_handler import SSHHandler, SSHConfig
+
+with SSHHandler(SSHConfig(host="10.0.0.5", username="root", password="pw")) as ssh:
+    print(ssh.run("uptime").stdout)
+    ssh.run("systemctl restart nginx", check=True)     # raises on non-zero exit
+    ssh.push("local.txt", "/tmp/remote.txt")           # SFTP upload
+    ssh.pull("/etc/nginx", "./backup", recursive=True) # recursive download
+```
+
+## Connecting to your RDP / Windows hosts (domain login `EU\nkennedy`)
+
+Those Windows machines need **OpenSSH Server** enabled (Settings → Optional Features →
+"OpenSSH Server", or `Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0`).
+Then you log in with your normal domain credentials.
+
+**Pass `domain` and `username` separately** — never hard-code `"EU\nkennedy"` as a Python
+string, because `\n` becomes a newline. The handler builds `EU\nkennedy` for you:
+
+```python
+from ssh_handler import SSHHandler, SSHConfig, CredentialStore
+
+store = CredentialStore(service="my_test_lab")
+cfg = SSHConfig(
+    host="10.20.30.40",
+    domain="EU", username="nkennedy",
+    password=store.get("EU\\nkennedy"),   # a Secret pulled from the OS vault
+    remote_os="windows",                  # skip the OS probe
+    fast_auth=True,                       # skip key probing -> faster login
+)
+with SSHHandler(cfg) as ssh:
+    print(ssh.run("whoami").stdout)                    # EU\nkennedy
+    print(ssh.run("powershell Get-Service sshd").stdout)
+    ssh.push("report.xlsx", "C:/Users/nkennedy/Desktop/report.xlsx")
+```
+
+Store the password **once** so it's never typed or committed again:
+
+```python
+CredentialStore("my_test_lab").set("EU\\nkennedy", prompt_password())
+# or from the CLI:
+python -m ssh_handler store-credential --user nkennedy --domain EU --service my_test_lab
+```
+
+## Confidential credentials
+
+| Mechanism | What it does |
+|-----------|--------------|
+| `Secret`  | wraps a password; `str()`/`repr()`/logs show `********`; only `.reveal()` exposes it |
+| `mask()`  | redacts secret values from any log line (applied automatically to all logging) |
+| `CredentialStore` | stores/reads passwords in Windows Credential Manager (or macOS Keychain / Secret Service) via `keyring` — **no plaintext on disk** |
+| `prompt_password()` | hidden terminal input |
+
+## Speed
+
+- **`fast_auth`** (default on): when a password is supplied, key/agent probing is skipped —
+  faster logins and no "Too many authentication failures" from the server's `MaxAuthTries`.
+- One SFTP channel is opened lazily and **reused** across operations.
+- SFTP downloads use Paramiko **prefetch** for high throughput.
+- **`SSHPool`** runs the same command/transfer across many hosts in parallel threads.
+- `remote_os="windows"|"linux"` skips the one-time OS-detection probe.
+- `compress=True` for slow/high-latency links; keepalives keep long sessions alive.
+
+## What's covered (Paramiko parity, plus extras)
+
+- **Exec**: `run` (timeout, `check`, pty, env), `run_many`, `sudo` (password via stdin)
+- **Interactive shell**: `open_shell()` → `ShellSession` with `send` / `read_until` / `read_available`
+- **SFTP**: `listdir`, `listdir_attr`, `stat`, `lstat`, `exists`, `isdir`, `mkdir`, `makedirs`,
+  `rmdir`, `remove`, `rename`, `chmod`, `chown`, `symlink`, `readlink`, `open`,
+  `read_text`, `write_text`, `walk`, and `push`/`pull` (recursive, progress, stats)
+- **SCP**: `scp_push` / `scp_pull` (needs the `scp` extra)
+- **FTP/FTPS**: `FTPHandler` (stdlib `ftplib`, no extra dependency)
+- **Jump host / bastion**: `SSHConfig(jump_host=…)` (ProxyJump-style)
+- **Escape hatch**: `ssh.client` and `ssh.transport` expose the raw Paramiko objects
+
+## Result objects
+
+Every action returns structured data, not bare strings:
+
+- `CommandResult` — `exit_code`, `stdout`, `stderr`, `duration`, `host`, `.ok`, `.as_dict()`
+- `TransferResult` — `size_bytes`, `duration`, `speed_bps`, `human_speed`, `files`
+- `ShellResult` — `output`, `matched`, `timed_out`, `duration`
+- `OperationResult` — safe-mode wrapper: `bool(res)`, `res.value`, `res.error`, `res.unwrap()`
+
+## Two error-handling styles
+
+- **Raise (default)** — for tests/scripts. Typed exceptions: `SSHConnectionError`,
+  `SSHAuthenticationError`, `SSHTimeoutError`, `SSHCommandError`, `SSHTransferError`,
+  `FTPError`, `CredentialError` — all subclasses of `SSHError`. **Auto-retry** on connect
+  and **auto-reconnect** on dropped sessions are built in.
+- **Safe mode** (`SSHHandler(cfg, safe=True)`) — for GUIs. Every call returns an
+  `OperationResult` instead of raising, so the event loop never dies. Override per call
+  with `safe=True/False`.
+
+## CLI
+
+```bash
+python -m ssh_handler run   --host H --user U --domain EU uptime
+python -m ssh_handler push  --host H --user U ./build /tmp/build --recursive
+python -m ssh_handler pull  --host H --user U /var/log ./logs --recursive
+python -m ssh_handler info  --host H --user U --json
+python -m ssh_handler run   --host H --user U --use-stored uptime   # vault password
+```
+Password options: `--password` (hidden prompt), `--use-stored` (OS vault), `--key FILE`.
+Add `--json` for machine-readable output.
+
+## PyQt5
+
+`ssh_handler.pyqt_worker.SSHWorker` is a `QObject` wrapping the handler in **safe mode**.
+`moveToThread()` it, connect its signals (`log`, `connected`, `command_done`,
+`transfer_done`, `progress`, `error`, `finished`), and drive it from the GUI — see recipe
+in [examples/examples.py](examples/examples.py).
+
+## Project layout
+
+```
+ssh_handler/
+  config.py       SSHConfig, FTPConfig
+  credentials.py  Secret, CredentialStore, mask, prompt_password
+  core.py         SSHHandler, ShellSession  (SSH + SFTP + SCP)
+  ftp.py          FTPHandler (FTP/FTPS)
+  pool.py         SSHPool (parallel multi-host)
+  cli.py          argparse entry point  (python -m ssh_handler)
+  pyqt_worker.py  SSHWorker (PyQt5, lazy import)
+  results.py      CommandResult, TransferResult, ShellResult, OperationResult
+  exceptions.py   SSHError hierarchy
+examples/examples.py
+tests/test_offline.py     (no network needed)
+```
+
+## Tests
+
+`tests/test_offline.py` validates secret masking, domain-login building, fast-auth
+kwargs, recursive-mkdir logic, transfer math, and both error-handling modes — all offline.
+
+```bash
+python tests/test_offline.py
+```

ssh_handler-1.0.0/README.md

@@ -0,0 +1,163 @@
+# ssh_handler
+
+An extensive **SSH / SFTP / SCP / FTP** handler built on [Paramiko](https://www.paramiko.org/),
+packaged so the *same* code works in three places:
+
+- a **test-automation framework** (raise-on-error, pytest fixtures, parallel fleet ops),
+- a **standalone CLI** (`python -m ssh_handler …`, argument-driven),
+- a **PyQt5 tool** (safe mode + log streaming via Qt signals, off the GUI thread).
+
+Passwords are wrapped in a `Secret` and stored in the **OS credential vault** — they
+never appear in logs, reprs, tracebacks, or on disk in plaintext.
+
+## Install
+
+```bash
+pip install -e .                 # core (paramiko)
+pip install -e ".[all]"          # + keyring, scp, PyQt5
+# or just the pieces you need:
+pip install -e ".[secure]"       # keyring  (confidential password storage)
+pip install -e ".[scp]"          # scp      (SCP-protocol transfers)
+pip install -e ".[gui]"          # PyQt5    (the worker)
+```
+
+## Quick start
+
+```python
+from ssh_handler import SSHHandler, SSHConfig
+
+with SSHHandler(SSHConfig(host="10.0.0.5", username="root", password="pw")) as ssh:
+    print(ssh.run("uptime").stdout)
+    ssh.run("systemctl restart nginx", check=True)     # raises on non-zero exit
+    ssh.push("local.txt", "/tmp/remote.txt")           # SFTP upload
+    ssh.pull("/etc/nginx", "./backup", recursive=True) # recursive download
+```
+
+## Connecting to your RDP / Windows hosts (domain login `EU\nkennedy`)
+
+Those Windows machines need **OpenSSH Server** enabled (Settings → Optional Features →
+"OpenSSH Server", or `Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0`).
+Then you log in with your normal domain credentials.
+
+**Pass `domain` and `username` separately** — never hard-code `"EU\nkennedy"` as a Python
+string, because `\n` becomes a newline. The handler builds `EU\nkennedy` for you:
+
+```python
+from ssh_handler import SSHHandler, SSHConfig, CredentialStore
+
+store = CredentialStore(service="my_test_lab")
+cfg = SSHConfig(
+    host="10.20.30.40",
+    domain="EU", username="nkennedy",
+    password=store.get("EU\\nkennedy"),   # a Secret pulled from the OS vault
+    remote_os="windows",                  # skip the OS probe
+    fast_auth=True,                       # skip key probing -> faster login
+)
+with SSHHandler(cfg) as ssh:
+    print(ssh.run("whoami").stdout)                    # EU\nkennedy
+    print(ssh.run("powershell Get-Service sshd").stdout)
+    ssh.push("report.xlsx", "C:/Users/nkennedy/Desktop/report.xlsx")
+```
+
+Store the password **once** so it's never typed or committed again:
+
+```python
+CredentialStore("my_test_lab").set("EU\\nkennedy", prompt_password())
+# or from the CLI:
+python -m ssh_handler store-credential --user nkennedy --domain EU --service my_test_lab
+```
+
+## Confidential credentials
+
+| Mechanism | What it does |
+|-----------|--------------|
+| `Secret`  | wraps a password; `str()`/`repr()`/logs show `********`; only `.reveal()` exposes it |
+| `mask()`  | redacts secret values from any log line (applied automatically to all logging) |
+| `CredentialStore` | stores/reads passwords in Windows Credential Manager (or macOS Keychain / Secret Service) via `keyring` — **no plaintext on disk** |
+| `prompt_password()` | hidden terminal input |
+
+## Speed
+
+- **`fast_auth`** (default on): when a password is supplied, key/agent probing is skipped —
+  faster logins and no "Too many authentication failures" from the server's `MaxAuthTries`.
+- One SFTP channel is opened lazily and **reused** across operations.
+- SFTP downloads use Paramiko **prefetch** for high throughput.
+- **`SSHPool`** runs the same command/transfer across many hosts in parallel threads.
+- `remote_os="windows"|"linux"` skips the one-time OS-detection probe.
+- `compress=True` for slow/high-latency links; keepalives keep long sessions alive.
+
+## What's covered (Paramiko parity, plus extras)
+
+- **Exec**: `run` (timeout, `check`, pty, env), `run_many`, `sudo` (password via stdin)
+- **Interactive shell**: `open_shell()` → `ShellSession` with `send` / `read_until` / `read_available`
+- **SFTP**: `listdir`, `listdir_attr`, `stat`, `lstat`, `exists`, `isdir`, `mkdir`, `makedirs`,
+  `rmdir`, `remove`, `rename`, `chmod`, `chown`, `symlink`, `readlink`, `open`,
+  `read_text`, `write_text`, `walk`, and `push`/`pull` (recursive, progress, stats)
+- **SCP**: `scp_push` / `scp_pull` (needs the `scp` extra)
+- **FTP/FTPS**: `FTPHandler` (stdlib `ftplib`, no extra dependency)
+- **Jump host / bastion**: `SSHConfig(jump_host=…)` (ProxyJump-style)
+- **Escape hatch**: `ssh.client` and `ssh.transport` expose the raw Paramiko objects
+
+## Result objects
+
+Every action returns structured data, not bare strings:
+
+- `CommandResult` — `exit_code`, `stdout`, `stderr`, `duration`, `host`, `.ok`, `.as_dict()`
+- `TransferResult` — `size_bytes`, `duration`, `speed_bps`, `human_speed`, `files`
+- `ShellResult` — `output`, `matched`, `timed_out`, `duration`
+- `OperationResult` — safe-mode wrapper: `bool(res)`, `res.value`, `res.error`, `res.unwrap()`
+
+## Two error-handling styles
+
+- **Raise (default)** — for tests/scripts. Typed exceptions: `SSHConnectionError`,
+  `SSHAuthenticationError`, `SSHTimeoutError`, `SSHCommandError`, `SSHTransferError`,
+  `FTPError`, `CredentialError` — all subclasses of `SSHError`. **Auto-retry** on connect
+  and **auto-reconnect** on dropped sessions are built in.
+- **Safe mode** (`SSHHandler(cfg, safe=True)`) — for GUIs. Every call returns an
+  `OperationResult` instead of raising, so the event loop never dies. Override per call
+  with `safe=True/False`.
+
+## CLI
+
+```bash
+python -m ssh_handler run   --host H --user U --domain EU uptime
+python -m ssh_handler push  --host H --user U ./build /tmp/build --recursive
+python -m ssh_handler pull  --host H --user U /var/log ./logs --recursive
+python -m ssh_handler info  --host H --user U --json
+python -m ssh_handler run   --host H --user U --use-stored uptime   # vault password
+```
+Password options: `--password` (hidden prompt), `--use-stored` (OS vault), `--key FILE`.
+Add `--json` for machine-readable output.
+
+## PyQt5
+
+`ssh_handler.pyqt_worker.SSHWorker` is a `QObject` wrapping the handler in **safe mode**.
+`moveToThread()` it, connect its signals (`log`, `connected`, `command_done`,
+`transfer_done`, `progress`, `error`, `finished`), and drive it from the GUI — see recipe
+in [examples/examples.py](examples/examples.py).
+
+## Project layout
+
+```
+ssh_handler/
+  config.py       SSHConfig, FTPConfig
+  credentials.py  Secret, CredentialStore, mask, prompt_password
+  core.py         SSHHandler, ShellSession  (SSH + SFTP + SCP)
+  ftp.py          FTPHandler (FTP/FTPS)
+  pool.py         SSHPool (parallel multi-host)
+  cli.py          argparse entry point  (python -m ssh_handler)
+  pyqt_worker.py  SSHWorker (PyQt5, lazy import)
+  results.py      CommandResult, TransferResult, ShellResult, OperationResult
+  exceptions.py   SSHError hierarchy
+examples/examples.py
+tests/test_offline.py     (no network needed)
+```
+
+## Tests
+
+`tests/test_offline.py` validates secret masking, domain-login building, fast-auth
+kwargs, recursive-mkdir logic, transfer math, and both error-handling modes — all offline.
+
+```bash
+python tests/test_offline.py
+```

ssh_handler-1.0.0/pyproject.toml

@@ -0,0 +1,26 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "ssh-handler"
+version = "1.0.0"
+description = "Extensive SSH/SFTP/SCP/FTP handler built on Paramiko, for test automation, CLIs and PyQt5 tools."
+readme = "README.md"
+requires-python = ">=3.8"
+authors = [{ name = "Naveen" }]
+dependencies = [
+    "paramiko>=3.0",
+]
+
+[project.optional-dependencies]
+secure = ["keyring>=23.0"]   # OS credential vault for confidential passwords
+scp = ["scp>=0.14"]          # SCP-protocol transfers (SFTP works without it)
+gui = ["PyQt5>=5.15"]        # PyQt5 worker integration
+all = ["keyring>=23.0", "scp>=0.14", "PyQt5>=5.15"]
+
+[project.scripts]
+ssh-handler = "ssh_handler.cli:main"
+
+[tool.setuptools]
+packages = ["ssh_handler"]

ssh_handler-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

ssh_handler-1.0.0/ssh_handler/__init__.py

@@ -0,0 +1,52 @@
+"""
+ssh_handler
+===========
+
+An extensive SSH / SFTP / SCP / FTP handler built on Paramiko, usable from a
+test-automation framework, a standalone CLI, or a PyQt5 tool.
+
+Quick start
+-----------
+    from ssh_handler import SSHHandler, SSHConfig
+
+    with SSHHandler(SSHConfig(host="10.0.0.5", domain="EU",
+                              username="nkennedy", password="…")) as ssh:
+        print(ssh.run("hostname").stdout)
+        ssh.push("local.txt", "/tmp/remote.txt")
+        ssh.pull("/var/log/syslog", "syslog.txt")
+
+The password is wrapped in a Secret and never appears in logs or reprs.
+``pyqt_worker`` and the ``scp`` extra are imported lazily, so missing optional
+dependencies (PyQt5 / scp) don't break the core package.
+"""
+
+from __future__ import annotations
+
+__version__ = "1.0.0"
+
+from .config import SSHConfig, FTPConfig
+from .core import SSHHandler, ShellSession
+from .ftp import FTPHandler
+from .pool import SSHPool
+from .credentials import Secret, CredentialStore, prompt_password, mask
+from .results import CommandResult, TransferResult, ShellResult, OperationResult
+from .exceptions import (
+    SSHError,
+    SSHConnectionError,
+    SSHAuthenticationError,
+    SSHTimeoutError,
+    SSHCommandError,
+    SSHTransferError,
+    SSHNotConnectedError,
+    FTPError,
+    CredentialError,
+)
+
+__all__ = [
+    "SSHHandler", "ShellSession", "SSHConfig", "FTPConfig", "FTPHandler",
+    "SSHPool", "Secret", "CredentialStore", "prompt_password", "mask",
+    "CommandResult", "TransferResult", "ShellResult", "OperationResult",
+    "SSHError", "SSHConnectionError", "SSHAuthenticationError",
+    "SSHTimeoutError", "SSHCommandError", "SSHTransferError",
+    "SSHNotConnectedError", "FTPError", "CredentialError", "__version__",
+]

ssh_handler-1.0.0/ssh_handler/__main__.py

@@ -0,0 +1,5 @@
+"""Enables `python -m ssh_handler ...`."""
+from .cli import main
+
+if __name__ == "__main__":
+    raise SystemExit(main())

ssh_handler-1.0.0/ssh_handler/cli.py

@@ -0,0 +1,152 @@
+"""
+Standalone command-line entry point.
+
+    python -m ssh_handler run   --host H --user U [--domain EU] CMD...
+    python -m ssh_handler push  --host H --user U LOCAL REMOTE [--recursive]
+    python -m ssh_handler pull  --host H --user U REMOTE LOCAL [--recursive]
+    python -m ssh_handler info  --host H --user U
+
+Credentials (password never echoed, never stored in plaintext):
+    --password           prompt interactively (hidden)
+    --use-stored         read from the OS credential vault
+    --store-credential   save to the OS vault, then exit
+    --key FILE           use a private key instead of a password
+"""
+
+from __future__ import annotations
+
+import sys
+import json
+import argparse
+
+from .config import SSHConfig
+from .core import SSHHandler
+from .credentials import CredentialStore, prompt_password, Secret
+from .exceptions import SSHError
+from .results import CommandResult, TransferResult
+
+
+def _add_conn_args(p: argparse.ArgumentParser) -> None:
+    p.add_argument("--host", required=True)
+    p.add_argument("--port", type=int, default=22)
+    p.add_argument("--user", required=True)
+    p.add_argument("--domain", default=None, help="e.g. EU for EU\\user logins")
+    p.add_argument("--key", default=None, help="private key file")
+    p.add_argument("--password", action="store_true",
+                   help="prompt for password (hidden input)")
+    p.add_argument("--use-stored", action="store_true",
+                   help="read password from the OS credential vault")
+    p.add_argument("--service", default="ssh_handler",
+                   help="credential-vault namespace")
+    p.add_argument("--timeout", type=float, default=None)
+    p.add_argument("--no-fast-auth", action="store_true")
+    p.add_argument("--json", action="store_true", help="emit machine-readable JSON")
+
+
+def _resolve_password(args, login_user: str) -> Secret | None:
+    if args.use_stored:
+        store = CredentialStore(args.service)
+        sec = store.get(login_user)
+        if sec is None:
+            print(f"No stored credential for {login_user!r} in service "
+                  f"{args.service!r}.", file=sys.stderr)
+            sys.exit(2)
+        return sec
+    if args.password:
+        return prompt_password(f"Password for {login_user}: ")
+    return None
+
+
+def _build_config(args) -> SSHConfig:
+    login_user = f"{args.domain}\\{args.user}" if args.domain else args.user
+    return SSHConfig(
+        host=args.host, port=args.port, username=args.user, domain=args.domain,
+        password=_resolve_password(args, login_user),
+        key_filename=args.key, command_timeout=args.timeout,
+        fast_auth=not args.no_fast_auth,
+    )
+
+
+def _output(args, obj) -> None:
+    if args.json:
+        if isinstance(obj, (CommandResult, TransferResult)):
+            print(json.dumps(obj.as_dict(), default=str, indent=2))
+        else:
+            print(json.dumps(obj, default=str, indent=2))
+    else:
+        print(obj)
+
+
+def main(argv=None) -> int:
+    parser = argparse.ArgumentParser(prog="ssh_handler",
+                                     description="Extensive SSH/SFTP/SCP handler CLI")
+    sub = parser.add_subparsers(dest="cmd", required=True)
+
+    # store-credential (no connection)
+    sc = sub.add_parser("store-credential", help="save a password to the OS vault")
+    sc.add_argument("--user", required=True)
+    sc.add_argument("--domain", default=None)
+    sc.add_argument("--service", default="ssh_handler")
+
+    p_run = sub.add_parser("run", help="execute a remote command")
+    _add_conn_args(p_run)
+    p_run.add_argument("command", nargs=argparse.REMAINDER)
+
+    p_push = sub.add_parser("push", help="upload a file/dir (SFTP)")
+    _add_conn_args(p_push)
+    p_push.add_argument("local")
+    p_push.add_argument("remote")
+    p_push.add_argument("--recursive", action="store_true")
+
+    p_pull = sub.add_parser("pull", help="download a file/dir (SFTP)")
+    _add_conn_args(p_pull)
+    p_pull.add_argument("remote")
+    p_pull.add_argument("local")
+    p_pull.add_argument("--recursive", action="store_true")
+
+    p_info = sub.add_parser("info", help="connect and report remote OS")
+    _add_conn_args(p_info)
+
+    args = parser.parse_args(argv)
+
+    # store-credential is handled without a connection
+    if args.cmd == "store-credential":
+        login_user = f"{args.domain}\\{args.user}" if args.domain else args.user
+        store = CredentialStore(args.service)
+        store.set(login_user, prompt_password(f"Password to store for {login_user}: "))
+        print(f"Stored credential for {login_user!r} in service {args.service!r}.")
+        return 0
+
+    try:
+        with SSHHandler(_build_config(args)) as ssh:
+            if args.cmd == "run":
+                cmd = " ".join(args.command).strip()
+                if not cmd:
+                    print("No command given.", file=sys.stderr)
+                    return 2
+                res = ssh.run(cmd, timeout=args.timeout)
+                if not args.json:
+                    if res.stdout:
+                        sys.stdout.write(res.stdout)
+                    if res.stderr:
+                        sys.stderr.write(res.stderr)
+                    return res.exit_code
+                _output(args, res)
+                return res.exit_code
+            elif args.cmd == "push":
+                _output(args, ssh.push(args.local, args.remote,
+                                       recursive=args.recursive))
+            elif args.cmd == "pull":
+                _output(args, ssh.pull(args.remote, args.local,
+                                       recursive=args.recursive))
+            elif args.cmd == "info":
+                _output(args, {"host": args.host, "remote_os": ssh.detect_os(),
+                               "connected": ssh.is_connected})
+        return 0
+    except SSHError as exc:
+        print(f"ERROR: {exc}", file=sys.stderr)
+        return 1
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())