Using python, I'm making an SSH connection using paramiko and I'm sending a command which starts a tcpdump acquisition.
command="tcpdump -i enp8s0f2 -w test_tcpdump.pcap"
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
ssh.connect(IP, username=USER_GW, password=PSW_GW,look_for_keys=False, banner_timeout=200, timeout=200, auth_timeout=200)
ssh.exec_command(command, timeout=60)
time.sleep(10)
ssh.close()
I saw that even if I'm closing the SSH connection the tcpdump continues to work. Is there a way to stop it? I've also tried to send this command but without success:
ssh.exec_command("kill", timeout=60)
You may kill process afterwards using kill command and the process id:
kill -9 $(pgrep -f tcpdump)