I use a friends server that allows only one user to be logged from SSH, so normally I just log in as that user and then do su -l myuser to change accounts. I wanted to automate some boring stuff using Python, but I ran into problems with that. Apparently Paramiko module that I tried first invokes a single shell for every command, so that was out of the question. Later I tried using invoke_shell() to overcome that, but it still failed (I assume it's because changing user changes shell as well).

After that I found about Fabric module, but best I could do is open SSH shell with a proper user logged in, but without option to run any commands from code.

Is there any way to accomplish that? Final goal would probably look something like this:

ssh.login(temp_user, pass)
ssh.command("su -l myuser")
expect("Password: ", ssh.send("mypass\n")
ssh.command("somescript.sh > datadump.txt")

Using sudo is impossible, as well as adding passwordless login.

As suggested here is the code that I tried with Paramiko:

import paramiko

host = "hostip"
user = "user"
user_to_log = "myuser"
password = "pass"
password_to_log = "mypass"

login_command = "su -l " + user_to_log

ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostip, username=user, 
    password=password)    

transport = ssh.get_transport()
session = transport.open_session()
session.set_combine_stderr(True)
session.get_pty()


session.exec_command("su -l " + user_to_log)
stdin = session.makefile('wb', -1)


stdin.write(password_to_log +'\n')
stdin.flush()

session.exec_command("whoami")
stdout = session.makefile('rb', -1)

for line in stdout.read().splitlines():        
    print('host: %s: %s' % (host, line))

su -c command won't work either, since server system doesn't support that option.

General disclaimers first (to others who stumble upon this question):

• Using su is not the right solution. su is a tool intended for an interactive use, not for an automation. The correct solution is to login with the correct account directly.

  Or at at least use a password-less sudo.

• If you are stuck with su, on most systems you can use -c switch to su to specify a command:

  su -c "whoami" user
  

  See also How to run sudo with paramiko? (Python)

If none of the above is feasible (and you really tried hard to make the admin enable some of the options above):

As the last resort option, you can write the command to a standard input of the su, the same way you already write a password (another thing not to do):

stdin, stdout, stderr = session.exec_command("su -l " + user_to_log)

stdin.write(password_to_log + '\n')
stdin.flush()

command = 'whoami'
stdin.write(command + '\n')
stdin.flush()

(also note that it's redundant to call makefile, as exec_command already returns that)

Note that your question is not about which SSH client library to use. It does not matter if you use Paramiko or other. This all is actually a general SSH/shell question.