Trying to connect using ssh2_auth_pubkey_file()
This is a known bug in php: password protected private key cannot be used on certain combinaisons.
See: https://bugs.php.net/bug.php?id=58573
ssh2_auth_pubkey_file() is broken when the public key file is protected with a password AND libssh2 is compiled with libgcrypt, which is what debian/ubuntu and probably others do. I'm working on a solution for this bug, but if you need this working rebuild libssh2 yourself with OpenSSL.
A workaround may be to store the private key unencrypted. To decrypt the key:
openssl rsa -in id_rsa -out id_rsaNOPASSWORD
and then use the file id_rsaNOPASSWORD without supplying the fifth parameter 'passphrase'. It works, but you'll have to be careful with your decrypted key file. Anyway, the level of security is not really terribly affected, because even with an encrypted key, you would still need to pass the passphrase unencrypted to the ssh2_auth_pubkey_file function ...
Hope it helps.
Tony L.
I am a programmer always sharping my knowledge. I like to play soccer and ultimate frisbee, watch movies, read books, hang out with friends, and surf the net.
Updated on July 20, 2022Comments
-
Tony L. almost 2 years
I am trying to make a php script that runs on the terminal that would connect to a remote server by ssh and retrieve a file. this is my code so far
#!/usr/bin/php -q <?php $cwd = dirname(__FILE__).'/'; $filename = 'retrive-this.file'; $host = 'hostip'; $connection = ssh2_connect($host, 22, array('hostkey'=>'ssh-rsa')); $methods = ssh2_auth_pubkey_file($connection, 'remoteuser', $cwd.'ssh/id_rsa.pub', $cwd.'ssh/id_rsa', "it's an inception"); var_dump($methods); //ssh2_scp_recv($connection, "/remote/server/path/to/$filename", $cwd.$filename); ?>for now I am having problems with the
ssh2_auth_pubkey_file()function, when I run the script it returns this:PHP Warning: ssh2_auth_pubkey_file(): Authentication failed for remoteuser using public key in /home/tonyl/Projects/get-file-ssh.php on line 10 bool(false)The key files have permission
-rw-r--r--(644). Also the public key is already added to the remoteuser's authorized keys. I am able to ssh using the ssh command as normal, so I don't think it is a ssh authorization problem, but who knows. I am new to ssh and the ssh2 php library.I can connect using
ssh2_auth_password()if I enable it in the remote sshd_config file, but I don't want to do that since it decreases security tranfer.Any ideas of what I can do.
-
Tony L. over 12 yearsThe code
$cwd = dirname(__FILE__).'/';does return the right directory:/home/tonyl/Projects/I don't think that is the problem and neitherdirname()since I am using it for local folder, not for the remote folder. Thanks for the help though, I think I am going to see if there is a bug report about the C library or PHP's -
devasia2112 over 12 yearsIn doubt just use your path like this -> /home/user/dir/ 'cause the problem is not your path it is the ssh2_auth_pubkey_file php function. I'm stacked here with the same f**** problem -
MicE almost 12 yearsDid you guys manage to find a solution? I'm stuck with the same problem here. Is you key using a
secret? If so, one likely candidate that's causing this is bug bugs.php.net/bug.php?id=58573 -
neubert over 8 yearsYou could just use phpseclib.sourceforge.net . Not only does it not have this issue - it supports more key formats than PHP's SSH extension - PuTTY, PKCS8, PKCS1, XML, passwords, no passwords, etc.
