Phpseclib - How to Connect Using Username, Key and Password (Not a Key Passphrase)

  • Home
  • Languages
  • PHP
  • Phpseclib - How to Connect Using Username, Key and Password (Not a Key Passphrase)

PHPSecLib Password protected RSA and user authentication

There is an example specifying how to load a password protected key file on the phpseclib website. Note the line $key->setPassword('whatever');

<?php
include('Net/SSH2.php');
include('Crypt/RSA.php');

$ssh = new Net_SSH2('www.domain.tld');
$key = new Crypt_RSA();
$key->setPassword('whatever');
$key->loadKey(file_get_contents('privatekey'));
if (!$ssh->login('username', $key)) {
    exit('Login Failed');
}

echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');

Keep in mind you're not sending the password to the server. You just need the password in order to successfully load the key file. Then the username and key are sent to the server to authenticate you.

Can not login using phpseclib with RSA keys?

From your post:

$key = new Crypt_RSA();
$key->loadKey('key');
echo file_get_contents('key');

$key->loadKey('key'); isn't expecting a filename - it's expecting the actual key. So if you're having to do file_get_contents('key') to show the actual key then you'll have to do $key->loadKey(file_get_contents('key')).

Also, you need to supply loadKey with the private key - not the public key. It looks like you're not because the key you did post has -----BEGIN RSA PUBLIC KEY----- in it. The private key is needed because that's how you verify your identity. You sign with the private key, the server verifies with the public key.

PHPSeclib Proxy send username and password as arguments

Quoting https://github.com/phpseclib/phpseclib/issues/1339#issuecomment-462224179:

With authorization:


$fsock = fsockopen('127.0.0.1', 80, $errno, $errstr, 1);
if (!$fsock) {
    echo $errstr; exit;
}
fputs($fsock, "CONNECT website.com:22 HTTP/1.0\r\n");
fputs($fsock, "Proxy-Authorization: Basic " . base64_encode('user:pass') . "\r\n");
fputs($fsock, "\r\n");
while ($line = fgets($fsock, 1024)) {
    if ($line == "\r\n") {
        break;
    }
    //echo $line;
}    
$ssh = new Net_SSH2($fsock);
$ssh->login('user', 'pass');
echo $ssh->exec('ls -latr');

If that doesn't work then run the script and tell me what the headers you get back are. Digest authentication is more of a PITA then Basic but it's not impossible.

More info on how authorization works with HTTP proxies:

https://www.rfc-editor.org/rfc/rfc7235#section-4.3

Integrating PHP, SSH and ssh-agent

Per neubert, what I had to do was add this line to Connection.php and I was able to get agent-based authentication to work:

$this->client->setPreferredAlgorithms(['hostkey' => ['ssh-rsa']]);

I still can't get key-based authentication to work, but I don't care about that as much.


Related Topics

Find and Replace Keywords by Hyperlinks in an HTML Fragment, via PHP Dom

Prevent Browser Back Button Cache

Iterating Through a Stdclass Object in PHP

Cannot Initialize Mbstring with PHP 7

Laravel Changing Timezone Not Reflecting the Correct Time

In PHP, Is There Any Harm in Running Session_Start() Multiple Times

Regular Expression: Find Range Except for One Letter or a Range

PHP Array to Postgres Array

How to Upload Image PHP and Insert Path in MySQL

Read the Longest String from an Array in PHP 5.3

Minify/Obfuscate PHP Code

Check How Many Times Specific Value in Array PHP

Multidimensional Array Difference PHP

How to Parse HTML Table Using PHP

Saving Div Contents or Canvas as Image

PHP - Session Per Tab

How to Determine the Extension(S) Associated with a Mime Type in PHP

How to Implement Exchange Rate in PHP


Leave a reply



Submit