ssh2_connect

(PECL ssh2 >= 0.9.0)

ssh2_connect — Connect to an SSH server

说明

resource ssh2_connect ( string $host [, int $port = 22 [, array $methods [, array $callbacks ]]] )

Establish a connection to a remote SSH server.

Once connected, the client should verify the server's hostkey using ssh2_fingerprint(), then authenticate using either password or public key.

参数

host

port

methods

methods may be an associative array with up to four parameters as described below.

*`methods`* may be an associative array with any or all of the following parameters.
Index	Meaning	Supported Values*
kex	List of key exchange methods to advertise, comma separated in order of preference.	diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, and diffie-hellman-group-exchange-sha1
hostkey	List of hostkey methods to advertise, comma separated in order of preference.	ssh-rsa and ssh-dss
client_to_server	Associative array containing crypt, compression, and message authentication code (MAC) method preferences for messages sent from client to server.
server_to_client	Associative array containing crypt, compression, and message authentication code (MAC) method preferences for messages sent from server to client.

* - Supported Values are dependent on methods supported by underlying library. See » libssh2 documentation for additional information.

*`client_to_server`* and *`server_to_client`* may be an associative array with any or all of the following parameters.
Index	Meaning	Supported Values*
crypt	List of crypto methods to advertise, comma separated in order of preference.	rijndael-cbc@lysator.liu.se, aes256-cbc, aes192-cbc, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, arcfour, and none**
comp	List of compression methods to advertise, comma separated in order of preference.	zlib and none
mac	List of MAC methods to advertise, comma separated in order of preference.	hmac-sha1, hmac-sha1-96, hmac-ripemd160, hmac-ripemd160@openssh.com, and none**

Note: Crypt and MAC method "none"

For security reasons, none is disabled by the underlying » libssh2 library unless explicitly enabled during build time by using the appropriate ./configure options. See documentation for the underlying library for more information.

callbacks

callbacks may be an associative array with any or all of the following parameters.

**Callbacks parameters**
Index	Meaning	Prototype
ignore	Name of function to call when an `SSH2_MSG_IGNORE` packet is received	void ignore_cb($message)
debug	Name of function to call when an `SSH2_MSG_DEBUG` packet is received	void debug_cb($message, $language, $always_display)
macerror	Name of function to call when a packet is received but the message authentication code failed. If the callback returns `TRUE`, the mismatch will be ignored, otherwise the connection will be terminated.	bool macerror_cb($packet)
disconnect	Name of function to call when an `SSH2_MSG_DISCONNECT` packet is received	void disconnect_cb($reason, $message, $language)

返回值

Returns a resource on success, or FALSE on error.

范例

Example #1 ssh2_connect() example

Open a connection forcing 3des-cbc when sending packets, any strength aes cipher when receiving packets, no compression in either direction, and Group1 key exchange.


<?php
/* Notify the user if the server terminates the connection */
function my_ssh_disconnect($reason, $message, $language) {
  printf("Server disconnected with reason code [%d] and message: %s\n",
         $reason, $message);
}

$methods = array(
  'kex' => 'diffie-hellman-group1-sha1',
  'client_to_server' => array(
    'crypt' => '3des-cbc',
    'comp' => 'none'),
  'server_to_client' => array(
    'crypt' => 'aes256-cbc,aes192-cbc,aes128-cbc',
    'comp' => 'none'));

$callbacks = array('disconnect' => 'my_ssh_disconnect');

$connection = ssh2_connect('shell.example.com', 22, $methods, $callbacks);
if (!$connection) die('Connection failed');
?>

参见

ssh2_fingerprint() - Retrieve fingerprint of remote server
ssh2_auth_none() - Authenticate as "none"
ssh2_auth_password() - Authenticate over SSH using a plain password
ssh2_auth_pubkey_file() - Authenticate using a public key

用户评论:

Steve Kamerman (2011-07-05 15:06:07)

Due to a lack of complete examples, here's a simple SSH2 class for connecting to a server, authenticating with public key authentication, verifying the server's fingerprint, issuing commands and reading their STDOUT and properly disconnecting. Note: You may need to make sure you commands produce output so the response can be pulled. Some people suggest that the command is not executed until you pull the response back. <?php class NiceSSH { // SSH Host private $ssh_host = 'myserver.example.com'; // SSH Port private $ssh_port = 22; // SSH Server Fingerprint private $ssh_server_fp = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; // SSH Username private $ssh_auth_user = 'username'; // SSH Public Key File private $ssh_auth_pub = '/home/username/.ssh/id_rsa.pub'; // SSH Private Key File private $ssh_auth_priv = '/home/username/.ssh/id_rsa'; // SSH Private Key Passphrase (null == no passphrase) private $ssh_auth_pass; // SSH Connection private $connection; public function connect() { if (!($this->connection = ssh2_connect($this->ssh_host, $this->ssh_port))) { throw new Exception('Cannot connect to server'); } $fingerprint = ssh2_fingerprint($this->connection, SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX); if (strcmp($this->ssh_server_fp, $fingerprint) !== 0) { throw new Exception('Unable to verify server identity!'); } if (!ssh2_auth_pubkey_file($this->connection, $this->ssh_auth_user, $this->ssh_auth_pub, $this->ssh_auth_priv, $this->ssh_auth_pass)) { throw new Exception('Autentication rejected by server'); } } public function exec($cmd) { if (!($stream = ssh2_exec($this->connection, $cmd))) { throw new Exception('SSH command failed'); } stream_set_blocking($stream, true); $data = ""; while ($buf = fread($stream, 4096)) { $data .= $buf; } fclose($stream); return $data; } public function disconnect() { $this->exec('echo "EXITING" && exit;'); $this->connection = null; } public function __destruct() { $this->disconnect(); } } ?> [EDIT BY danbrown AT php DOT net: Contains two bugfixes suggested by 'AlainC' in user note #109185 (removed) on 26-JUN-2012.]

suri dot suribala dot com (2005-02-24 05:00:09)

With Sara's help, I have the following SS2 class that is quite flexible. If anyone improves it, please feel free to let me know. <?php // ssh protocols // note: once openShell method is used, cmdExec does not work class ssh2 { private $host = 'host'; private $user = 'user'; private $port = '22'; private $password = 'password'; private $con = null; private $shell_type = 'xterm'; private $shell = null; private $log = ''; function __construct($host='', $port='' ) { if( $host!='' ) $this->host = $host; if( $port!='' ) $this->port = $port; $this->con = ssh2_connect($this->host, $this->port); if( !$this->con ) { $this->log .= "Connection failed !"; } } function authPassword( $user = '', $password = '' ) { if( $user!='' ) $this->user = $user; if( $password!='' ) $this->password = $password; if( !ssh2_auth_password( $this->con, $this->user, $this->password ) ) { $this->log .= "Authorization failed !"; } } function openShell( $shell_type = '' ) { if ( $shell_type != '' ) $this->shell_type = $shell_type; $this->shell = ssh2_shell( $this->con, $this->shell_type ); if( !$this->shell ) $this->log .= " Shell connection failed !"; } function writeShell( $command = '' ) { fwrite($this->shell, $command."\n"); } function cmdExec( ) { $argc = func_num_args(); $argv = func_get_args(); $cmd = ''; for( $i=0; $i<$argc ; $i++) { if( $i != ($argc-1) ) { $cmd .= $argv[$i]." && "; }else{ $cmd .= $argv[$i]; } } echo $cmd; $stream = ssh2_exec( $this->con, $cmd ); stream_set_blocking( $stream, true ); return fread( $stream, 4096 ); } function getLog() { return $this->log; } } ?>