| Re: How to etablish an SSH2 tunnel with php ? [message #177520 is a reply to message #177516] |
Thu, 05 April 2012 12:10  |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 4/4/2012 4:36 AM, Jason Playne wrote:
> On Sunday, April 1, 2012 12:40:09 AM UTC+8, Une Bévue wrote:
>> The purpose is to query a remote PostgreSQL database via an ssh tunnel.
>>
>> If i do the tunnel "by hand" from terminal using :
>> $ ssh -L 3333:localhost:5432 yt@iMac
>>
>> then, i can query a remote database :
>> $host="localhost";
>> $port=3333;
>> $username='yt';
>> $password='topsecret';
>> $db = new PDO("pgsql:dbname=$dbname;host=$host;port=$port",
>> $username, $password );
>> $ret=$db->query('SELECT * FROM categories;');
>> if($ret){
>> while($row=$ret->fetch()){
>> print_r($row);
>> }
>> }else{
>> echo 'Error';
>> }
>>
>> i've installes libssh2 for PHP on this computer, here is part of my
>> info.php :
>>
>> SSH2 support enabled
>> extension version 0.11.2
>> libssh2 version 1.2.6
>> banner SSH-2.0-libssh2_1.2.6
>> remote forwarding enabled
>> hostbased auth enabled
>> polling support enabled
>> publickey subsystem enabled
>>
>> however, even if i can "connect", authentification fail, either using
>> password or keys...
>>
>> the code used :
>> function connect_to($machine)
>> {
>> $connection=@ssh2_connect($machine, 22, array("hostkey"=>"ssh-dsa"));
>> if(!$connection){
>> echo "No connection.
>> \n";
>> return false;
>> } else {
>> echo "Connection établie.
>> \n";
>> }
>>
>> $fingerprint=@ssh2_fingerprint($connection, SSH2_FINGERPRINT_MD5 |
>> SSH2_FINGERPRINT_HEX);
>> echo "\$fingerprint = $fingerprint
>> \n";
>>
>> /* Utilisation de public/private key */
>> if(@ssh2_auth_pubkey_file($connection, "yt",
>> '/home/yt/.ssh/id_dsa.pub', '/home/yt/.ssh/id_dsa',
>> 'my -valid- passphrase')){
>> echo "Authentification réussie.
>> \n";
>> return array($connection,$fingerprint);
>> } else {
>> echo "Échec de l'authentification.
>> \n";
>> return false;
>> }
>> }
>>
>> notice i get "Connection établie" and also the fingerprint.
>>
>> if after the print out of fingerprint i try a command i get nothing
>> after an amout of time but without error :
>> $stdout_stream=@ssh2_exec($connection, 'ls -al');
>
>
>
> On Sunday, April 1, 2012 12:40:09 AM UTC+8, Une Bévue wrote:
>> The purpose is to query a remote PostgreSQL database via an ssh tunnel.
>>
>> If i do the tunnel "by hand" from terminal using :
>> $ ssh -L 3333:localhost:5432 yt@iMac
>>
>> then, i can query a remote database :
>> $host="localhost";
>> $port=3333;
>> $username='yt';
>> $password='topsecret';
>> $db = new PDO("pgsql:dbname=$dbname;host=$host;port=$port",
>> $username, $password );
>> $ret=$db->query('SELECT * FROM categories;');
>> if($ret){
>> while($row=$ret->fetch()){
>> print_r($row);
>> }
>> }else{
>> echo 'Error';
>> }
>>
>> i've installes libssh2 for PHP on this computer, here is part of my
>> info.php :
>>
>> SSH2 support enabled
>> extension version 0.11.2
>> libssh2 version 1.2.6
>> banner SSH-2.0-libssh2_1.2.6
>> remote forwarding enabled
>> hostbased auth enabled
>> polling support enabled
>> publickey subsystem enabled
>>
>> however, even if i can "connect", authentification fail, either using
>> password or keys...
>>
>> the code used :
>> function connect_to($machine)
>> {
>> $connection=@ssh2_connect($machine, 22, array("hostkey"=>"ssh-dsa"));
>> if(!$connection){
>> echo "No connection.
>> \n";
>> return false;
>> } else {
>> echo "Connection établie.
>> \n";
>> }
>>
>> $fingerprint=@ssh2_fingerprint($connection, SSH2_FINGERPRINT_MD5 |
>> SSH2_FINGERPRINT_HEX);
>> echo "\$fingerprint = $fingerprint
>> \n";
>>
>> /* Utilisation de public/private key */
>> if(@ssh2_auth_pubkey_file($connection, "yt",
>> '/home/yt/.ssh/id_dsa.pub', '/home/yt/.ssh/id_dsa',
>> 'my -valid- passphrase')){
>> echo "Authentification réussie.
>> \n";
>> return array($connection,$fingerprint);
>> } else {
>> echo "Échec de l'authentification.
>> \n";
>> return false;
>> }
>> }
>>
>> notice i get "Connection établie" and also the fingerprint.
>>
>> if after the print out of fingerprint i try a command i get nothing
>> after an amout of time but without error :
>> $stdout_stream=@ssh2_exec($connection, 'ls -al');
>
>
>
> On Sunday, April 1, 2012 12:40:09 AM UTC+8, Une Bévue wrote:
>> The purpose is to query a remote PostgreSQL database via an ssh tunnel.
>>
>> If i do the tunnel "by hand" from terminal using :
>> $ ssh -L 3333:localhost:5432 yt@iMac
>>
>> then, i can query a remote database :
>> $host="localhost";
>> $port=3333;
>> $username='yt';
>> $password='topsecret';
>> $db = new PDO("pgsql:dbname=$dbname;host=$host;port=$port",
>> $username, $password );
>> $ret=$db->query('SELECT * FROM categories;');
>> if($ret){
>> while($row=$ret->fetch()){
>> print_r($row);
>> }
>> }else{
>> echo 'Error';
>> }
>>
>> i've installes libssh2 for PHP on this computer, here is part of my
>> info.php :
>>
>> SSH2 support enabled
>> extension version 0.11.2
>> libssh2 version 1.2.6
>> banner SSH-2.0-libssh2_1.2.6
>> remote forwarding enabled
>> hostbased auth enabled
>> polling support enabled
>> publickey subsystem enabled
>>
>> however, even if i can "connect", authentification fail, either using
>> password or keys...
>>
>> the code used :
>> function connect_to($machine)
>> {
>> $connection=@ssh2_connect($machine, 22, array("hostkey"=>"ssh-dsa"));
>> if(!$connection){
>> echo "No connection.
>> \n";
>> return false;
>> } else {
>> echo "Connection établie.
>> \n";
>> }
>>
>> $fingerprint=@ssh2_fingerprint($connection, SSH2_FINGERPRINT_MD5 |
>> SSH2_FINGERPRINT_HEX);
>> echo "\$fingerprint = $fingerprint
>> \n";
>>
>> /* Utilisation de public/private key */
>> if(@ssh2_auth_pubkey_file($connection, "yt",
>> '/home/yt/.ssh/id_dsa.pub', '/home/yt/.ssh/id_dsa',
>> 'my -valid- passphrase')){
>> echo "Authentification réussie.
>> \n";
>> return array($connection,$fingerprint);
>> } else {
>> echo "Échec de l'authentification.
>> \n";
>> return false;
>> }
>> }
>>
>> notice i get "Connection établie" and also the fingerprint.
>>
>> if after the print out of fingerprint i try a command i get nothing
>> after an amout of time but without error :
>> $stdout_stream=@ssh2_exec($connection, 'ls -al');
>
> You can always generate a script to run on the remove server and run it over ssh.
>
> e.g.
> cat> /tmp/yarwoot1
> #!/usr/bin/php
> <?php
>
> $sql = "select * from yar";
> ...
>
>
> and then from your app
>
> <?php
>
> $out = shell_exec("ssh -iidentityfile user@host /tmp/yarwoot1");
> // do something with $out here
Maybe. Many hosts have disabled shell_exec(), or if it's enabled, the
web user has very little few privileges. Also, depending on what it
does, there could be security concerns when running from a web page (web
pages are typically less secure than an SSH tunnel).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]