带有私有RSA密钥登录失败的phpseclib 2.0.12 SFTP
[英]phpseclib 2.0.12 SFTP with private RSA key login failure
问题描述
I use phpseclib to log in to an SFTP server using a RSA private key. 
我使用phpseclib通过RSA私钥登录到SFTP服务器。 I'm upgrading from phpseclib 1.0 on PHP 5.3 to phpseclib 2.0.12 on PHP 7.2. 我正在从PHP 5.3上的phpseclib 1.0升级到PHP 7.2上的phpseclib 2.0.12。 The old code on PHP5 works just fine, but the upgraded version fails to log in, resulting in the following error message: 1024 Connection closed prematurely in SSH2.php on line 3939. Here are the two different versions: PHP5上的旧代码可以正常工作,但是升级版无法登录,从而导致以下错误消息:1024连接在3939行的SSH2.php中过早关闭。这是两个不同的版本:
OLD phpseclib1.0 on PHP5.3 CODE (working): PHP5.3代码上的旧phpseclib1.0(有效):
$key = new Crypt_RSA();
$key->loadKey(file_get_contents('rsaprivate.key'));
$sftp = new Net_SFTP('urltosftpserver');
$sftp->login('username', $key)
NEW phpseclib 2.0.12 on PHP7.2 CODE (failing): PHP7.2代码上的新phpseclib 2.0.12(失败):
$key = new phpseclib\Crypt\RSA();
$key->loadKey(file_get_contents(__DIR__.'/rsaprivate.key'));
$sftp = new phpseclib\Net\SFTP('urltosftpserver');
$sftp->_privatekey_login("username", $key);
When I look at the value of $key, they don't match in the two different versions of my code. 当我查看$ key的值时,它们在我的代码的两个不同版本中不匹配。 phpseclib1.0 creates integers for value, and phpseclib2.0 creates hex numbers. phpseclib1.0创建值的整数,而phpseclib2.0创建十六进制数。 When I convert the pubseclib 2.0 hex numbers to to integers, they don't match the integers created by pubseclib 1.0. 当我将pubseclib 2.0十六进制数字转换为整数时,它们与pubseclib 1.0创建的整数不匹配。 But I am not sure if this has anything to do with my problem. 但是我不确定这是否与我的问题有关。
SNIPPLET FROM pubseclib1.0 var_dump($key): 从pubseclib1.0的SNIPPLET var_dump($ key):
[value] => 42318...
[is_negative] =>
[generator] => mt_rand
[precision] => -1
[bitmask] =>
[hex] =>
SNIPPLET FROM pubseclib2.0 var_dump($key): 从pubseclib2.0的SNIPPLET var_dump($ key):
[value] => 0x60f23...
[engine] => bcmath (OpenSSL)
I don't know it it's the RSA key that causes the problem or the _privatekey_login method. 我不知道是导致问题的RSA密钥还是_privatekey_login方法。
1 个解决方案
解决方案1
2 2018-11-17 00:46:40
Short Answer 简短答案
From your 2.0 code: 从您的2.0代码中:
$sftp->_privatekey_login("username", $key);
Don't do that. 不要那样做 Do this: 做这个:
$sftp->login("username", $key);
Long Answer 长答案
login calls _login , which calls _connect and _login_helper . login调用_login ,后者调用_connect和_login_helper 。 _connect is where fsockopen is called. _connect是调用fsockopen地方。 _login_hepler then conditionally calls _privatekey_login . _login_hepler然后有条件地调用_privatekey_login 。 By calling _privatekey_login directly you're bypassing all the steps that phpseclib normally does. 通过直接调用_privatekey_login ,您可以绕过phpseclib通常执行的所有步骤。
The documentation does not tell you to do this. 该文档没有告诉您执行此操作。 The only way you could have even learned about that method is by looking at the source code. 您甚至可以了解该方法的唯一方法是查看源代码。 Per the PHPDoc comments above _privatekey_login it's clear that that method is intended to be a private method and yet you're still calling it. 根据_privatekey_login上方的PHPDoc注释,很明显,该方法旨在用作私有方法,但您仍在调用它。 Indeed, it's comparable method is private in the master branch. 实际上,它的可比方法在master分支中是私有的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.