PHP SSH2和Amazon EC2 .pem

Question

I've been looking for a way to use PHP's SSH2 to create a sort of terminal. To connect to Amazon in a normal terminal, you would use something like ssh -i path_to/key.pem ec2.ip-555-xxx.com . In PHP on the other hand, SSH2 has a function ssh2_auth_pubkey_file . But have run into a bit of a wall here, as Amazon only provides me with 1 private key (.pem) file, and the function has arguments for both private and public keys. Ultimately I'd like to have a client upload a .pem file to the server and be able to connect to a local or remote SSH server with PHP SSH2 on Amazon using that .pem file.

Answer 1

.pem is the server certificate for the apache web server, it has nothing to do with ssh. See: https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file-f

Seems it might also be a combo file with public and private keys in it. In any case it will not work for ssh directly, you will need to convert it to normal files.

You have it backward anyway - amazon will not give you the private key, quite the opposite - you give amazon the public key. You generate the private/public key pair locally, then upload the public key into the .ssh/authorize_keys files.

Answer 2

Personally, I'd recommend phpseclib, a pure PHP SSH2 implementation be used:

<?php
include('Net/SSH2.php');

$key = new Crypt_RSA();
//$key->setPassword('whatever');
$key->loadKey(file_get_contents('privatekey'));

$ssh = new Net_SSH2('www.domain.tld');
if (!$ssh->login('username', $key)) {
    exit('Login Failed');
}

echo $ssh->exec('ls -la');
?>

Answer 3

This is how you get the private and public keys from .pem within php

$eKey = file_get_contents('/pathto/key.pem');
$key_private = openssl_get_privatekey($eKey);
$keyDet=openssl_pkey_get_details($key_private);
$key_public = openssl_pkey_get_public(array($keyDet['key'],""));
$keyPDet=openssl_pkey_get_details($key_public);