I have tried finding an answer on stackoverflow, but couldn't find my precise answer. So therefore I am asking here.
I am trying to connect from server A to server B with php over ssh.
I have created a key on server A on stored is in /root/.ssh/id.rsa (and id_rsa.pub) I have uploaded the public key to server B and renamed it to 'testomgeving.pub' in the location /root/keys/testomgeving.pub. This because I have multiple connections from multiple users.
I added and doublechecked it was added in /root/.ssh/authorized_keys
regular ssh connection is available.
then I tried using the command from php.net
$connection = ssh2_connect(
$_ip_adress_without_any_prefix,
22);
ssh2_auth_pubkey_file(
$connection,
$_default_user,
$_public_key_file,
$_private_key_file);
ssh2_scp_send(
$connection,
'sending filename',
'receiving filename',
0644);
However i get errors, that parameter 1 needs to be a resource, but a boolean is given.
From what I understand these errors could be ignored. However, no file is being send.
I suspect it has to do with the keys and how they are managed.
At first I tried with password protected private key (the safest way), but saw it had bugs with it, so started over with a private key that does not have a password.
still no effect. the ssh connection is still avalable, now offcourse without giving a password.
I suspect it has to do with the www-data group not being able to read the private key.
I found on another topic (which is somewhere far away in my browser history) to use the following code to check weither or not it could be read.
$prv_key = file_get_contents($_private_key_file);
print "<pre>";
var_export($prv_key);
print "</pre>";
i have tried using chown www-data /root/.ssh/id_rsa to get acces for www-data, however it only prints out false which I assume means it cannot read the file. I hope I am near finding a solution or maybe I am entirely wrong.
Another thing I am not sure about is what the $_public_key_file and $_private_key_file should be. As private key files are not be shared I assumed that had to be the sending server (server A). the public key I am not sure about. Is it the /root/keys/testomgeving.pub I have on server B. Or is it the /root/.ssh/id_rsa.pub on Server A. Or should I also generate a key-pair on server B and refer to it some way? (This last seems unusual, however, I am stuck in wich option to figure out and how)
I am aware, it seems 'off' renaming the id_rsa after placing it on Server B. However, I am writing a code that is called from multiple servers, therefore from serverA I want a generic name, and to distinguish the names of the public keys on serverB i rename them, add the ones i need to authorized_keys.
I hope anyone can help me to explain this correctly so I can finally connect to the server, overcoming this bottleneck! thanks in advance.
UPDATE ISSUE RESOLVED
thanx to the comments I realised I had to create the ssh key generate for my www-data user.
in a nutshell. the code itself worked.
sudo -u www-data ssh-keygen -t rsa
it created /var/www/.ssh (not in httdocs) which i could refer to as both my public and private key file. The whole thing worked. I got a connection and I got to do things on serverB from my php script on serverA. Love IT! thanks for helping everyone.
Typically, /root is read protected. Even if a user is allowed to read the file, they're not automatically allowed to read the directory.
Root and www-data are distinct users, and I can't think of a compelling reason to put www-data key in /root. Put it somewhere that's accessible to www-data but not in the public htdocs of course. From a cursory overview, everything else seemed good.
If you continue to have errors please dig up your logs. Guessing what the error might be, is not a viable approach to debug! If you have errors messages, always include with the question. If not... Find one!
Good luck.
parameter 1 needs to be a resource, but a boolean is given
It seem that $_ip_adress_without_any_prefix
doesn't actually exist and the call to ssh2_connect() fails to return a resource
So first step you need to be sure that the connection is ok. After that you can continue the next steps
$connection = ssh2_connect('your_valid_host_name',22);
//note that http or https or www in a valid host name is not normally used
if($connection){
//your authentication code here
}else{
//connection fail
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.