Ping a Specific Port

Question

waxical

Asked: 2011-11-08 08:22:57 +0800 CST2011-11-08 08:22:57 +0800 CST 2011-11-08 08:22:57 +0800 CST

SSH command from PHP script - nothing, yet work at cmd line

772

I'm working on an EC2 box and trying to SSH command another box.

The command works in command-line, even php -a interactive. However it does not work when running as apache. Example cmd:-

   system('ssh -i /home/me/keys/key.pem [email protected] "ls"');

I've tried adding apache to wheel group, and gshadow on both boxes. I've also just tried chowning the pem file to apache. Nothing.

Yet the command response fine in the two other use cases outlines.

What's going on here? Anyone know?

5 Answers

Voted

Andrew Case · Answer 1 · 2011-11-08T19:21:22+08:00

Andrew Case

2011-11-08T19:21:22+08:002011-11-08T19:21:22+08:00

You need to specify the user in the ssh command options:

system('ssh -i /home/me/keys/key.pem [email protected] "ls"');

This probably still won't work unless apache has access to your key.pem file which would be a huge security vulnerability. I really suggest using some ssh library (like others have suggested) and setting up apache with it's own ssh keys, and set up the server it's connecting to with reduced permission access to that account.

2

José Ramón Torregrosa Durán · Answer 2 · 2011-11-08T22:45:11+08:00

José Ramón Torregrosa Durán

2011-11-08T22:45:11+08:002011-11-08T22:45:11+08:00

First; try to run it as the webserver user, for example:

sudo -u www-data <whatever_command>

Second; make sure you not only capture the result of the command you are executing, but the lines it throws back. You can do this in PHP with:

string exec ( string $command [, array &$output [, int &$return_var ]] )

http://www.php.net/manual/en/function.exec.php

Third: please do come back with a working answer.

2

Farhan · Answer 3 · 2011-11-09T02:29:29+08:00

Farhan

2011-11-09T02:29:29+08:002011-11-09T02:29:29+08:00

you need to use php openssh library to properly run these commands, otherwise, it can compromise security of your system.

1

reqbut · Answer 4 · 2011-11-14T09:11:47+08:00

reqbut

2011-11-14T09:11:47+08:002011-11-14T09:11:47+08:00

My recommendation would be to use phpseclib, a pure PHP SSH implementation. eg.

<?php
include('Net/SSH2.php');

$key = new Crypt_RSA();
$key->loadKey(file_get_contents('/home/me/keys/key.pem'));

$ssh = new Net_SSH2('ip-xx-xxx-xxx-xxx-end.ip');
if (!$ssh->login('user', $key)) {
    exit('Login Failed');
}

echo $ssh->exec('ls');

//echo $ssh->read('username@username:~$');
//$ssh->write("ls -la\n");
//echo $ssh->read('username@username:~$');
?>

1

Biriukov · Answer 5 · 2011-11-09T03:11:00+08:00

Biriukov

2011-11-09T03:11:00+08:002011-11-09T03:11:00+08:00

Use pecl extension http://php.net/manual/en/book.ssh2.php

0

SSH command from PHP script - nothing, yet work at cmd line

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?