Trying to connect using ssh2_auth_pubkey_file()

I am trying to make a php script that runs on the terminal that would connect to a remote server by ssh and retrieve a file. this is my code so far

#!/usr/bin/php -q
<?php
$cwd = dirname(__FILE__).'/';
$filename = 'retrive-this.file';
$host = 'hostip';

$connection = ssh2_connect($host, 22, array('hostkey'=>'ssh-rsa'));
$methods = ssh2_auth_pubkey_file($connection, 'remoteuser',
                                 $cwd.'ssh/id_rsa.pub',
                                 $cwd.'ssh/id_rsa', "it's an inception");
var_dump($methods);

//ssh2_scp_recv($connection, "/remote/server/path/to/$filename", $cwd.$filename);
?>

for now I am having problems with the ssh2_auth_pubkey_file() function, when I run the script it returns this:

PHP Warning:  ssh2_auth_pubkey_file(): Authentication failed for remoteuser using public key in /home/tonyl/Projects/get-file-ssh.php on line 10
bool(false)

The key files have permission -rw-r--r-- (644). Also the public key is 开发者_JS百科already added to the remoteuser's authorized keys. I am able to ssh using the ssh command as normal, so I don't think it is a ssh authorization problem, but who knows. I am new to ssh and the ssh2 php library.

I can connect using ssh2_auth_password() if I enable it in the remote sshd_config file, but I don't want to do that since it decreases security tranfer.

Any ideas of what I can do.

This is a known bug in php: password protected private key cannot be used on certain combinaisons.

See: https://bugs.php.net/bug.php?id=58573

ssh2_auth_pubkey_file() is broken when the public key file is protected with a password AND libssh2 is compiled with libgcrypt, which is what debian/ubuntu and probably others do. I'm working on a solution for this bug, but if you need this working rebuild libssh2 yourself with OpenSSL.

A workaround may be to store the private key unencrypted. To decrypt the key:

openssl rsa -in id_rsa -out id_rsaNOPASSWORD

and then use the file id_rsaNOPASSWORD without supplying the fifth parameter 'passphrase'. It works, but you'll have to be careful with your decrypted key file. Anyway, the level of security is not really terribly affected, because even with an encrypted key, you would still need to pass the passphrase unencrypted to the ssh2_auth_pubkey_file function ...

Hope it helps.

this looks like the error right here. FILE is a filepath isn't it? so it looks something like /somedir/somefile.php and all you have done is add a / on the end of .php so I don't think this is really valid. see http://www.php.net/manual/en/language.constants.predefined.php

$cwd = dirname(__FILE__).'/';

also, other people have been having problems with ssh2_auth_pubkey_file returning false under all conditions. you may want to submit a bug report. I was hoping to use this function. I don't know how to use it because I have no idea how to supply a private key.

I think the code you want is

if (!defined('__DIR__')) {
    $iPos = strrpos(__FILE__, "/");
    define("__DIR__", substr(__FILE__, 0, $iPos) . "/");
}
$cwd=__DIR__ . '/';

and keep in mind that when it comes to the remote directory, you should be using ssh2_sftp_realpath().

dirname() has been reported to be unreliable.

I have been using this function for around 3 years and for some reason a new server that I was configuring didn´t work. I was about to jump by the balcony when I found this :

ssh-keygen -m PEM -t rsa -b 4096

using the link @megar answered years ago.

Hope it helps someone else, this was hard!