sams.folk
By:
sams.folk

ssh2_auth_pubkey_file : Can't Get To Work

July 1, 2015 5.8k views
PHP Ubuntu

I am trying to copy a file from one server to another server. I can do this with ssh2_auth_password on server's without Keys, but I can't find a way to do it withssh2_auth_pubkey_file on servers with Keys. I'm not using root with any of this. I haven't enabled Private Networking.

On the sending server I have generated ...
a public key at /home/username/.ssh/id_rsa.pub
a private key at /home/username/.ssh/id_rsa

On the receiving server I, too, have generated ...
a public key at /home/username/.ssh/id_rsa.pub
a private key at /home/username/.ssh/id_rsa

On the receiving server, I have placed the sending server's public key into /home/username/.ssh/authorized_keys

My code ...

<?php 
$host = "IP_address_receiving_server”;
$port = 22; 
$conn = ssh2_connect($host, $port); 
if ($conn) 
{ 
echo "Can connect to server"; 
}else 
{ 
echo "Can Not connect to server"; 
} 

… it seems I can connect. The rest of the code.

$username = "username";
$pub_key = "ssh-rsa, numbers and letters, a /n, ending with username@receiving server name";
$pri_key = “MIIE, numbers and letters, ending with ==";
$passph = ""; //null
if (!ssh2_auth_pubkey_file($conn, $username, $pub_key, $pri_key, $passph)) 
{ 
echo "Authentication rejected by server"; 
}
?>

After it is run I receive the PHP and OS code message …
Can connect to server
PHP Warning: ssh2authpubkey_file(): Authentication failed for <username> using public key: Unable to open public key file in <address of file> on line 50
Autentication rejected by server

For the public and private key variables, I'm assuming they're ones generated on the receiving server. However, I've tried keys generated on the sending server and that doesn't work either.

From the PHP manual ...
http://php.net/manual/en/function.ssh2-auth-pubkey-file.php
… I am leaving off this part of their code with ssh2_connect

array('hostkey'=>'ssh-rsa')

Other Internet articles on the subject don't include it, and I haven't, simply because I don't know what to substitute in for hostkey and ssh-rsa. I'm writing functionally, too.
I've exhausted what I can do. Any assistance is much appreciated.

2 comments
  • can you ssh into one server from the other using simple command line?

  • Yes. I've sort of been learning about the whole Key thing. But, from the sending server I can $ ssh username@receivingserverIP , and it will take me directly to my receiving server's prompt, without using a password.

4 Answers

Got it to work.

When looking at the PHP manual for ssh2_auth_pubkey_file it turns out that the lines

'/home/username/.ssh/id_rsa.pub',
'/home/username/.ssh/id_rsa',

do not mean to substitute in the actual Keys, with all their numbers and letters, but to actually type in the addresses to the location of the server's Keys. (Not sure if the addresses are to the sending server or receiving server(?) I'm guessing the receiving server, since a connection is opened to it). Either way, it is the same address.

I think I had done this with one of the configurations of code I'd worked on, but it was probably in combination with array('hostkey'=>'ssh-rsa')or 'secret' and therefore didn't work.

I never figured out the array() thing. I think the secret means, if you are using a passphrase when setting up Keys, then the word secret is just what the PHP manual uses to indicate their choice of passphrase, which could be any other name a user may chose.

Here's the code I got to work.

<?php
$host = "receiving_server_IP";
$port = 22;
$conn = ssh2_connect($host, $port);
$username = "enter_your_username";
$pub_key = "/home/enter_your_username/.ssh/id_rsa.pub";
$pri_key = "/home/enter_your_username/.ssh/id_rsa";
ssh2_auth_pubkey_file(
    $conn, 
    $username, 
    $pub_key, 
    $pri_key) ; 
ssh2_scp_send($conn, 'address_to_file_on_sending_server', 'address_to_file_on_receiving_server(don't forget to add the file name)', 0644); 
?>
Have another answer? Share your knowledge.