Phpseclib Net_SFTP set-up with RSA keys

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
txheat
Forum Newbie
Posts: 1
Joined: Sun Aug 14, 2011 12:09 am

Phpseclib Net_SFTP set-up with RSA keys

Post by txheat »

I need to set up SFTP using a public key without a password from within PHP on Ubuntu, but I can't get the script to work.

To make sure that sftp is even possible, I set it up to work from the bash prompt and it works well, so that's out of the way.

I installed the phpseclib Net_SFTP and Crypt_RSA packages following the phpseclib documentation, and below is my script. To simplify testing, the public key file "id_rsa.pub" and private key file "id_rsa" (generated when I set up sftp from the shell) reside in the same directory as my test script:

////////////////////////////////////////////////

set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib');
include_once('Net/SSH2.php');
include_once('Net/SFTP.php');
include_once('Crypt/RSA.php');
include_once('Crypt/Hash.php');
include_once('Math/BigInteger.php');

$rsa = new Crypt_RSA();
//$pubKey = file_get_contents('id_rsa.pub');
//$rsa->setPublicKey($pubKey);
$priKey = file_get_contents('id_rsa');
$rsa->loadKey($priKey);

$sftp = new Net_SFTP('myremoteserver');
//if (!$sftp->login('myusername', $password)) {
if (!$sftp->login('myusername', $rsa)) {
exit("Login Failed\n");
}
echo $sftp->pwd() . "\r\n";
$sftp->put('filename.ext', 'Hello, world!');

////////////////////////////////////////////////

The script works if I use a string password (commented out above), but when I use the $rsa object, the script fails. I tried setting the public key (commented out above) but that fails, too.

Any thoughts on what I'm missing or doing wrong? Thanks!
Post Reply