[PECL ssh2 >= 0.9.0] ssh2_connect — Connect to an SSH server ssh2_connect[ Once connected, the client should verify the server's hostkey using ssh2_fingerprint[], then authenticate using either password or public key. * - Supported Values are dependent on methods supported by underlying library. See » libssh2 documentation for additional information. Note: Crypt and MAC method " For security reasons, Description
string $host
,
int $port
= 22,
array $methods
= ?,
array
$callbacks
= ?
]: resource|falseParameters
host
port
methods
methods
may be an associative array with up to four parameters as described below. methods
may be an associative array with any or all of the following
parameters.
IndexMeaningSupported Values* kex
List of key exchange methods to advertise, comma separated in order of preference.
diffie-hellman-group1-sha1
, diffie-hellman-group14-sha1
, and diffie-hellman-group-exchange-sha1
hostkey
List of hostkey methods to advertise, comma separated in order of preference.
ssh-rsa
and ssh-dss
client_to_server
Associative array containing crypt, compression, and message authentication code [MAC] method preferences for messages sent from client to server.
server_to_client
Associative array containing crypt, compression, and message authentication code [MAC] method preferences for messages sent from server to client.
client_to_server
and server_to_client
may be an associative array with any or all of the following parameters.
IndexMeaningSupported Values* crypt
List of crypto methods to advertise, comma separated in order of preference.
,
aes256-cbc
, aes192-cbc
, aes128-cbc
, 3des-cbc
, blowfish-cbc
, cast128-cbc
, arcfour
, and none**
comp
List of compression methods to advertise, comma separated in order of preference.
zlib
and none
mac
List of MAC methods to advertise, comma separated in order of preference.
hmac-sha1
, hmac-sha1-96
, hmac-ripemd160
, , and
none**
none
"none
is disabled by the underlying » libssh2 library unless explicitly enabled during build time by using the appropriate ./configure options. See documentation for the underlying library for more information.
callbacks
callbacks
may be an associative array with any or all of the following parameters.
ignore | Name of function to call when an SSH2_MSG_IGNORE packet is received
| void ignore_cb[$message] |
debug | Name of function to call when an SSH2_MSG_DEBUG packet is received
| void debug_cb[$message, $language, $always_display] |
macerror | Name of function to call when a packet is received but the message authentication code failed. If the callback returns true , the mismatch will be ignored, otherwise the connection will be terminated.
| bool macerror_cb[$packet] |
disconnect | Name of function to call when an SSH2_MSG_DISCONNECT packet is received
| void disconnect_cb[$reason, $message, $language] |
Return Values
Returns a resource on success, or false
on error.
Examples
Example #1 ssh2_connect[] example
Open a connection forcing 3des-cbc when sending packets, any strength aes cipher when receiving packets, no compression in either direction, and Group1 key exchange.
See Also
- ssh2_fingerprint[] - Retrieve fingerprint of remote server
- ssh2_auth_none[] - Authenticate as "none"
- ssh2_auth_password[] - Authenticate over SSH using a plain password
- ssh2_auth_pubkey_file[] - Authenticate using a public key
- ssh2_disconnect[] - Close a connection to a remote SSH server
Steve Kamerman ¶
11 years ago
Due to a lack of complete examples, here's a simple SSH2 class for connecting to a server, authenticating with public key authentication, verifying the server's fingerprint, issuing commands and reading their STDOUT and properly disconnecting. Note: You may need to make sure you commands produce output so the response can be pulled. Some people suggest that the command is not executed until you pull the response back.
jrdbrndt at gmail dot com ¶
2 years ago
Trying to include "aes256-cbc" in the encryption methods list caused an error. The documentation here may be out of date, and you might find a more accurate list of what values are acceptable by checking the libssh2 documentation at libssh2.org.
Trev White ¶
9 years ago
Hi,
If you are having problems with running a ssh2 session and it waits forever during the execution of stream_get_contents, it might be because the remote system has run the command and is now sitting at a # prompt waiting for the next command. I had this issue on a HP MSA box, here is the code to get around the issue.
Assuming you are connected with your authentication method and $ssh contains the handle.
I hope this helps someone.
You can't use ssh2_exec with this method [well at lease I couldn't] because on executing the first command the stream gets blocked and then you can't run the exit command, whereas a terminal seems to use one session.
suri dot suribala dot com ¶
17 years ago
With Sara's help, I have the following SS2 class that is quite flexible. If anyone improves it, please feel free to let me know.
rainerkrauss at googlemail dot com ¶
8 years ago
Warning! If you open a ssh connection and execute an external program opening another ssh connection it may result in very strange behavior.
I used an sftp connection to get a file list and used "exec" to download the files afterwards with an external sftp. lftp downloaded zeros with no comment, psftp exits with error code 11 most of the time, but sometimes it works - probably depending on how quickly php collects garbage and closes the unused connection first.
As there is no function to close a connection, you need to be sure to destroy all references [unset] to close it.