How do i set flags when using phpseclib ssh2 exec() function?

南楼画角 提交于 2019-12-05 02:12:55

问题


I'm using phpseclib and need to make a couple of php functions that enable someone to programmatically ssh into their server and change the root password and also change the password of a user that may have forgotten their password (so have to be logged in as root).

I tried using libssh2, but found it a bit nasty to use. I'm now looking at phpseclib which seems more robust. But when I tried to use the 'su' command like so:

echo $ssh->exec('su');

I get the reply:

su: must be run from a terminal

and when I try to use sudo:

echo $ssh->exec('sudo passwd root');

I get the error:

sudo: no tty present and no askpass program specified

Anyway, it turns out that su is disabled for direct ssh access, but after having a look at this article, it turns out you can do it with the following command:

ssh -t -t -l 'username' 'host' 'su -'

That's what finally worked for me anyway when entering into a terminal from my laptop (running ubuntu), and then I entered my password and then the root password to finish off.

Quoting from the site linked to above:

Ssh commands (using -t) the remote sshd to establish a 'pseudo-terminal' pipe to the worker process when -t is given.

. ssh does this as long as its stdin is a terminal.

. But if ssh's stdin is a non-terminal, ssh won't direct sshd to establish a
pseudo-terminal unless TWO -t's are given:

echo password | ssh -t -t -l username remote_host

. So with -t -t (from ssh) sshd sets up a pseudo-terminal to the client process.

. The client, whether it be 'tty' or 'su' cannot tell it is connected to a ficticious >terminal:

echo dummystr | ssh -t -t -l username host.com -c ''tty'

echo password | ssh -t -t -l username host.com -c 'su -'

So there is the answer. Use double -t if you are 'su root'ing' on a linux box through an >interactive client ssh like the one from OpenBSD.

So, it actually worked from the terminal as I said above using:

ssh -t -t -l 'username' 'host' 'su -'

but I really want to be able to execute this command using phpseclib. Only thing is I don't know how to put in any flags into the exec() function. Specifically, I need to put in the -t flags (twice).

I've looked for ages and can't find anything. Be really grateful for some help on this. Sorry about the length of this post as well. :)

Cheers

Joe


回答1:


If sudo passwd root requires a tty try read() / write() in phpseclib. eg.

<?php
include('Net/SSH2.php');

$ssh = new Net_SSH2('localhost', 22);
$ssh->login('username', 'password');

$ssh->read('[prompt]');
$ssh->write("sudo passwd root\n");
$ssh->read('Password:');
$ssh->write("Password\n");
echo $ssh->read('[prompt]');
?>

Actually, I'm just copy / pasting from your other post: php ssh2_exec not executing 'su' command

Looks like you were getting some help there and then stopped following up? Someone suggested you need to add new lines to your commands. Did you try that? They also suggested posting on the phpseclib support forums. Seems like a good bit of advice to me...




回答2:


You can enable the pseudoterminal by calling

$ssh->enablePTY();

after you login, but before the exec. This will prevent it from complaining about the missing tty.




回答3:


I looked into phpseclib's Net_SSH2 for the time being. It looks like it uses sockets to connect to the server. So there's no way to pass in -t twice. It's not an ssh call.

Since you mentioned libssh2 in your question, there's a PEAR wrapper which supports it, might make things easier, the code is only in SVN currently. The PEAR wrapper is called Net_SSH2 as well, but is different from phpseclib's Net_SSH2 (confusing).

Check out the code here:

  • http://svn.php.net/viewvc/pear/packages/Net_SSH2/trunk/

To download it, do an svn checkout out with:

svn co http://svn.php.net/repository/pear/packages/Net_SSH2/trunk/ ./Net_SSH2

Small example:

<?php
require_once './Net_SSH2/Net/SSH.php';
$ssh = new Net_SSH2::factory('LibSSH2', array(
    'login_name' => 'user',
    'password'   => 'pass',
    'hostname'   => 'example.org',
    'command'    => 'su -',
));
$ssh->sshExec($std_output, $std_error);
var_dump($std_output, $std_error);

Would that help?



来源:https://stackoverflow.com/questions/5735432/how-do-i-set-flags-when-using-phpseclib-ssh2-exec-function

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!