问题
I am using phpseclib to transfer files via SFTP, but login fails with
Invalid HMAC
I need to ignore this server warning.
For example with curl command I use the -k option. Can I do the same with phplibsec?
-k, --insecure (SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless -k, --insecure is used.
回答1:
The "Invalid HMAC" is not a warning, it's a fatal error. You cannot suppress it.
The error indicates there's some misunderstanding in communication between the server and the phpseclib client.
The error has nothing to do with the "host key verification". Contrary to majority of SSH clients, the phpseclib does not actually even verify the host key. You have code this yourself.
See http://phpseclib.sourceforge.net/ssh/2.0/examples.html#oneoff,hostkey
(but again, this has nothing to do with the error you are getting)
来源:https://stackoverflow.com/questions/34176869/how-to-suppress-phpseclib-invalid-hmac-warning