#!/usr/bin/env php <?php $ssh_start_time = microtime(true); $root = dirname(dirname(dirname(__FILE__))); require_once $root . '/scripts/__init_script__.php'; $ssh_log = PhabricatorSSHLog::getLog(); $args = new PhutilArgumentParser($argv); $args->setTagline(pht('execute SSH requests')); $args->setSynopsis(<<<EOSYNOPSIS **ssh-exec** --phabricator-ssh-user __user__ [--ssh-command __commmand__] **ssh-exec** --phabricator-ssh-device __device__ [--ssh-command __commmand__] Execute authenticated SSH requests. This script is normally invoked via SSHD, but can be invoked manually for testing. EOSYNOPSIS ); $args->parseStandardArguments(); $args->parse(array(array('name' => 'phabricator-ssh-user', 'param' => 'username', 'help' => pht('If the request authenticated with a user key, the name of the ' . 'user.')), array('name' => 'phabricator-ssh-device', 'param' => 'name', 'help' => pht('If the request authenticated with a device key, the name of the ' . 'device.')), array('name' => 'phabricator-ssh-key', 'param' => 'id', 'help' => pht('The ID of the SSH key which authenticated this request. This is ' . 'used to allow logs to report when specific keys were used, to make ' . 'it easier to manage credentials.')), array('name' => 'ssh-command', 'param' => 'command', 'help' => pht('Provide a command to execute. This makes testing this script ' . 'easier. When running normally, the command is read from the ' . 'environment (%s), which is populated by sshd.', 'SSH_ORIGINAL_COMMAND')))); try { $remote_address = null; $ssh_client = getenv('SSH_CLIENT'); if ($ssh_client) { // This has the format "<ip> <remote-port> <local-port>". Grab the IP. $remote_address = head(explode(' ', $ssh_client)); $ssh_log->setData(array('r' => $remote_address)); } $key_id = $args->getArg('phabricator-ssh-key'); if ($key_id) { $ssh_log->setData(array('k' => $key_id)); } $user_name = $args->getArg('phabricator-ssh-user');