phpseclib - 我可以使用用户名、密钥和密码进行连接吗(不是密钥密码)
抱歉,如果我在文档中遗漏了这一点,但是否可以使用私钥和密码(不是我的私钥的密码)连接到 SFTP 服务器.
Apologies if I have missed this in the documentation but is it possible to connect to an SFTP server with a private key and a password (not a passphrase for my private key).
示例显示了用户名/密码、用户名/密钥和用户名/密钥/密钥密码验证类型.
The examples show username/password, username/key and username/key/key passphrase authentication types.
通过命令行连接时,我会收到输入密码的提示...
When connecting via the command line I would get this prompt for my password...
user@x.x.x.x 的密码:
user@x.x.x.x's password:
希望这个库可以处理这个问题吗?
Hopefully this library can handle this?
否则,是否还有其他基于 PHP 的解决方案可能支持用户名/密钥和服务器密码身份验证?我在这里很灵活,如果需要可以安装模块.
Otherwise are there any other PHP based solutions that might support username/key and server password authentication? I'm quite flexible here and can install modules if need be.
编辑
感谢到目前为止的帮助...我已经尝试过你提到的 Neubert ,但这似乎不起作用.为了验证连接到服务器需要什么,我在命令行上测试了这个.sftp key user@ip
- 按预期提示输入密码sftp user@ip
- 提示输入密码,但输入正确后告诉我已通过身份验证并部分成功".
Thanks for the help so far...
I had tried what you mentioned Neubert but this didn't seem to work.
And to verify what is necessary to connect to the server I tested this on the command line.
sftp key user@ip
- Prompted for password as expected
sftp user@ip
- Prompted for password but when entered correctly told I am "authenticated with partial success".
如果我可以使用密钥和密码进入,我认为对目录和密钥的权限应该没问题.
I think the permission on directories and keys should be fine if I can get in using key and then password.
我开始认为这个库不支持我需要的东西.
I am starting to think this library doesn't support what I need.
推荐答案
phpseclib 支持多因素认证.以下是如何操作的示例:
phpseclib supports multi factor authentication. Here's an example of how to do it:
<?php
include('Net/SSH2.php');
include('Crypt/RSA.php')
$rsa = new Crypt_RSA();
$rsa->loadKey(file_get_contents('/path/to/key.pem'));
$ssh = new Net_SSH2('www.domain.tld');
if (!$ssh->login('username', 'pass1', $rsa)) {
exit('Login failed');
}
// this does the same thing as the above
//if (!$ssh->login($username, 'pass1') && !$ssh->login('username', $rsa)) {
// exit('Login failed');
//}
echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');
?>
但是要记住一点:很多人将受密码保护的私钥混淆为多因素(密码和公钥),而实际上并非如此.至少就 SSH 而言不是这样.
Something to keep in mind, however: a lot of people confuse password protected private keys as being multi factor (password and public key) when in fact it is not. At least not in-so-far as SSH is concerned.
相关文章