phpseclib - 我可以使用用户名、密钥和密码进行连接吗(不是密钥密码)

2021-12-23 00:00:00 ssh sftp passwords php phpseclib

抱歉,如果我在文档中遗漏了这一点,但是否可以使用私钥和密码(不是我的私钥的密码)连接到 SFTP 服务器.

Apologies if I have missed this in the documentation but is it possible to connect to an SFTP server with a private key and a password (not a passphrase for my private key).

示例显示了用户名/密码、用户名/密钥和用户名/密钥/密钥密码验证类型.

The examples show username/password, username/key and username/key/key passphrase authentication types.

通过命令行连接时,我会收到输入密码的提示...

When connecting via the command line I would get this prompt for my password...

user@x.x.x.x 的密码:

user@x.x.x.x's password:

希望这个库可以处理这个问题吗?

Hopefully this library can handle this?

否则,是否还有其他基于 PHP 的解决方案可能支持用户名/密钥和服务器密码身份验证?我在这里很灵活,如果需要可以安装模块.

Otherwise are there any other PHP based solutions that might support username/key and server password authentication? I'm quite flexible here and can install modules if need be.

编辑

感谢到目前为止的帮助...我已经尝试过你提到的 Neubert ,但这似乎不起作用.为了验证连接到服务器需要什么,我在命令行上测试了这个.
sftp key user@ip - 按预期提示输入密码
sftp user@ip - 提示输入密码,但输入正确后告诉我已通过身份验证并部分成功".

Thanks for the help so far... I had tried what you mentioned Neubert but this didn't seem to work. And to verify what is necessary to connect to the server I tested this on the command line.
sftp key user@ip - Prompted for password as expected
sftp user@ip - Prompted for password but when entered correctly told I am "authenticated with partial success".

如果我可以使用密钥和密码进入,我认为对目录和密钥的权限应该没问题.

I think the permission on directories and keys should be fine if I can get in using key and then password.

我开始认为这个库不支持我需要的东西.

I am starting to think this library doesn't support what I need.

推荐答案

phpseclib 支持多因素认证.以下是如何操作的示例:

phpseclib supports multi factor authentication. Here's an example of how to do it:

<?php
include('Net/SSH2.php');
include('Crypt/RSA.php')

$rsa = new Crypt_RSA();
$rsa->loadKey(file_get_contents('/path/to/key.pem'));

$ssh = new Net_SSH2('www.domain.tld');
if (!$ssh->login('username', 'pass1', $rsa)) {
    exit('Login failed');
}
// this does the same thing as the above
//if (!$ssh->login($username, 'pass1') && !$ssh->login('username', $rsa)) {
//    exit('Login failed');
//}

echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');
?>

但是要记住一点:很多人将受密码保护的私钥混淆为多因素(密码和公钥),而实际上并非如此.至少就 SSH 而言不是这样.

Something to keep in mind, however: a lot of people confuse password protected private keys as being multi factor (password and public key) when in fact it is not. At least not in-so-far as SSH is concerned.

相关文章