I have been reading up on how to execute ssh commands via php. All the tutorials seem to use keys, and then log in without a password.

What I would prefer to do is just execute an ssh command regularly. Ex.

exec('ssh -l root xxx.xxx.xxx.xxx; password; command here; logout');
The problem I believe is that the ";" is waiting for the shell to return to the bash prompt (correct terminology?). When ssh prompts for a password, the process is still running, so it does not continue on to the next command. Is there syntax that will tell the next command to run at the next text prompt, rather than once the previous command has completed? Thank You.

That would execute 'ssh -l root xxx.xxx.xxx.xxx' as one command, wait for it to end, then execute 'password' as a command, which on some systems is aliased to passwd (not what you want).

You could open a pipe the the SSH client, wait for it to say "login:" and send the username and password there... but that would be VERY flaky and wouldn't work most of the time.

That method would fail on servers with an MOTD or machines that use "Keyboard Interactive Input", which is specifically in SSH2d to stop what you're trying to do.

In short, use KEYs, that's why they are available.

I believe most hosts have disabled the ability to use the exec command for security reasons.

I have been reading up on how to execute ssh commands via php. All the tutorials seem to use keys, and then log in without a password.

There is a good reason for it. Maybe you should reconsider what you are doing.


What I would prefer to do is just execute an ssh command regularly. Ex.

exec('ssh -l root xxx.xxx.xxx.xxx; password; command here; logout');


The problem I believe is that the ";" is waiting for the shell to return to the bash prompt (correct terminology?). When ssh prompts for a password, the process is still running, so it does not continue on to the next command. Is there syntax that will tell the next command to run at the next text prompt, rather than once the previous command has completed? Thank You.

Look in php expect @ php.net/expect

I believe most hosts have disabled the ability to use the exec command for security reasons.

I do agree with your point as security is top most priority.

What is the real security flaw of logging in with a password, other than it would be in the php file is anyone got a hold of it?

What is the real security flaw of logging in with a password, other than it would be in the php file is anyone got a hold of it?Isn't that a good enough reason not to do it?

What is the real security flaw of logging in with a password, other than it would be in the php file is anyone got a hold of it?

Instead of storing passwords in the php file you should look into generating key pairs for the two hosts. This is done all the time using ssh and rsync more info than I could ever provide on the subject can be found by using google.

Isn't that a good enough reason not to do it?


Well the main security flaw i see with key pairs is that on a shared cpanel machine, any other user on that shared machine would be able to ssh in without providing a password.

What I have is a remote machine with many limited user accounts. I want to take these users, and store the user-passwords in an encrypted mysql database. Then when a particular on the web server is doing certain actions, he is connected to the remote server through his particular ssh connection (more importantly with the limitations of that ssh account).

As long as I made sure the permissions of the php file containing the mysql login info were correct, i would think this would be even more secure than just having a pair key allowing the two machines to communicate freely between each other.

Well the main security flaw i see with key pairs is that on a shared cpanel machine, any other user on that shared machine would be able to ssh in without providing a password.
Perhaps you don't understand the concept of public key encryption.

In order to logon without a password you need:

1) The public key - which is generated from...

2) ... The private key. Only the user trying to logon has access to this key. As long as this private key is secure (chmod 700 ~/.ssh; chmod 600 ~/.ssh/privatekeyfilename) then no one can steal their private key except the superuser who can do whatever they want on the server regardless.

PGP/GPG work on this same basic concept to encrypt email; i.e., a user's generated public key is passed to anyone who wants to encrypt email to send to that user. The user being sent the email is the only one who can decrypt it because they're the only ones who have access to their private key.

Most SSH servers will refuse key-based logons if the permissions on the .ssh and authorized_keys* files are incorrect so they won't permit logons if the user / sysadmin is too dense to set the right default or umask permissions on their .ssh directory or public or private keyfiles.

So, vs. storing passwords in cleartext in a PHP document it is far more secure to use key-based logons. Most people who write code know it's a Very Bad Idea to store passwords in code. It's mostly just laziness that provokes this kind of bad practice. If people write code that needs access to passwords and other secure data they can give access to the web server user to those files and hopefully write tight wrappers in their code so no extra values can passed via a form submit.

What I have is a remote machine with many limited user accounts. I want to take these users, and store the user-passwords in an encrypted mysql database. Then when a particular on the web server is doing certain actions, he is connected to the remote server through his particular ssh connection (more importantly with the limitations of that ssh account).
As explained in the post above, this is exactly what ssh keys are designed to do. Rather than putting effort into trying to duplicate an existing, very secure system (and probably producing something inferior) why not write your script to set up the key pairs automatically?

Perhaps you don't understand the concept of public key encryption.

In order to logon without a password you need:

1) The public key - which is generated from...

2) ... The private key. Only the user trying to logon has access to this key. As long as this private key is secure (chmod 700 ~/.ssh; chmod 600 ~/.ssh/privatekeyfilename) then no one can steal their private key except the superuser who can do whatever they want on the server regardless.

PGP/GPG work on this same basic concept to encrypt email; i.e., a user's generated public key is passed to anyone who wants to encrypt email to send to that user. The user being sent the email is the only one who can decrypt it because they're the only ones who have access to their private key.

Most SSH servers will refuse key-based logons if the permissions on the .ssh and authorized_keys* files are incorrect so they won't permit logons if the user / sysadmin is too dense to set the right default or umask permissions on their .ssh directory or public or private keyfiles.

So, vs. storing passwords in cleartext in a PHP document it is far more secure to use key-based logons. Most people who write code know it's a Very Bad Idea to store passwords in code. It's mostly just laziness that provokes this kind of bad practice. If people write code that needs access to passwords and other secure data they can give access to the web server user to those files and hopefully write tight wrappers in their code so no extra values can passed via a form submit.

Maybe I am just missing the idea completely. If I use the keys, and I exec an ssh command via exec();, it is executed by the apache user (nobody?), therefore you would have to set up the ssh key for that user, therefore giving access to any other user on the shared server via php.

Maybe I am just missing the idea completely. If I use the keys, and I exec an ssh command via exec();, it is executed by the apache user (nobody?), therefore you would have to set up the ssh key for that user, therefore giving access to any other user on the shared server via php.

I wouldn't even attempt this via any method on a machine that executed PHPs and CGIs as "nobody", atleast not on a shared server.

If you did it with a password OR keys "nobody" will be able to read the file.

You'd need to run php as suexec (taking on the user's own permissions). If you're using CPanel enable phpsuexec. That way each user can have his own private key for access to his section of the remote server.

usually the authorized key method is good enough. if you really need to do it with login try building something with expect.

try searching for 'ssh login with expect' or similar in google. it should give some scripts