PHP 手册
上一页下一页

ssh2_connect

(PECL)

ssh2_connect --  Connect to an SSH server

Description

resource ssh2_connect ( string host [, int port [, array methods [, array callbacks]]] )

Establish a connection to a remote SSH server and return a resource on success, FALSE on error.

methods may be an associative array with up to four parameters as described below.

表 1. methods may be an associative array with any or all of the following parameters.

IndexMeaningSupported Values*
kex List of key exchange methods to advertise, comma separated in order of preference. diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, and diffie-hellman-group-exchange-sha1
hostkey List of hostkey methods to advertise, come separated in order of preference. ssh-rsa and ssh-dss
client_to_server Associative array containing crypt, compression, and message authentication code (MAC) method preferences for messages sent from client to server.  
server_to_client Associative array containing crypt, compression, and message authentication code (MAC) method preferences for messages sent from client to server.  

* - Supported Values are dependent on methods supported by underlying library. See libssh2 documentation for additional information.

表 2. client_to_server and server_to_client may be an associative array with any or all of the following parameters.

IndexMeaningSupported Values*
cryptList of crypto methods to advertise, comma separated in order of preference. rijndael-cbc@lysator.liu.se, aes256-cbc, aes192-cbc, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, arcfour, and none**
compList of compression methods to advertise, comma separated in order of preference. zlib and none
macList of MAC methods to advertise, come separated in order of preference. hmac-sha1, hmac-sha1-96, hmac-ripemd160, hmac-ripemd160@openssh.com, and none**

Crypt and MAC method "none": For security reasons, none is disabled by the underlying libssh2 library unless explicitly enabled during build time by using the appropriate ./configure options. See documentation for the underlying library for more information.

表 3. callbackss may be an associative array with any or all of the following parameters.

IndexMeaningPrototype
ignore Name of function to call when an SSH2_MSG_IGNORE packet is received void ignore_cb($message)
debug Name of function to call when an SSH2_MSG_DEBUG packet is received void debug_cb($message, $language, $always_display)
macerror Name of function to call when a packet is received but the message authentication code failed. If the callback returns TRUE, the mismatch will be ignored, otherwise the connection will be terminated. bool macerror_cb($packet)
disconnect Name of function to call when an SSH2_MSG_DISCONNECT packet is received void disconnect_cb($reason, $message, $language)

例 1. Open a connection forcing 3des-cbc when sending packets, any strength aes cipher when receiving packets, no compression in either direction, and Group1 key exchange.

<?php
/* Notify the user if the server terminates the connection */
function my_ssh_disconnect($reason, $message, $language) {
  printf("Server disconnected with reason code [%d] and message: %s\n",
         $reason, $message);
}

$methods = array(
  'kex' => 'diffie-hellman-group1-sha1',
  'client_to_server' => array(
    'crypt' => '3des-cbc',
    'comp' => 'none'),
  'server_to_client' => array(
    'crypt' => 'aes256-cbc,aes192-cbc,aes128-cbc',
    'comp' => 'none'));

$callbacks = array('disconnect' => 'my_ssh_disconnect');

$connection = ssh2_connect('shell.example.com', 22, $methods, $callbacks);
if (!$connection) die('Connection failed');
?>

Once connected, the client should verify the server's hostkey using ssh2_fingerprint(), then authenticate using either password or public key.

See Also: ssh2_fingerprint(), ssh2_auth_none(), ssh2_auth_password(), and ssh2_auth_pubkey_file()

上一页起始页下一页
ssh2_auth_pubkey_file上一级ssh2_exec