ssh2_auth_password

(PECL ssh2 >= 0.9.0)

ssh2_auth_passwordIdentification via SSH en utilisant un mot de passe en clair

Description

ssh2_auth_password(resource $session, string $username, string $password): bool

Identification via SSH en utilisant un mot de passe en clair. Depuis la version 0.12, cette fonction supporte également la méthode keyboard_interactive.

Liste de paramètres

session

Un identifiant de connexion SSH, obtenu depuis la fonction ssh2_connect().

username

Nom d'utilisateur distant.

password

Mot de passe pour l'utilisateur username.

Valeurs de retour

Cette fonction retourne true en cas de succès ou false si une erreur survient.

Exemples

Exemple #1 Identification avec un mot de passe

<?php
$connection
= ssh2_connect('shell.example.com', 22);

if (
ssh2_auth_password($connection, 'username', 'secret')) {
echo
"Identification réussi !\n";
} else {
die(
'Echec de l\'identification...');
}
?>

add a note add a note

User Contributed Notes 3 notes

up
3
sgchris at gmail dot com
8 years ago
Please note that the function ssh2_auth_password raises PHP warning(!) on bad authentication. To avoid the warning, use the "silence" ("@") operator.

<?php
$ssh
= ssh2_connect($host);
if (
false === $ssh) {
    die(
'connection failed');
}

$auth = @ssh2_auth_password($ssh, $user, $password);
if (
false === $auth) {
    die(
'authentication failed');
}
?>
up
-9
wally at soggysoftware dot co dot uk
16 years ago
This function is useful for authenticating website clients against local (or remote) Unix users.

I'd played around with Apache+PAM, various mod_auths and homebrewed shell programs and even NIS, but to authenticate a user against a Unix shadow file fundamentally requires root priviledges, so either your PHP script needs root or an external program needs it's sticky bit set.  Both of these have *serious* security implications.

Using SSH, the overhead is obviously going to be greater but you're trusting a root service that's been (and continues to be) really well tested.  Just try authing with SSH against localhost (or another host if you want).
up
-13
noels01 at gmx dot net
18 years ago
Do not try to authenticate or log in more than once on a ssh2 connection. It won't work. You'll need a new connection via ssh2_connect() which will result in a poor performance if you're doing several connects to the same server.
To Top