ssh连接通过php失败

Question

ssh连接通过php失败

试图通过webserver使用php脚本连接ssh。我在MacOsX上工作。我将apache的用户和组(_www:_www)更改为我自己的用户和组()。我使用的命令如下(我更改了连接详细信息)：

ssh -v -p 2222 -i /Users/myname/.ssh/id_dsa_mykey -l myuser 10.1.12.10 2>&1

在终端上，没有问题，它连接并给出了以下输出：

OpenSSH_5.9p1, OpenSSL 0.9.8y 5 Feb 2013
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 54: Applying options for *
debug1: Connecting to 10.1.12.10 [10.1.12.10] port 2222.
debug1: Connection established.
debug1: identity file /Users/myname/.ssh/id_dsa_mykey type 2
debug1: identity file /Users/myname/.ssh/id_dsa_mykey-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4
debug1: match: OpenSSH_6.0p1 Debian-4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 0c:bd:4e:da:17:28:d2:a6:20:b9:11:a3:de:91:f0:ce
debug1: Host '[10.1.12.10]:2222' is known and matches the RSA host key.
debug1: Found key in /Users/myname/.ssh/known_hosts:6
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /Users/myname/.ssh/id_dsa_mykey
debug1: Server accepts key: pkalg ssh-dss blen 434
debug1: Authentication succeeded (publickey).
Authenticated to 10.1.12.10 ([10.1.12.10]:2222).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
...

但是，在php脚本中，它提供了以下输出：

OpenSSH_5.9p1, OpenSSL 0.9.8y 5 Feb 2013
Pseudo-terminal will not be allocated because stdin is not a terminal.
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 54: Applying options for *
debug1: Connecting to 10.1.12.10 [10.1.12.10] port 2222.
debug1: Connection established.
debug1: identity file /Users/myname/.ssh/id_dsa_mykey type 2
debug1: identity file /Users/myname/.ssh/id_dsa_mykey-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4
debug1: match: OpenSSH_6.0p1 Debian-4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 0c:bd:4e:da:17:28:d2:a6:20:b9:11:a3:de:91:f0:ce
debug1: Host '[10.1.12.10]:2222' is known and matches the RSA host key.
debug1: Found key in /Users/myname/.ssh/known_hosts:6
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /Users/myname/.ssh/id_dsa_mykey
debug1: Server accepts key: pkalg ssh-dss blen 434
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type
debug1: read_passphrase: can't open /dev/tty: Device not configured
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: Device not configured
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: Device not configured
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: Device not configured
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).

我认为问题就在这句话之后：

debug1: Server accepts key: pkalg ssh-dss blen 434

与终端连接：

debug1: Authentication succeeded (publickey).

但在php中，它失败了：

debug1: key_parse_private_pem: PEM_read_PrivateKey failed

我不知道为什么，因为当我在终端上执行命令时，when服务器和我拥有相同的用户和组。

用HBruijn解决

所以我创造了一个新的ssh密钥对，然后.啊，真灵。我现在太强大了！

Answer 1

问题在于：debug1: read_passphrase: can't open /dev/tty: Device not configured

您的私有ssh密钥是用密码保护的，我想这不是控制台的问题，因为您的控制台会话可以访问ssh密钥链，但是apache没有。因为您不是从终端运行ssh命令，而是从PHP ssh也不能提示输入密码(也不是常规密码)。

Answer 2

当您说您将Apache的用户更改为您自己的用户时，这是什么意思？你是说你像自己一样在运行Apache吗？还是你改变了自己的UID来匹配自己的？

在进行这些更改之后，您是否重新启动了Apache？尝试从php中执行id以查看当前的有效ID是什么。

您的错误听起来像是描述了不能打开/Users/myname/.ssh/id_dsa_mykey，这对于除了root或myname之外的任何人来说都是非常正常的行为。