phpseclib SFTP用户身份验证失败

huangapple
go评论92阅读模式
英文:

phpseclib SFTP failed user authentication

问题

我正在尝试通过我的基于 Laravel 5.7 框架和 phpseclib 的 Web 应用程序测试 SFTP 连接。这是仅使用密码身份验证的身份验证代码。SFTP 服务器还使用 IP 白名单作为附加安全性。

  1. define('NET_SSH2_LOGGING', 2);
  2. $sftp = new SFTP(env('SFTP_HOST'));
  3. if (!$sftp->login(env('SFTP_USER'), env('SFTP_PASSWORD'))) {
  4.     echo $sftp->getLog();
  5. }
英文:

i'm attempting to test an SFTP connection thru my web app running on laravel 5.7 framework using phpseclib . This is the authentication code, using only password authentication. The SFTP server is also using IP whitelisting as additional security.

  1.                 $sftp = new SFTP(env('SFTP_HOST'));
  2.                 if (!$sftp->login(env('SFTP_USER'), env('SFTP_PASSWORD'))) {
  3.                     echo $sftp->getLog();
  4.                 }
  7. </details>
  10. # 答案1
  11. **得分**: 1
  13. The `-vvv` logs almost make me wonder if the server is using multi-factor authentication. Like you have to provide both an RSA key and a password. If so you should be able to achieve that thusly:
  15. ```php
  16. $key = new RSA;
  17. $key->loadKey(file_get_contents('/home/forge/.ssh/id_rsa'));
  19. $sftp = new SFTP(env('SFTP_HOST'));
  20. if (!$sftp->login(env('SFTP_USER'), $key, env('SFTP_PASSWORD'))) {
  21.     echo $sftp->getLog();
  22. }

The -vvv logs also indicate that it's skipping straight to keyboard-interactive auth - that it's not even trying password auth. You can force phpseclib to do keyboard-interactive by doing $sftp->login(env('SFTP_USER'), ['Password:' => env('SFTP_PASSWORD')]) instead of what you are doing.

Maybe some combination of these two tips will help you out.

英文:

The -vvv logs almost make me wonder if the server is using multi factor authentication. Like you have to provide both an RSA key and a password. If so you should be able to achieve that thusly:

  1. $key = new RSA;
  2. $key-&gt;loadKey(file_get_contents(&#39;/home/forge/.ssh/id_rsa&#39;));
  4. $sftp = new SFTP(env(&#39;SFTP_HOST&#39;));
  5. if (!$sftp-&gt;login(env(&#39;SFTP_USER&#39;), $key, env(&#39;SFTP_PASSWORD&#39;))) {
  6.     echo $sftp-&gt;getLog();
  7. }

The -vvv logs also indicate that it's skipping straight to keyboard-interactive auth - that it's not even trying password auth. You can force phpseclib to do keyboard-interactive by doing $sftp-&gt;login(env(&#39;SFTP_USER&#39;), [&#39;Password:&#39; =&gt; env(&#39;SFTP_PASSWORD&#39;)]) instead of what you are doing.

Maybe some combination of these two tips will help you out.

huangapple
  • 本文由 发表于 2020年1月3日 16:54:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/59575575.html
  • laravel
  • php
  • phpseclib
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定