phpseclib SFTP用户身份验证失败

huangapple go评论75阅读模式
英文:

phpseclib SFTP failed user authentication

问题

我正在尝试通过我的基于 Laravel 5.7 框架和 phpseclib 的 Web 应用程序测试 SFTP 连接。这是仅使用密码身份验证的身份验证代码。SFTP 服务器还使用 IP 白名单作为附加安全性。

define('NET_SSH2_LOGGING', 2);
$sftp = new SFTP(env('SFTP_HOST'));
if (!$sftp->login(env('SFTP_USER'), env('SFTP_PASSWORD'))) {
    echo $sftp->getLog();
}
英文:

i'm attempting to test an SFTP connection thru my web app running on laravel 5.7 framework using phpseclib . This is the authentication code, using only password authentication. The SFTP server is also using IP whitelisting as additional security.

                $sftp = new SFTP(env('SFTP_HOST'));
                if (!$sftp->login(env('SFTP_USER'), env('SFTP_PASSWORD'))) {
                    echo $sftp->getLog();
                }


</details>


# 答案1
**得分**: 1

The `-vvv` logs almost make me wonder if the server is using multi-factor authentication. Like you have to provide both an RSA key and a password. If so you should be able to achieve that thusly:

```php
$key = new RSA;
$key->loadKey(file_get_contents('/home/forge/.ssh/id_rsa'));

$sftp = new SFTP(env('SFTP_HOST'));
if (!$sftp->login(env('SFTP_USER'), $key, env('SFTP_PASSWORD'))) {
    echo $sftp->getLog();
}

The -vvv logs also indicate that it's skipping straight to keyboard-interactive auth - that it's not even trying password auth. You can force phpseclib to do keyboard-interactive by doing $sftp->login(env('SFTP_USER'), ['Password:' => env('SFTP_PASSWORD')]) instead of what you are doing.

Maybe some combination of these two tips will help you out.

英文:

The -vvv logs almost make me wonder if the server is using multi factor authentication. Like you have to provide both an RSA key and a password. If so you should be able to achieve that thusly:

$key = new RSA;
$key-&gt;loadKey(file_get_contents(&#39;/home/forge/.ssh/id_rsa&#39;));

$sftp = new SFTP(env(&#39;SFTP_HOST&#39;));
if (!$sftp-&gt;login(env(&#39;SFTP_USER&#39;), $key, env(&#39;SFTP_PASSWORD&#39;))) {
    echo $sftp-&gt;getLog();
}

The -vvv logs also indicate that it's skipping straight to keyboard-interactive auth - that it's not even trying password auth. You can force phpseclib to do keyboard-interactive by doing $sftp-&gt;login(env(&#39;SFTP_USER&#39;), [&#39;Password:&#39; =&gt; env(&#39;SFTP_PASSWORD&#39;)]) instead of what you are doing.

Maybe some combination of these two tips will help you out.

huangapple
  • 本文由 发表于 2020年1月3日 16:54:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/59575575.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定