SSH2
in package
Pure-PHP implementation of SSHv2.
Tags
Table of Contents
Constants
- CHANNEL_AGENT_FORWARD = 4
- CHANNEL_EXEC = 1
- CHANNEL_KEEP_ALIVE = 5
- CHANNEL_SHELL = 2
- CHANNEL_SUBSYSTEM = 3
- LOG_COMPLEX = 2
- Returns the message content
- LOG_MAX_SIZE = 1048576
- Make sure that the log never gets larger than this
- LOG_REALTIME = 3
- Outputs the content real-time
- LOG_REALTIME_FILE = 4
- Dumps the content real-time to a file
- LOG_SIMPLE = 1
- Returns the message numbers
- MASK_CONNECTED = 0x2
- MASK_CONSTRUCTOR = 0x1
- MASK_LOGIN = 0x8
- MASK_LOGIN_REQ = 0x4
- MASK_SHELL = 0x10
- MASK_WINDOW_ADJUST = 0x20
- READ_NEXT = 3
- Returns whenever a data packet is received.
- READ_REGEX = 2
- Returns when a string matching the regular expression $expect is found
- READ_SIMPLE = 1
- Returns when a string matching $expect exactly is found
Properties
- $fsock : object
- The Socket Object
- $auth : array<string|int, mixed>
- Authentication Credentials
- $bitmap : int
- Execution Bitmap
- $channel_status : array<string|int, mixed>
- Channel Status
- $curTimeout : mixed
- Current Timeout
- $preferred_signature_format : string|false
- Preferred Signature Format
- $server_channels : array<string|int, mixed>
- Server Channels
- $timeout : mixed
- Timeout
- $window_size : int
- The Window Size
- $window_size_server_to_client : array<string|int, mixed>
- Window size, server to client
- $agent : Agent
- A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario
- $auth_methods_to_continue : array<string|int, mixed>|null
- The authentication methods that may productively continue authentication.
- $bad_key_size_fix : bool
- Some versions of OpenSSH incorrectly calculate the key size
- $banner_message : string
- Banner Message
- $binary_packet_buffer : string|false
- Binary Packet Buffer
- $channel_buffers : array<string|int, mixed>
- Channel Buffers
- $channel_extended_data_type_codes : array<string|int, mixed>
- SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
- $channel_open_failure_reasons : array<string|int, mixed>
- SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
- $compression_algorithms_client_to_server : array<string|int, mixed>|false
- Compression Algorithms: Client to Server
- $compression_algorithms_server_to_client : array<string|int, mixed>|false
- Compression Algorithms: Server to Client
- $connections : array<string|int, SSH2>
- Connection storage to replicates ssh2 extension functionality: {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples}
- $crypto_engine : int
- Crypto Engine
- $decrypt : object
- Server to Client Encryption Object
- $decrypt_block_size : int
- Block Size for Client to Server Encryption
- $disconnect_reasons : array<string|int, mixed>
- Disconnection Message 'reason codes' defined in RFC4253
- $encrypt : object
- Client to Server Encryption Object
- $encrypt_block_size : int
- Block Size for Server to Client Encryption
- $encryption_algorithms_client_to_server : array<string|int, mixed>|false
- Encryption Algorithms: Client to Server
- $encryption_algorithms_server_to_client : array<string|int, mixed>|false
- Encryption Algorithms: Server to Client
- $errors : array<string|int, mixed>
- Error information
- $exchange_hash : string
- Exchange hash
- $exit_status : int
- Exit status returned from ssh if any
- $get_seq_no : int
- Get Sequence Number
- $hmac_check : object
- Server to Client HMAC Object
- $hmac_create : object
- Client to Server HMAC Object
- $hmac_size : int
- Size of server to client HMAC
- $host : string
- Hostname
- $identifier : string
- The SSH identifier
- $in_request_pty_exec : bool
- Flag set while exec() is running when using enablePTY()
- $in_subsystem : bool
- Flag set after startSubsystem() is called
- $interactiveBuffer : array<string|int, mixed>
- Interactive Buffer
- $is_timeout : bool
- Did read() timeout or return normally?
- $keepAlive : mixed
- Keep Alive Interval
- $kex_algorithm : string|false
- Key Exchange Algorithm
- $kex_algorithms : array<string|int, mixed>|false
- Key Exchange Algorithms
- $kex_dh_group_size_max : int
- Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
- $kex_dh_group_size_min : int
- Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
- $kex_dh_group_size_preferred : int
- Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
- $keyboard_requests_responses : array<string|int, mixed>
- Keyboard Interactive Request / Responses
- $languages_client_to_server : array<string|int, mixed>|false
- Languages: Client to Server
- $languages_server_to_client : array<string|int, mixed>|false
- Languages: Server to Client
- $last_interactive_response : string
- The Last Interactive Response
- $last_packet : int
- Time of first network activity
- $lengthDecrypt : object
- Server to Client Length Encryption Object
- $lengthEncrypt : object
- Client to Server Length Encryption Object
- $log_boundary : string
- Log Boundary
- $log_long_width : int
- Log Long Width
- $log_short_width : int
- Log Short Width
- $log_size : int
- Current log size
- $mac_algorithms_client_to_server : array<string|int, mixed>|false
- MAC Algorithms: Client to Server
- $mac_algorithms_server_to_client : array<string|int, mixed>|false
- MAC Algorithms: Server to Client
- $message_log : array<string|int, mixed>
- Message Log
- $message_number_log : array<string|int, mixed>
- Message Number Log
- $message_numbers : array<string|int, mixed>
- Message Numbers
- $packet_size_client_to_server : array<string|int, mixed>
- Packet Size
- $port : int
- Port Number
- $preferred : array<string|int, mixed>
- Preferred Algorithms
- $quiet_mode : mixed
- Flag to suppress stderr from output
- $realtime_log_file : resource
- Real-time log file pointer
- $realtime_log_size : int
- Real-time log file size
- $realtime_log_wrap : mixed
- Real-time log file wrap boolean
- $request_pty : bool
- Flag to request a PTY when using exec()
- $retry_connect : bool
- Should we try to re-connect to re-establish keys?
- $send_id_string_first : bool
- Send the identification string first?
- $send_kex_first : bool
- Send the key exchange initiation packet first?
- $send_seq_no : int
- Send Sequence Number
- $server_host_key_algorithms : array<string|int, mixed>|false
- Server Host Key Algorithms
- $server_identifier : array<string|int, mixed>|false
- Server Identifier
- $server_public_host_key : string
- Server Public Host Key
- $session_id : string
- Session identifier
- $signature : string
- Server signature
- $signature_format : string
- Server signature format
- $signature_validated : bool
- Has the signature been validated?
- $stdErrorLog : string
- Contents of stdError
- $term : string
- Terminal
- $terminal_modes : array<string|int, mixed>
- Terminal Modes
- $window_resize : int
- What we resize the window to
- $window_size_client_to_server : array<string|int, mixed>
- Window size, client to server
- $windowColumns : int
- Number of columns for terminal window size
- $windowRows : int
- Number of columns for terminal window size
Methods
- __construct() : SSH2|void
- Default Constructor.
- __destruct() : mixed
- Destructor.
- __toString() : string
- To String Magic Method
- disablePTY() : mixed
- Disable request-pty when using exec()
- disableQuietMode() : mixed
- Disable Quiet Mode
- disconnect() : mixed
- Disconnect
- enablePTY() : mixed
- Enable request-pty when using exec()
- enableQuietMode() : mixed
- Enable Quiet Mode
- exec() : string
- Execute Command
- getAlgorithmsNegotiated() : array<string|int, mixed>
- Return list of negotiated algorithms
- getAuthMethodsToContinue() : array<string|int, mixed>|null
- Return the list of authentication methods that may productively continue authentication.
- getBannerMessage() : string
- Returns the banner message.
- getConnectionByResourceId() : bool|SSH2
- Return existing connection
- getConnections() : array<string|int, SSH2>
- Return all excising connections
- getErrors() : array<string|int, string>
- Returns all errors
- getExitStatus() : false|int
- Returns the exit status of an SSH command or false.
- getLastError() : string
- Returns the last error
- getLog() : array<string|int, mixed>|false|string
- Returns a log of the packets that have been sent and received.
- getResourceId() : string
- Get Resource ID
- getServerAlgorithms() : array<string|int, mixed>
- Returns a list of algorithms the server supports
- getServerIdentification() : string
- Return the server identification.
- getServerPublicHostKey() : mixed
- Returns the server public host key.
- getStdError() : mixed
- Get the output from stdError
- getSupportedCompressionAlgorithms() : array<string|int, mixed>
- Returns a list of compression algorithms that phpseclib supports
- getSupportedEncryptionAlgorithms() : array<string|int, mixed>
- Returns a list of symmetric key algorithms that phpseclib supports
- getSupportedHostKeyAlgorithms() : array<string|int, mixed>
- Returns a list of host key algorithms that phpseclib supports
- getSupportedKEXAlgorithms() : array<string|int, mixed>
- Returns a list of KEX algorithms that phpseclib supports
- getSupportedMACAlgorithms() : array<string|int, mixed>
- Returns a list of MAC algorithms that phpseclib supports
- getWindowColumns() : int
- Returns the number of columns for the terminal window size.
- getWindowRows() : int
- Returns the number of rows for the terminal window size.
- isAuthenticated() : bool
- Have you successfully been logged in?
- isConnected() : bool
- Is the connection still active?
- isPTYEnabled() : bool
- Returns whether request-pty is enabled or not
- isQuietModeEnabled() : bool
- Returns whether Quiet Mode is enabled or not
- isTimeout() : mixed
- Is timeout?
- login() : bool
- Login
- ping() : bool
- Pings a server connection, or tries to reconnect if the connection has gone down
- read() : string|bool|null
- Returns the output of an interactive shell
- requestAgentForwarding() : bool
- Request agent forwarding of remote server
- reset() : mixed
- Closes a channel
- sendIdentificationStringFirst() : mixed
- Send Identification String First
- sendIdentificationStringLast() : mixed
- Send Identification String Last
- sendKEXINITFirst() : mixed
- Send SSH_MSG_KEXINIT First
- sendKEXINITLast() : mixed
- Send SSH_MSG_KEXINIT Last
- setCryptoEngine() : mixed
- Set Crypto Engine Mode
- setKeepAlive() : mixed
- Set Keep Alive
- setPreferredAlgorithms() : mixed
- Accepts an associative array with up to four parameters as described at <https://www.php.net/manual/en/function.ssh2-connect.php>
- setTerminal() : mixed
- Allows you to set the terminal
- setTimeout() : mixed
- Set Timeout
- setWindowColumns() : mixed
- Sets the number of columns for the terminal window size.
- setWindowRows() : mixed
- Sets the number of rows for the terminal window size.
- setWindowSize() : mixed
- Sets the number of columns and rows for the terminal window size.
- startSubsystem() : bool
- Start a subsystem.
- stopSubsystem() : bool
- Stops a subsystem.
- write() : bool
- Inputs a command into an interactive shell.
- define_array() : mixed
- Define Array
- disconnect_helper() : bool
- Disconnect
- format_log() : string
- Formats a log for printing
- get_channel_packet() : mixed
- Gets channel data
- reset_connection() : mixed
- Resets a connection for re-use
- send_binary_packet() : bool
- Sends Binary Packets
- send_channel_packet() : bool
- Sends channel data
- sublogin() : bool
- Login Helper
- append_log() : mixed
- Logs data packets
- array_intersect_first() : mixed
- Returns the first value of the intersection of two arrays or false if the intersection is empty. The order is defined by the first parameter.
- bad_algorithm_candidate() : mixed
- close_channel() : bool
- Closes and flushes a channel
- connect() : mixed
- Connect to an SSHv2 server
- encryption_algorithm_to_crypt_instance() : mixed
- Maps an encryption algorithm name to an instance of a subclass of \phpseclib3\Crypt\Common\SymmetricKey.
- encryption_algorithm_to_key_size() : int|null
- Maps an encryption algorithm name to the number of key bytes.
- filter() : string
- Filter Binary Packets
- generate_identifier() : string
- Generates the SSH identifier
- get_binary_packet() : string
- Gets Binary Packets
- get_interactive_channel() : int
- Return the channel to be used with read() / write()
- get_open_channel() : int
- Return an available open channel
- initShell() : bool
- Creates an interactive shell
- key_exchange() : bool
- Key Exchange
- keyboard_interactive_login() : bool
- Login via keyboard-interactive authentication
- keyboard_interactive_process() : bool
- Handle the keyboard-interactive requests / responses.
- login_helper() : bool
- Login Helper
- mac_algorithm_to_hash_instance() : mixed
- Maps an encryption algorithm name to an instance of a subclass of \phpseclib3\Crypt\Hash.
- on_channel_open() : mixed
- Helper function for agent->on_channel_open()
- privatekey_login() : bool
- Login with an RSA private key
- read_remaining_bytes() : string
- Read Remaining Bytes
- reconnect() : bool
- In situ reconnect method
- ssh_agent_login() : bool
- Login with an ssh-agent provided key
- updateLogHistory() : mixed
Constants
CHANNEL_AGENT_FORWARD
public
mixed
CHANNEL_AGENT_FORWARD
= 4
CHANNEL_EXEC
public
mixed
CHANNEL_EXEC
= 1
CHANNEL_KEEP_ALIVE
public
mixed
CHANNEL_KEEP_ALIVE
= 5
CHANNEL_SHELL
public
mixed
CHANNEL_SHELL
= 2
CHANNEL_SUBSYSTEM
public
mixed
CHANNEL_SUBSYSTEM
= 3
LOG_COMPLEX
Returns the message content
public
mixed
LOG_COMPLEX
= 2
Tags
LOG_MAX_SIZE
Make sure that the log never gets larger than this
public
mixed
LOG_MAX_SIZE
= 1048576
Tags
LOG_REALTIME
Outputs the content real-time
public
mixed
LOG_REALTIME
= 3
Tags
LOG_REALTIME_FILE
Dumps the content real-time to a file
public
mixed
LOG_REALTIME_FILE
= 4
Tags
LOG_SIMPLE
Returns the message numbers
public
mixed
LOG_SIMPLE
= 1
Tags
MASK_CONNECTED
public
mixed
MASK_CONNECTED
= 0x2
MASK_CONSTRUCTOR
public
mixed
MASK_CONSTRUCTOR
= 0x1
MASK_LOGIN
public
mixed
MASK_LOGIN
= 0x8
MASK_LOGIN_REQ
public
mixed
MASK_LOGIN_REQ
= 0x4
MASK_SHELL
public
mixed
MASK_SHELL
= 0x10
MASK_WINDOW_ADJUST
public
mixed
MASK_WINDOW_ADJUST
= 0x20
READ_NEXT
Returns whenever a data packet is received.
public
mixed
READ_NEXT
= 3
Some data packets may only contain a single character so it may be necessary to call read() multiple times when using this option
Tags
READ_REGEX
Returns when a string matching the regular expression $expect is found
public
mixed
READ_REGEX
= 2
Tags
READ_SIMPLE
Returns when a string matching $expect exactly is found
public
mixed
READ_SIMPLE
= 1
Tags
Properties
$fsock
The Socket Object
public
object
$fsock
Tags
$auth
Authentication Credentials
protected
array<string|int, mixed>
$auth
= []
Tags
$bitmap
Execution Bitmap
protected
int
$bitmap
= 0
The bits that are set represent functions that have been called already. This is used to determine if a requisite function has been successfully executed. If not, an error should be thrown.
Tags
$channel_status
Channel Status
protected
array<string|int, mixed>
$channel_status
= []
Contains the type of the last sent message
Tags
$curTimeout
Current Timeout
protected
mixed
$curTimeout
Tags
$preferred_signature_format
Preferred Signature Format
protected
string|false
$preferred_signature_format
= false
Tags
$server_channels
Server Channels
protected
array<string|int, mixed>
$server_channels
= []
Maps client channels to server channels
Tags
$timeout
Timeout
protected
mixed
$timeout
Tags
$window_size
The Window Size
protected
int
$window_size
= 0x7fffffff
Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB)
Tags
$window_size_server_to_client
Window size, server to client
protected
array<string|int, mixed>
$window_size_server_to_client
= []
Window size indexed by channel
Tags
$agent
A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario
private
Agent
$agent
Tags
$auth_methods_to_continue
The authentication methods that may productively continue authentication.
private
array<string|int, mixed>|null
$auth_methods_to_continue
= null
Tags
$bad_key_size_fix
Some versions of OpenSSH incorrectly calculate the key size
private
bool
$bad_key_size_fix
= false
Tags
$banner_message
Banner Message
private
string
$banner_message
= ''
Quoting from the RFC, "in some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection."
Tags
$binary_packet_buffer
Binary Packet Buffer
private
string|false
$binary_packet_buffer
= false
Tags
$channel_buffers
Channel Buffers
private
array<string|int, mixed>
$channel_buffers
= []
If a client requests a packet from one channel but receives two packets from another those packets should be placed in a buffer
Tags
$channel_extended_data_type_codes
SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
private
array<string|int, mixed>
$channel_extended_data_type_codes
= []
Tags
$channel_open_failure_reasons
SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
private
array<string|int, mixed>
$channel_open_failure_reasons
= []
Tags
$compression_algorithms_client_to_server
Compression Algorithms: Client to Server
private
array<string|int, mixed>|false
$compression_algorithms_client_to_server
= false
Tags
$compression_algorithms_server_to_client
Compression Algorithms: Server to Client
private
array<string|int, mixed>|false
$compression_algorithms_server_to_client
= false
Tags
$connections
Connection storage to replicates ssh2 extension functionality: {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples}
private
static array<string|int, SSH2>
$connections
$crypto_engine
Crypto Engine
private
static int
$crypto_engine
= false
Tags
$decrypt
Server to Client Encryption Object
private
object
$decrypt
= false
Tags
$decrypt_block_size
Block Size for Client to Server Encryption
private
int
$decrypt_block_size
= 8
Tags
$disconnect_reasons
Disconnection Message 'reason codes' defined in RFC4253
private
array<string|int, mixed>
$disconnect_reasons
= []
Tags
$encrypt
Client to Server Encryption Object
private
object
$encrypt
= false
Tags
$encrypt_block_size
Block Size for Server to Client Encryption
private
int
$encrypt_block_size
= 8
"Note that the length of the concatenation of 'packet_length', 'padding_length', 'payload', and 'random padding' MUST be a multiple of the cipher block size or 8, whichever is larger. This constraint MUST be enforced, even when using stream ciphers."
-- http://tools.ietf.org/html/rfc4253#section-6
Tags
$encryption_algorithms_client_to_server
Encryption Algorithms: Client to Server
private
array<string|int, mixed>|false
$encryption_algorithms_client_to_server
= false
Tags
$encryption_algorithms_server_to_client
Encryption Algorithms: Server to Client
private
array<string|int, mixed>|false
$encryption_algorithms_server_to_client
= false
Tags
$errors
Error information
private
array<string|int, mixed>
$errors
= []
Tags
$exchange_hash
Exchange hash
private
string
$exchange_hash
= false
The current exchange hash
Tags
$exit_status
Exit status returned from ssh if any
private
int
$exit_status
Tags
$get_seq_no
Get Sequence Number
private
int
$get_seq_no
= 0
See 'Section 6.4. Data Integrity' of rfc4253 for more info.
Tags
$hmac_check
Server to Client HMAC Object
private
object
$hmac_check
= false
Tags
$hmac_create
Client to Server HMAC Object
private
object
$hmac_create
= false
Tags
$hmac_size
Size of server to client HMAC
private
int
$hmac_size
= false
We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is append it.
Tags
$host
Hostname
private
string
$host
Tags
$identifier
The SSH identifier
private
string
$identifier
Tags
$in_request_pty_exec
Flag set while exec() is running when using enablePTY()
private
bool
$in_request_pty_exec
= false
Tags
$in_subsystem
Flag set after startSubsystem() is called
private
bool
$in_subsystem
Tags
$interactiveBuffer
Interactive Buffer
private
array<string|int, mixed>
$interactiveBuffer
= ''
Tags
$is_timeout
Did read() timeout or return normally?
private
bool
$is_timeout
= false
Tags
$keepAlive
Keep Alive Interval
private
mixed
$keepAlive
Tags
$kex_algorithm
Key Exchange Algorithm
private
string|false
$kex_algorithm
= false
Tags
$kex_algorithms
Key Exchange Algorithms
private
array<string|int, mixed>|false
$kex_algorithms
= false
Tags
$kex_dh_group_size_max
Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
private
int
$kex_dh_group_size_max
= 4096
Tags
$kex_dh_group_size_min
Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
private
int
$kex_dh_group_size_min
= 1536
Tags
$kex_dh_group_size_preferred
Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods
private
int
$kex_dh_group_size_preferred
= 2048
Tags
$keyboard_requests_responses
Keyboard Interactive Request / Responses
private
array<string|int, mixed>
$keyboard_requests_responses
= []
Tags
$languages_client_to_server
Languages: Client to Server
private
array<string|int, mixed>|false
$languages_client_to_server
= false
Tags
$languages_server_to_client
Languages: Server to Client
private
array<string|int, mixed>|false
$languages_server_to_client
= false
Tags
$last_interactive_response
The Last Interactive Response
private
string
$last_interactive_response
= ''
Tags
$last_packet
Time of first network activity
private
int
$last_packet
Tags
$lengthDecrypt
Server to Client Length Encryption Object
private
object
$lengthDecrypt
= false
Tags
$lengthEncrypt
Client to Server Length Encryption Object
private
object
$lengthEncrypt
= false
Tags
$log_boundary
Log Boundary
private
string
$log_boundary
= ':'
Tags
$log_long_width
Log Long Width
private
int
$log_long_width
= 65
Tags
$log_short_width
Log Short Width
private
int
$log_short_width
= 16
Tags
$log_size
Current log size
private
int
$log_size
Should never exceed self::LOG_MAX_SIZE
Tags
$mac_algorithms_client_to_server
MAC Algorithms: Client to Server
private
array<string|int, mixed>|false
$mac_algorithms_client_to_server
= false
Tags
$mac_algorithms_server_to_client
MAC Algorithms: Server to Client
private
array<string|int, mixed>|false
$mac_algorithms_server_to_client
= false
Tags
$message_log
Message Log
private
array<string|int, mixed>
$message_log
= []
Tags
$message_number_log
Message Number Log
private
array<string|int, mixed>
$message_number_log
= []
Tags
$message_numbers
Message Numbers
private
array<string|int, mixed>
$message_numbers
= []
Tags
$packet_size_client_to_server
Packet Size
private
array<string|int, mixed>
$packet_size_client_to_server
= []
Maximum packet size indexed by channel
Tags
$port
Port Number
private
int
$port
Tags
$preferred
Preferred Algorithms
private
array<string|int, mixed>
$preferred
= []
Tags
$quiet_mode
Flag to suppress stderr from output
private
mixed
$quiet_mode
= false
Tags
$realtime_log_file
Real-time log file pointer
private
resource
$realtime_log_file
Tags
$realtime_log_size
Real-time log file size
private
int
$realtime_log_size
Tags
$realtime_log_wrap
Real-time log file wrap boolean
private
mixed
$realtime_log_wrap
Tags
$request_pty
Flag to request a PTY when using exec()
private
bool
$request_pty
= false
Tags
$retry_connect
Should we try to re-connect to re-establish keys?
private
bool
$retry_connect
= false
Tags
$send_id_string_first
Send the identification string first?
private
bool
$send_id_string_first
= true
Tags
$send_kex_first
Send the key exchange initiation packet first?
private
bool
$send_kex_first
= true
Tags
$send_seq_no
Send Sequence Number
private
int
$send_seq_no
= 0
See 'Section 6.4. Data Integrity' of rfc4253 for more info.
Tags
$server_host_key_algorithms
Server Host Key Algorithms
private
array<string|int, mixed>|false
$server_host_key_algorithms
= false
Tags
$server_identifier
Server Identifier
private
array<string|int, mixed>|false
$server_identifier
= false
Tags
$server_public_host_key
Server Public Host Key
private
string
$server_public_host_key
Tags
$session_id
Session identifier
private
string
$session_id
= false
"The exchange hash H from the first key exchange is additionally used as the session identifier, which is a unique identifier for this connection."
-- http://tools.ietf.org/html/rfc4253#section-7.2
Tags
$signature
Server signature
private
string
$signature
= ''
Verified against $this->session_id
Tags
$signature_format
Server signature format
private
string
$signature_format
= ''
ssh-rsa or ssh-dss.
Tags
$signature_validated
Has the signature been validated?
private
bool
$signature_validated
= false
Tags
$stdErrorLog
Contents of stdError
private
string
$stdErrorLog
Tags
$term
Terminal
private
string
$term
= 'vt100'
Tags
$terminal_modes
Terminal Modes
private
array<string|int, mixed>
$terminal_modes
= []
Tags
$window_resize
What we resize the window to
private
int
$window_resize
= 0x40000000
When PuTTY resizes the window it doesn't add an additional 0x7FFFFFFF bytes - it adds 0x40000000 bytes. Some SFTP clients (GoAnywhere) don't support adding 0x7FFFFFFF to the window size after the fact so we'll just do what PuTTY does
Tags
$window_size_client_to_server
Window size, client to server
private
array<string|int, mixed>
$window_size_client_to_server
= []
Window size indexed by channel
Tags
$windowColumns
Number of columns for terminal window size
private
int
$windowColumns
= 80
Tags
$windowRows
Number of columns for terminal window size
private
int
$windowRows
= 24
Tags
Methods
__construct()
Default Constructor.
public
__construct(mixed $host[, int $port = 22 ][, int $timeout = 10 ]) : SSH2|void
$host can either be a string, representing the host, or a stream resource.
Parameters
- $host : mixed
- $port : int = 22
- $timeout : int = 10
Tags
Return values
SSH2|void__destruct()
Destructor.
public
__destruct() : mixed
Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call disconnect().
Tags
__toString()
To String Magic Method
public
__toString() : string
Tags
Return values
stringdisablePTY()
Disable request-pty when using exec()
public
disablePTY() : mixed
Tags
disableQuietMode()
Disable Quiet Mode
public
disableQuietMode() : mixed
Show stderr in output
Tags
disconnect()
Disconnect
public
disconnect() : mixed
Tags
enablePTY()
Enable request-pty when using exec()
public
enablePTY() : mixed
Tags
enableQuietMode()
Enable Quiet Mode
public
enableQuietMode() : mixed
Suppress stderr from output
Tags
exec()
Execute Command
public
exec(string $command[, callable $callback = null ]) : string
If $callback is set to false then \phpseclib3\Net\SSH2::get_channel_packet(self::CHANNEL_EXEC) will need to be called manually. In all likelihood, this is not a feature you want to be taking advantage of.
Parameters
- $command : string
- $callback : callable = null
Tags
Return values
stringgetAlgorithmsNegotiated()
Return list of negotiated algorithms
public
getAlgorithmsNegotiated() : array<string|int, mixed>
Uses the same format as https://www.php.net/ssh2-methods-negotiated
Tags
Return values
array<string|int, mixed>getAuthMethodsToContinue()
Return the list of authentication methods that may productively continue authentication.
public
getAuthMethodsToContinue() : array<string|int, mixed>|null
Tags
Return values
array<string|int, mixed>|nullgetBannerMessage()
Returns the banner message.
public
getBannerMessage() : string
Quoting from the RFC, "in some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection."
Tags
Return values
stringgetConnectionByResourceId()
Return existing connection
public
static getConnectionByResourceId(string $id) : bool|SSH2
Parameters
- $id : string
Return values
bool|SSH2 —will return false if no such connection
getConnections()
Return all excising connections
public
static getConnections() : array<string|int, SSH2>
Return values
array<string|int, SSH2>getErrors()
Returns all errors
public
getErrors() : array<string|int, string>
Tags
Return values
array<string|int, string>getExitStatus()
Returns the exit status of an SSH command or false.
public
getExitStatus() : false|int
Tags
Return values
false|intgetLastError()
Returns the last error
public
getLastError() : string
Tags
Return values
stringgetLog()
Returns a log of the packets that have been sent and received.
public
getLog() : array<string|int, mixed>|false|string
Returns a string if NET_SSH2_LOGGING == self::LOG_COMPLEX, an array if NET_SSH2_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING')
Tags
Return values
array<string|int, mixed>|false|stringgetResourceId()
Get Resource ID
public
getResourceId() : string
We use } because that symbols should not be in URL according to RFC. It will safe us from any conflicts, because otherwise regexp will match all alphanumeric domains.
Return values
stringgetServerAlgorithms()
Returns a list of algorithms the server supports
public
getServerAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getServerIdentification()
Return the server identification.
public
getServerIdentification() : string
Tags
Return values
stringgetServerPublicHostKey()
Returns the server public host key.
public
getServerPublicHostKey() : mixed
Caching this the first time you connect to a server and checking the result on subsequent connections is recommended. Returns false if the server signature is not signed correctly with the public host key.
Tags
getStdError()
Get the output from stdError
public
getStdError() : mixed
Tags
getSupportedCompressionAlgorithms()
Returns a list of compression algorithms that phpseclib supports
public
static getSupportedCompressionAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getSupportedEncryptionAlgorithms()
Returns a list of symmetric key algorithms that phpseclib supports
public
static getSupportedEncryptionAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getSupportedHostKeyAlgorithms()
Returns a list of host key algorithms that phpseclib supports
public
static getSupportedHostKeyAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getSupportedKEXAlgorithms()
Returns a list of KEX algorithms that phpseclib supports
public
static getSupportedKEXAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getSupportedMACAlgorithms()
Returns a list of MAC algorithms that phpseclib supports
public
static getSupportedMACAlgorithms() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed>getWindowColumns()
Returns the number of columns for the terminal window size.
public
getWindowColumns() : int
Tags
Return values
intgetWindowRows()
Returns the number of rows for the terminal window size.
public
getWindowRows() : int
Tags
Return values
intisAuthenticated()
Have you successfully been logged in?
public
isAuthenticated() : bool
Tags
Return values
boolisConnected()
Is the connection still active?
public
isConnected() : bool
Tags
Return values
boolisPTYEnabled()
Returns whether request-pty is enabled or not
public
isPTYEnabled() : bool
Tags
Return values
boolisQuietModeEnabled()
Returns whether Quiet Mode is enabled or not
public
isQuietModeEnabled() : bool
Tags
Return values
boolisTimeout()
Is timeout?
public
isTimeout() : mixed
Did exec() or read() return because they timed out or because they encountered the end?
Tags
login()
Login
public
login(string $username, string|AsymmetricKey|array<string|int, array<string|int, mixed>>|Agent|null ...$args) : bool
The $password parameter can be a plaintext password, a \phpseclib3\Crypt\RSA|EC|DSA object, a \phpseclib3\System\SSH\Agent object or an array
Parameters
- $username : string
- $args : string|AsymmetricKey|array<string|int, array<string|int, mixed>>|Agent|null
Tags
Return values
boolping()
Pings a server connection, or tries to reconnect if the connection has gone down
public
ping() : bool
Inspired by http://php.net/manual/en/mysqli.ping.php
Return values
boolread()
Returns the output of an interactive shell
public
read([string $expect = '' ][, int $mode = self::READ_SIMPLE ]) : string|bool|null
Returns when there's a match for $expect, which can take the form of a string literal or, if $mode == self::READ_REGEX, a regular expression.
Parameters
- $expect : string = ''
- $mode : int = self::READ_SIMPLE
Tags
Return values
string|bool|nullrequestAgentForwarding()
Request agent forwarding of remote server
public
requestAgentForwarding() : bool
Tags
Return values
boolreset()
Closes a channel
public
reset() : mixed
If read() timed out you might want to just close the channel and have it auto-restart on the next read() call
Tags
sendIdentificationStringFirst()
Send Identification String First
public
sendIdentificationStringFirst() : mixed
https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, both sides MUST send an identification string". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
Tags
sendIdentificationStringLast()
Send Identification String Last
public
sendIdentificationStringLast() : mixed
https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, both sides MUST send an identification string". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
Tags
sendKEXINITFirst()
Send SSH_MSG_KEXINIT First
public
sendKEXINITFirst() : mixed
https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
Tags
sendKEXINITLast()
Send SSH_MSG_KEXINIT Last
public
sendKEXINITLast() : mixed
https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy
Tags
setCryptoEngine()
Set Crypto Engine Mode
public
static setCryptoEngine(int $engine) : mixed
Possible $engine values: OpenSSL, mcrypt, Eval, PHP
Parameters
- $engine : int
Tags
setKeepAlive()
Set Keep Alive
public
setKeepAlive(int $interval) : mixed
Sends an SSH2_MSG_IGNORE message every x seconds, if x is a positive non-zero number.
Parameters
- $interval : int
Tags
setPreferredAlgorithms()
Accepts an associative array with up to four parameters as described at <https://www.php.net/manual/en/function.ssh2-connect.php>
public
setPreferredAlgorithms(array<string|int, mixed> $methods) : mixed
Parameters
- $methods : array<string|int, mixed>
Tags
setTerminal()
Allows you to set the terminal
public
setTerminal(string $term) : mixed
Parameters
- $term : string
Tags
setTimeout()
Set Timeout
public
setTimeout(mixed $timeout) : mixed
$ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. Setting $timeout to false or 0 will mean there is no timeout.
Parameters
- $timeout : mixed
Tags
setWindowColumns()
Sets the number of columns for the terminal window size.
public
setWindowColumns(int $value) : mixed
Parameters
- $value : int
Tags
setWindowRows()
Sets the number of rows for the terminal window size.
public
setWindowRows(int $value) : mixed
Parameters
- $value : int
Tags
setWindowSize()
Sets the number of columns and rows for the terminal window size.
public
setWindowSize([int $columns = 80 ][, int $rows = 24 ]) : mixed
Parameters
- $columns : int = 80
- $rows : int = 24
Tags
startSubsystem()
Start a subsystem.
public
startSubsystem(string $subsystem) : bool
Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented if there's sufficient demand for such a feature.
Parameters
- $subsystem : string
Tags
Return values
boolstopSubsystem()
Stops a subsystem.
public
stopSubsystem() : bool
Tags
Return values
boolwrite()
Inputs a command into an interactive shell.
public
write(string $cmd) : bool
Parameters
- $cmd : string
Tags
Return values
booldefine_array()
Define Array
protected
define_array(array<string|int, mixed> ...$args) : mixed
Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of named constants from it, using the value as the name of the constant and the index as the value of the constant. If any of the constants that would be defined already exists, none of the constants will be defined.
Parameters
- $args : array<string|int, mixed>
Tags
disconnect_helper()
Disconnect
protected
disconnect_helper(int $reason) : bool
Parameters
- $reason : int
Tags
Return values
boolformat_log()
Formats a log for printing
protected
format_log(array<string|int, mixed> $message_log, array<string|int, mixed> $message_number_log) : string
Parameters
- $message_log : array<string|int, mixed>
- $message_number_log : array<string|int, mixed>
Tags
Return values
stringget_channel_packet()
Gets channel data
protected
get_channel_packet(int $client_channel[, bool $skip_extended = false ]) : mixed
Returns the data as a string. bool(true) is returned if:
- the server closes the channel
- if the connection times out
- if the channel status is CHANNEL_OPEN and the response was CHANNEL_OPEN_CONFIRMATION
- if the channel status is CHANNEL_REQUEST and the response was CHANNEL_SUCCESS
bool(false) is returned if:
- if the channel status is CHANNEL_REQUEST and the response was CHANNEL_FAILURE
Parameters
- $client_channel : int
- $skip_extended : bool = false
Tags
reset_connection()
Resets a connection for re-use
protected
reset_connection(int $reason) : mixed
Parameters
- $reason : int
Tags
send_binary_packet()
Sends Binary Packets
protected
send_binary_packet(string $data[, string $logged = null ]) : bool
See '6. Binary Packet Protocol' of rfc4253 for more info.
Parameters
- $data : string
- $logged : string = null
Tags
Return values
boolsend_channel_packet()
Sends channel data
protected
send_channel_packet(int $client_channel, string $data) : bool
Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate
Parameters
- $client_channel : int
- $data : string
Tags
Return values
boolsublogin()
Login Helper
protected
sublogin(string $username, array<string|int, string> ...$args) : bool
Parameters
- $username : string
- $args : array<string|int, string>
Tags
Return values
boolappend_log()
Logs data packets
private
append_log(string $message_number, string $message) : mixed
Makes sure that only the last 1MB worth of packets will be logged
Parameters
- $message_number : string
- $message : string
Tags
array_intersect_first()
Returns the first value of the intersection of two arrays or false if the intersection is empty. The order is defined by the first parameter.
private
static array_intersect_first(array<string|int, mixed> $array1, array<string|int, mixed> $array2) : mixed
Parameters
- $array1 : array<string|int, mixed>
- $array2 : array<string|int, mixed>
Tags
Return values
mixed —False if intersection is empty, else intersected value.
bad_algorithm_candidate()
private
static bad_algorithm_candidate(mixed $algorithm) : mixed
Parameters
- $algorithm : mixed
close_channel()
Closes and flushes a channel
private
close_channel(int $client_channel[, bool $want_reply = false ]) : bool
\phpseclib3\Net\SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server and for SFTP channels are presumably closed when the client disconnects. This functions is intended for SCP more than anything.
Parameters
- $client_channel : int
- $want_reply : bool = false
Tags
Return values
boolconnect()
Connect to an SSHv2 server
private
connect() : mixed
Tags
encryption_algorithm_to_crypt_instance()
Maps an encryption algorithm name to an instance of a subclass of \phpseclib3\Crypt\Common\SymmetricKey.
private
static encryption_algorithm_to_crypt_instance(string $algorithm) : mixed
Parameters
- $algorithm : string
-
Name of the encryption algorithm
Tags
Return values
mixed —Instance of \phpseclib3\Crypt\Common\SymmetricKey or null for unknown
encryption_algorithm_to_key_size()
Maps an encryption algorithm name to the number of key bytes.
private
encryption_algorithm_to_key_size(string $algorithm) : int|null
Parameters
- $algorithm : string
-
Name of the encryption algorithm
Tags
Return values
int|null —Number of bytes as an integer or null for unknown
filter()
Filter Binary Packets
private
filter(string $payload, bool $skip_channel_filter) : string
Because some binary packets need to be ignored...
Parameters
- $payload : string
- $skip_channel_filter : bool
Tags
Return values
stringgenerate_identifier()
Generates the SSH identifier
private
generate_identifier() : string
You should overwrite this method in your own class if you want to use another identifier
Tags
Return values
stringget_binary_packet()
Gets Binary Packets
private
get_binary_packet([bool $skip_channel_filter = false ]) : string
See '6. Binary Packet Protocol' of rfc4253 for more info.
Parameters
- $skip_channel_filter : bool = false
Tags
Return values
stringget_interactive_channel()
Return the channel to be used with read() / write()
private
get_interactive_channel() : int
Tags
Return values
intget_open_channel()
Return an available open channel
private
get_open_channel() : int
Tags
Return values
intinitShell()
Creates an interactive shell
private
initShell() : bool
Tags
Return values
boolkey_exchange()
Key Exchange
private
key_exchange([string|bool $kexinit_payload_server = false ]) : bool
Parameters
- $kexinit_payload_server : string|bool = false
-
optional
Tags
Return values
boolkeyboard_interactive_login()
Login via keyboard-interactive authentication
private
keyboard_interactive_login(string $username, string $password) : bool
See RFC4256 for details. This is not a full-featured keyboard-interactive authenticator.
Parameters
- $username : string
- $password : string
Tags
Return values
boolkeyboard_interactive_process()
Handle the keyboard-interactive requests / responses.
private
keyboard_interactive_process(array<string|int, mixed> ...$responses) : bool
Parameters
- $responses : array<string|int, mixed>
Tags
Return values
boollogin_helper()
Login Helper
private
login_helper(string $username[, mixed $password = null ], string|AsymmetricKey|array<string|int, array<string|int, mixed>>|Agent|null ...$args) : bool
Parameters
- $username : string
- $password : mixed = null
- $args : string|AsymmetricKey|array<string|int, array<string|int, mixed>>|Agent|null
Tags
Return values
boolmac_algorithm_to_hash_instance()
Maps an encryption algorithm name to an instance of a subclass of \phpseclib3\Crypt\Hash.
private
static mac_algorithm_to_hash_instance(string $algorithm) : mixed
Parameters
- $algorithm : string
-
Name of the encryption algorithm
Tags
Return values
mixed —Instance of \phpseclib3\Crypt\Hash or null for unknown
on_channel_open()
Helper function for agent->on_channel_open()
private
on_channel_open() : mixed
Used when channels are created to inform agent of said channel opening. Must be called after channel open confirmation received
Tags
privatekey_login()
Login with an RSA private key
private
privatekey_login(string $username, PrivateKey $privatekey) : bool
Parameters
- $username : string
- $privatekey : PrivateKey
Tags
Return values
boolread_remaining_bytes()
Read Remaining Bytes
private
read_remaining_bytes(int $remaining_length) : string
Parameters
- $remaining_length : int
Tags
Return values
stringreconnect()
In situ reconnect method
private
reconnect() : bool
Return values
boolssh_agent_login()
Login with an ssh-agent provided key
private
ssh_agent_login(string $username, Agent $agent) : bool
Parameters
- $username : string
- $agent : Agent
Tags
Return values
boolupdateLogHistory()
private
updateLogHistory(mixed $old, mixed $new) : mixed
Parameters
- $old : mixed
- $new : mixed