Edit report at http://bugs.php.net/bug.php?id=52804&edit=1
ID: 52804
Updated by: paj...@php.net
Reported by: ron at roncemer dot com
Summary: ssh2_auth_pubkey_file() requires both public and
private keys
-Status: Open
+Status: Bogus
Type: Bug
Package: *General Issues
Operating System: Linux
PHP Version: 5.3.3
Block user comment: N
New Comment:
Please report ssh2 at pecl, http://pecl.php.net/ssh2
Previous Comments:
------------------------------------------------------------------------
[2010-09-09 19:21:25] ron at roncemer dot com
Description:
------------
Every other ssh client I've ever dealt with, only requires the private
key to
authenticate to a remote server with ssh2.
Have a look at the ganymed Java SSH2 library, class name
ch.ethz.ssh2.Connection, function signature "boolean
authenticateWithPublicKey(java.lang.String user, java.io.File pemFile,
java.lang.String password)". All that is needed is the private-key pem
file in
order to authenticate. I've been using this library for years in Java,
and it
works great.
What is the reason for requiring both the public and private keys for
authenticating, when in reality only the private key is required? The
public
key should be easily extracted from private key, and should be handled
silently
by PHP.
Also, have a look at function signature "boolean
authenticateWithPublicKey(java.lang.String user, char[] pemPrivateKey,
java.lang.String password)". This provides a way to pass in the private
key as
an array of char. In PHP, this would be really useful. You could store
your
private keys in a secured database and use it for all kinds of server
authentication. The absence of this functionality in PHP actually
presents a
security risk, because to get it to work, you'd actually have to write
your
private key to a temp file, then delete the temp file when done. Not as
secure
as reading it from a string which came from a secure database.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52804&edit=1
