6

I know this question has been asked before in many different ways but I'm still scratching my head over why I can't get this to work.

Firstly I have two SLES servers setup, these are Server A & Server B which are both running on a small private network which is only accessed by a dedicated team.

Server A is configured as a web server which is running Apache, PHP, MYSQL and ssh all of which are running problem free.

Server B is used to run menial tasks with ssh also installed and activated.

I have created my rsa key on Server A and installed it on Server B which when run at the command line logs me in straight away with out asking for a password. I have repeated this process for both root & nobody accounts on Server A.

I have added this a PHP page to Server A which looks like:

<?php
shell_exec('ssh root@192.162.0.5 ./StartTest.sh');

header("Location: archive.php?page=home"); 
?>

But when I run it it does not create my folder. If I run this from the command line it works for both (I think both, I can't recall if I did try this for the nobody account on the cli now) root & the nobody account. I even went as far as adding the nobody account to the root group but still no joy.

Have I missed some thing here. All I would like to do is connect from Server A to Server B via php & ssh to execute one command and redirect to a another page on the web site.

Any help would be graciously appreciated as my paracetamol stock is running low.

hakre
  • 193,403
  • 52
  • 435
  • 836
bikerben
  • 463
  • 5
  • 11
  • 18
  • Maybe this helps: shell_exec might use another shell than yours. And under a different user. Find out which shell it uses and which user, then copy your .ssh configuration over there - or set the appropriate environment variables, whatever causes the issue. you can also output debug stuff with ssh, check the switches. – hakre Oct 12 '11 at 18:38
  • 1
    Also look into using PHPs built-in `ssh2_connect` and `ssh2_auth_pubkey_file` and `ssh2_exec` to accomplish this task. – mario Oct 12 '11 at 18:45

3 Answers3

9

The built-in SSH support George Cummins speaks of is non-existent. It is an extension to PHP that's not included by default. It has to be compiled separately and is notoriously difficult to setup / use. My recommendation would be to use phpseclib, a pure PHP SSH implementation:

<?php
include('Net/SSH2.php');

$ssh = new Net_SSH2('www.domain.tld');
if (!$ssh->login('username', 'password')) {
    exit('Login Failed');
}

echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');
?>
nigol
  • 286
  • 1
  • 2
2

I know that I'm too late at this answer but maybe can help someone:

To use shell_exec and ssh you need to add as parameter to ssh these

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o LogLevel=quiet

So the command doesn't try to create .ssh folder and you have a clear output without log of ssh

onalbi
  • 2,609
  • 1
  • 24
  • 36
  • Rather than turn off checking the host key I would add the host key to the known hosts file: `ssh-keyscan -H remote_host >> ~/.ssh/known_hosts` – None Mar 20 '19 at 13:40
2

You said "I have added this a PHP page", so I will assume that you are executing this script via your web server, rather than as a standalone script.

As such, the script may not be running from the directory you expect. You should use absolute (rather than relative) paths to ensure that the script finds the ssh binary and your script:

shell_exec('/path/to/ssh root@192.162.0.5 /home/yourdirectory/scripts/StartTest.sh');

You will also need to confirm that the webserver user had permissions to execute ssh and the StartTest.sh script.

George Cummins
  • 28,485
  • 8
  • 71
  • 90
  • Thank you for you prompt reply. Yes sorry this page is executed from my web server. I shall try your suggestion tomorrow when I have access to the servers again. – bikerben Oct 12 '11 at 18:48
  • I have opted for nigols solution but I thank you for your time looking at my question and for adding a little morsel of knowlege to my arsenal though. – bikerben Oct 13 '11 at 09:04
  • 1
    shell_exec can capture error output too (useful for debugging) by appending `2>&1` to the end of the command. – None Mar 20 '19 at 13:42