connecting with phpseclib gives sftp error 111

Question

I'm using phpseclib to connect to a sftp server using the NET/sftp.php NET_SFTP class included in the library as such:

/* sftp connection */
    $this->log[] =  '<b>Connecting to:</b> <i>'.$this->ftpServer.'</i><br/>';
    // Set up a connection
    $sftp = new Net_SFTP($this->ftpServer, $this->ftpPort);
    if (!$sftp->login($this->ftpUsername, $this->ftpPassword)) {
    exit('Login Failed');
    }
    echo $sftp->pwd() . "\r\n";
    $sftp->put('filename.ext', 'hello, world!');
    print_r($sftp->nlist());

I have chceked that the ftpServer and ftpPort variables are correct and my output is:

Notice: Cannot connect to nasl2-itpartner.ddns.me:2223. Error 111. Connection refused in /home/itpabse/public_html/administrator/components/com_itpartner_backup/assets/php/sftp/Net/SSH2.php on line 1049

Login Failed

The problem is I cant find documentation for error 111 anywhere. I have tried connecting to the server with filezilla using sftp ssh no problem. Any thoughts on what may be going wrong here?

Logfile from filezilla connecting to the server from the same machine running the script: https://drive.google.com/file/d/0B5BDN-5z0pdmeWM2T093S3dIS2s/view?usp=sharing

So what is the value of `ftpServer` and `ftpPort`? Can you connect to the same hostname/port using any standalone SFTP client from the *same machine* that runs your PHP code? — Martin Prikryl, Oct 10 '17 at 11:16
@MartinPrikryl ftpServer = nasl2-itpartner.ddns.me port = 2223 and yes I tried to do this with filezilla — FroboZ, Oct 10 '17 at 12:20
On the **same** machine? Show us a verbose FileZilla log file. — Martin Prikryl, Oct 10 '17 at 12:22
Status: Ansluter till nasl2-itpartner.ddns.me:2223... Status: Connected to nasl2-itpartner.ddns.me Status: Hämtar kataloglistning... Status: Listing directory / Status: Kataloglistningen av "/" lyckades — FroboZ, Oct 10 '17 at 12:57
Verbose log file, please; not a message log from FileZilla GUI. That's useless. And in English! And you still didn't answer me, if you run FileZilla on the **same machine** as the PHP code. — Martin Prikryl, Oct 10 '17 at 13:28
Your error is coming from `fsockopen`. So the PHP interpreter, itself, can't connect. SuPHP can, depending on the settings, prevent `fsockopen` from making outbound connections, but I think, most likely, Martin Prikryl is on the right track. — neubert, Oct 10 '17 at 13:34
@MartinPrikryl I have updated my question with a link tot he log file and stated more clearly that I did run it from the same machine as is running the script. — FroboZ, Oct 10 '17 at 13:41
Then I assume that `fsockopen("nasl2-itpartner.ddns.me", 2223)` in PHP also fails, right? - While If you do `telnet nasl2-itpartner.ddns.me 2223` on the server command-line, it connects and prints `SSH-2.0...`, right? — Martin Prikryl, Oct 10 '17 at 13:44
@MartinPrikryl fsockopen: Cant really tell if it fails, dont know what its supposed to return $var = fsockopen("nasl2-itpartner.ddns.me", 2223); print('
'); print_r($var); print('
'); prints: Resource id #2 Telnet shows: SH-2.0-OpenSSH_6.8p1-hpn14v6 — FroboZ, Oct 10 '17 at 13:52
@MartinPrikryl Running the example Example #1 fsockopen() Example from php.net prints "SSH-2.0-OpenSSH_6.8p1-hpn14v6 " — FroboZ, Oct 10 '17 at 13:54
It should return `false` is it fails. It's strange, as phpseclib does the same. So what about this: `fsockopen($this->ftpServer, $this->ftpPort)`? — Martin Prikryl, Oct 10 '17 at 14:00
@MartinPrikryl I ran `if(fsockopen($this->ftpServer,$this->ftpPort)) { echo 'Connected'; } else { echo 'connection failed';}` Prints connected. — FroboZ, Oct 10 '17 at 14:10
And if you do it after trying `new Net_SFTP($this->ftpServer, $this->ftpPort);` first? — Martin Prikryl, Oct 10 '17 at 14:17
And if you replace `$this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout);` with `fsockopen("nasl2-itpartner.ddns.me", 2223)` in `Net\SSH2.php`? — Martin Prikryl, Oct 10 '17 at 14:41
@MartinPrikryl Only difference is now it dosent print the error — FroboZ, Oct 10 '17 at 14:54
And then what? Says "login failed"? What does `getLog()` return? — Martin Prikryl, Oct 10 '17 at 15:15
So it works with `fsockopen($this->ftpServer,$this->ftpPort)` but not with `fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout == 0 ? 100000 : $this->curTimeout)`. Could you try adding each parameter one by one and seeing which parameter makes it fail? eg. try `fsockopen($this->host, $this->port, $errno)` then try ``fsockopen($this->host, $this->port, $errno, $errstr)` etc — neubert, Oct 10 '17 at 17:47
Sorry for the late responce, the source of the error has been located as a firewall issue, the port 2223 was only open for the ftp client which was why it was able to connect. It's still very strange that fsockopen on its own was able to connect while phpseclibs implementation was not.. Either way thank you very much for your help, I learnt a lot both about phpseclib and fsockopen. — FroboZ, Oct 11 '17 at 06:49

score 3 · Accepted Answer · answered Oct 11 '17 at 06:53

3

My firewall for outgoing communication as not open for PHP. It was for the ftp client which was why a connection was able to be made that way.

answered Oct 11 '17 at 06:53

FroboZ

437
1
6
17

How did you open your firewall for outgoing for PHP? – kwingkwingko May 07 '19 at 08:41
This will depend on which port you are attempting to connect to with sftp in php and also what operating system the server is running. See the manual for your firewall on how to open ports, its no different for this application than anything else. – FroboZ May 31 '19 at 17:00

connecting with phpseclib gives sftp error 111

1 Answers1