php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #58573 unable to connect using the ssh2_auth_pubkey_file method
Submitted: 2009-03-03 09:54 UTC Modified: 2017-10-24 06:50 UTC
Votes:93
Avg. Score:4.5 ± 0.9
Reproduced:84 of 88 (95.5%)
Same Version:15 (17.9%)
Same OS:18 (21.4%)
From: pablo dot piti at gmail dot com Assigned:
Status: Open Package: ssh2 (PECL)
PHP Version: 5.2.4 OS: ubuntu 8.04
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: pablo dot piti at gmail dot com
New email:
PHP Version: OS:

 

 [2009-03-03 09:54 UTC] pablo dot piti at gmail dot com 
Description:
------------
trying to connect to a remote server using a pubkey file.

this does work when connecting from a gutsy server ( ubuntu 7.10, PHP 5.2.3, libssh2 0.14 and ssh2 0.10 beta )
but not on a hardy 8.04 ( PHP 5.2.4, libssh2 0.18 and ssh2 0.11.0-dev )
I'd tried to obtain more explicit output, but was able to retreive more debugging symbols when executing the script.

Reproduce code:
---------------
<?php
$connection = ssh2_connect ( 'machine.domain.tld', 22);
if( $a = ssh2_auth_pubkey_file($connection, "user", "path/to/pubkey",
    "/path/to/privkey", "passphrase")) {
    print "Pubkey auth successful"; 
} else {
    print "Pubkey auth Sux";
}
?>

Expected result:
----------------
Pubkey auth successful

Actual result:
--------------
Warning: ssh2_auth_pubkey_file() [function.ssh2-auth-pubkey-file]: Authentication failed for server1 using public key in /var/www/tests/ssh.php on line xx
Pubkey auth Sux

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-06-01 10:32 UTC] mlich dot lubomir at cpost dot cz 
Same problem. Moreover I tried generate key with empty 
passphrase and that worked:

Ubuntu 10.4
Apache 2.2.14-5ubuntu8
PHP 5.3.2-1ubuntu4.2
libssh2-php 0.11.0-2.1

so this is working: ssh2_auth_pubkey_file($con, 
"mlich",$publickey,$privatekey)
and this isn't: ssh2_auth_pubkey_file($con, 
"mlich",$publickey,$privatekey,"passphrase")

i used ssh-keygen from package openssh-client 1:5.3p1-
3ubuntu3 whit syntax:

ssh-keygen -t rsa
 [2011-05-30 09:40 UTC] o dot mares at rebuy dot de 
Any news on this bug? I have the same issue. Adding a key with 
a password results in the message that the authentication 
failed.

Tested on ubuntu 11.04, with php 5.3.5
 [2011-06-06 15:16 UTC] pontikis at gmail dot com 
THe same bug in Ubuntu Maverick. Passphrase is not working.
 [2012-02-08 18:46 UTC] landeholm at gmail dot com 
Having the same problem. Getting the error:

"PHP Warning:  ssh2_auth_pubkey_file(): Authentication failed for ubuntu using public key: Callback returned error in /test.php on line 5"

I can successfully connect when my private key is not encrypted, but when it is I get the above message. I have tried several types of encryptions (aes256/128 etc) but ssh2_auth_pubkey_file is simply broken for encrypted private keys. It forces me to store the private key in plain text.

My OS:

Linux - 3.0.0-14-virtual #23-Ubuntu SMP Mon Nov 21 21:09:11 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux

Ubuntu Oneiric
 [2012-05-16 13:43 UTC] jeff58 at free dot fr 
exactly the same problem using ssh2_auth_pubkey_file() :

"Authentication failed for 'login' using public key: Callback returned error [line 303 of /usr/share/php/phing/tasks/ext/ScpTask.php]"

I can login to the server by "ssh" command line without any problem.

the script is executed in php-cli (it's a phing task)

version : ssh2-0.11.3 (installed with pecl)
libssh2-1 : 1.2.8-1
OS : Linux Mint 12

note : I switched from windows XP to linux mint, this phing script worked well before on windows XP on the same machine (using XAMPP install + some ssh2 dll extension found on the web + some install/tweek on "openssl lib' i can't remember now).
 [2012-06-22 08:33 UTC] langemeijer@php.net 
ssh2_auth_pubkey_file() is broken when the public key file is protected with a 
password AND libssh2 is compiled with libgcrypt, which is what debian/ubuntu and 
probably others do.

I'm working on a solution for this bug, but if you need this working rebuild 
libssh2 yourself with OpenSSL.
 [2012-06-22 08:33 UTC] langemeijer@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: langemeijer
 [2013-03-18 19:35 UTC] sergi at ulabox dot com 
What is the status of this issue?
 [2013-04-10 21:19 UTC] joshua dot en at gmail dot com 
I am having the same issue. I'm using Centos 6.3 with PHP 5.3.3 installed.
 [2013-06-24 09:55 UTC] m dot karoly at martondesign dot com 
I have this problem too: php5.4.17RC1 @ ubuntu 12.04.2 x64
 [2013-07-01 13:35 UTC] tom at worley dot co dot uk 
Likewise, I can verify this issue on php 5.4.9 on Ubuntu 13.04
 [2013-07-26 14:47 UTC] syn at li dot ru 
Actually, guys, you can workaround this bug without rebuilding anything.

Just convert your private key file to PEM encoding (which libgcrypt supports).

Tested this on a Debian Wheezy PHP 5.4.4-14+deb7u2
 [2013-12-23 10:10 UTC] hujuice at inservibile dot org 
Please, can you provide some more hint about the workaround?

I generated the key pair with
ssh-keygen -t dsa -m PEM -C www-data@webserver_hostname
but I'm running in the same problem.

PHP 5.4.4-14+deb7u7 on Raspbian here.
 [2013-12-23 10:20 UTC] syn at li dot ru 
@hujuice at inservibile dot org: from what I got reading man ssh-keygen, -m optionb specifies "a key format for the -i (import) or -e (export) conversion". Which is not the case when generating a new key.

Use openssl to convert your key as I suggested at http://stackoverflow.com/questions/3407503/trying-to-connect-using-ssh2-auth-pubkey-file/17884385#17884385
 [2013-12-23 12:58 UTC] hujuice at inservibile dot org 
Thank you syn at li dot ru.
I was a bit confused and I read too fast.
Regards
 [2015-03-26 15:22 UTC] tom at worley dot co dot uk 
Hi guys,
This bug has been open for 6 years now, and I'm still getting the same issue in the latest, up to date, long term stable Ubuntu (14.04.2 LTS).

Is there a workaround that doesn't involve re-keying the SSH key without a password, or recompiling libssh (which therefore wouldn't be kept up to date with Ubuntu's packages for security updates).

OS: Ubuntu 14.0.2 LTS 64bit server
Libssh2: 1.4.3-2
PHP: 5.5.9

Thanks.
 [2015-12-23 20:14 UTC] pear dot user at gmail dot com 
You could just use phpseclib (http://phpseclib.sourceforge.net). Not only does it not have this issue - it supports more key formats than PHP's SSH extension - PuTTY, PKCS8, PKCS1, XML, passwords, no passwords, etc. There are a number of other advantages it provides over PHP's SSH2 extension as well:

http://phpseclib.sourceforge.net/ssh/compare.html
 [2017-10-24 05:22 UTC] kalle@php.net
-Status: Verified +Status: Assigned
 [2017-10-24 06:50 UTC] kalle@php.net
-Status: Assigned +Status: Open -Assigned To: langemeijer +Assigned To:
 [2020-03-11 19:51 UTC] 1034686760 at qq dot com 
Hello everyone, I also found this problem in the evening, and I have solved it and it works, It is caused by the incorrect key format. You can try to convert "BEGIN OPENSSH PRIVATE KEY" to RSA, just use cmd "ssh-keygen -m PEM -t rsa -b 4096"  to create keys.
  Communicate any problem at any time
  1034686760@qq.com
  Wechat:chenyu16899
 [2023-12-07 01:56 UTC] ikechianya1 at gmail dot com 
I solved this issue by authorizing my public key in cPanel.

Go to cPanel->SSH Access->Go to your Public key(not .pub key)->Manage

and follow the process to authorize.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Nov 23 00:01:32 2024 UTC