PHP Script soll sich auf einen Server einloggen und einen Befehl ausführen

rolapp

Fan vom SSF
Das Problem war der Webserver hat keinen Zugriff auf alles was unterhalb des admin Verzeichnisses liegt. Hat er auch das Verzeichnis auf dem Pi angelegt.
 

3df

Registered User
Ok, dann kommt wieder "Public Key Authentication Failed"
 
Last edited by a moderator:

3df

Registered User
Ja

PHP:
<?php 
$connection = ssh2_connect('192.168.179.47', 22, array('hostkey'=>'ssh-rsa')); 

if (ssh2_auth_pubkey_file($connection, 'automat', 
                                       '/var/services/.ssh/automat_rsa.pub', 
                                       '/var/services/.ssh/.ssh/automat_rsa')) { 
  echo "Public Key Authentication Successful\n"; 
} else { 
  die('Public Key Authentication Failed'); 
} 
$stream = ssh2_exec($connection, 'sudo /opt/test/test.sh'); 
?>
 

3df

Registered User
Hast recht, das war aber vorhin nicht. War schon richtig, aber klappt nicht:

PHP:
<?php 
$connection = ssh2_connect('192.168.179.47', 22, array('hostkey'=>'ssh-rsa')); 

if (ssh2_auth_pubkey_file($connection, 'automat', 
                                       '/var/services/.ssh/automat_rsa.pub', 
                                       '/var/services/.ssh/automat_rsa')) { 
  echo "Public Key Authentication Successful\n"; 
} else { 
  die('Public Key Authentication Failed'); 
} 
$stream = ssh2_exec($connection, 'sudo /opt/test/test.sh'); 
?>
 

3df

Registered User
PHP:
admin@DiskStation:/usr/local/etc/apache22/conf$ cat httpd22.conf
ServerRoot "/usr/local/etc/apache22"

Listen 127.0.0.1:914

LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so

LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

User http
Group http

NameVirtualHost *:80
NameVirtualHost *:443

ServerAdmin admin
ServerName *

LoadModule fastcgi_module modules/mod_fastcgi.so
<IfModule fastcgi_module>
    FastCgiExternalServer /php56-fpm-handler -socket /run/php-fpm/php56-fpm.sock -idle-timeout 3600
    ScriptAlias /php56-fpm-handler.fcgi /php56-fpm-handler

    FastCgiExternalServer /php70-fpm-handler -socket /run/php-fpm/php70-fpm.sock -idle-timeout 3600
    ScriptAlias /php70-fpm-handler.fcgi /php70-fpm-handler
</IfModule>

<VirtualHost _default_:80 _default_:443>
    DocumentRoot "/var/services/web"
</VirtualHost>

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>

<IfModule dir_module>
    DirectoryIndex index.html index.htm index.cgi index.php index.php5
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog /run/apache22-error_log
#ErrorLog /dev/null
TraceEnable off

LogLevel error

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog /dev/null combined
    #CustomLog /run/apache22-access_log combined
</IfModule>

ScriptSock /run/httpd/user-cgisock

DefaultType text/plain

<IfModule mime_module>
    TypesConfig conf/mime.types
    AddEncoding x-compress Z
    AddEncoding x-gzip gz tgz
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType image/x-icon .ico
    AddHandler cgi-script .cgi
</IfModule>

MIMEMagicFile conf/magic

EnableMMAP off

# TODO: Change user related code to conf only
Include conf/extra/httpd-mpm.conf
Include conf/extra/httpd-autoindex.conf
Include conf/extra/httpd-languages.conf

<IfModule deflate_module>
    DeflateCompressionLevel 2
    AddOutputFilterByType DEFLATE text/html text/plain text/xml
    AddOutputFilter DEFLATE js css
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.[0678] no-gzip
    BrowserMatch \bMSIE\s7  !no-gzip !gzip-only-text/html
</IfModule>


<Files *.js>
    Header unset Etag
</Files>

<Files *.css>
    Header unset Etag
</Files>

# For CVS-2001-1446
<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

# For CVE-2003-1418
FileETag MTime Size

Include sites-enabled/*.conf

Include conf/extra/mod_xsendfile.conf
# TODO: Nginx. Can be removed
Include conf/extra/httpd-reqtimeout.conf
Include conf/extra/mod_rpaf.conf
 

Top