当前位置：文江博客话题详情

在 PHP 中通过 SSH 与多个服务器交互

发布于 2024-10-12 20:12:49 字数 1224 浏览 12 评论 0原文

我目前正在用 PHP 编写一个部署框架。该框架通过 SSH 连接到服务器并执行命令。我花了很长时间试图在 PHP 中找到一种更好的方法。这是要求。该技术应该能够：

以编程方式输入 SSH 密码。我知道当您需要无密码 SSH 登录时，使用 SSH 密钥是可行的方法，但请记住，这是一个部署框架。它可能会同时部署到 25 台服务器。要求用户设置 SSH 密钥才能使用该框架似乎不太正确，谁愿意输入密码 25 次呢？我在这里使用 Capistrano 作为模型 - 它会询问您一次密码，然后使用它来建立 SSH 连接，而无需重新提示用户。我并不是建议将密码存储在部署脚本中，只需（静默）输入一次并使用直到部署任务完成。
将输出发送到 PHP 脚本。我希望能够独立拦截每个 SSH 会话的终端输出，对其进行修改，然后将其发送回终端供用户查看。这样，我可以将服务器名称添加到输出的每一行前面，以显示正在发生的情况。
提供对终端的写（以及读）访问。除了 SSH 密码之外，用户（或脚本）还能够在终端中输入其他信息，这一点很重要。
支持 SSH v2。

目前，我的框架将部署脚本中的命令“编译”为一个巨大的字符串，并使用 SSH 命令执行它们。每个最终部署命令如下所示：

ssh -t -t -p 12345 [电子邮件受保护] 'command1; command2;'

每个 SSH 命令都是通过 PHP 内置的 passthru 函数执行的：

[电子邮件受保护] 'command1;'"); ?>

我尝试过使用 proc_open 和几乎所有 PHP 的其他命令执行函数都无济于事 - 它们都没有提供我上面列出的所有功能。另外，我尝试了几种纯PHP SSH实现，也无济于事。这些库要么不提供对终端的写访问权限，要么不支持 SSH v2。

对此的任何帮助将不胜感激 - 提前致谢！

原文

I'm currently writing a deployment framework in PHP. The framework connects to servers and executes commands over SSH. I've been looking for quite a while trying to find a way in PHP to do this better. Here are the requirements. The technique should be able to:

Enter the SSH password programmatically. I know that using SSH keys is the way to go when you want password-less SSH logons, but remember, this is a deployment framework. It could potentially be deploying to 25 servers at a time. It doesn't seem right to require the user to have set up SSH keys to use the framework, and who wants to enter their password 25 times? I'm using Capistrano as a model here - it asks for your password once, then uses it to establish the SSH connections without re-prompting the user. I'm not suggesting the passwords be stored in the deploy script, just (silently) entered once and used until the deploy tasks are finished.
Send output to the PHP script. I would like to be able to intercept the terminal output from each of the SSH sessions independently, modify it, then send it back to the terminal for the user to see. This way, I can prepend the name of the server onto each line of output to show what's going on.
Provide write (as well as read) access to the terminal. It's important that the user (or the script) be able to enter other information into the terminal besides just the SSH password.
Support SSH v2.

Currently, my framework "compiles" the commands from the deploy script into one giant string and executes them by using the SSH command. Each final deploy command looks something like this:

ssh -t -t -p 12345 [email protected] 'command1; command2;'

Each of these SSH commands is executed via PHP's built-in passthru function:

<?php passthru("ssh -t -t -p 12345 [email protected] 'command1; command2;'"); ?>

I have tried using proc_open and nearly all of PHP's other command-executing functions to no avail - none of them provide all the functionality I've listed above. In addition, I've tried several pure PHP SSH implementations, also to no avail. The libraries either don't supply write access to the terminal or don't support SSH v2.

Any help on this would be greatly appreciated - thanks in advance!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

时光磨忆 2024-10-19 20:12:49

您认为以下是对终端进行写访问的示例吗？：

ssh -t -t -p 12345 [email protected] 'command1; command2;'

如果是这样，那么您可以使用 phpseclib 的纯 PHP 来做到这一点SSH 实现。例如。

$ssh = new Net_SSH2(...);
$ssh->login(..., ...);
$ssh->exec('command1; command2;');

如果没有，那么（1）我想说你最好使用 phpseclib 比你当前的实现更好，（2）如果你想要 phpseclib 作者所说的“交互式”支持，也许你可以尝试联系作者？也许可以向他支付一些钱来激励他开发该功能。查看支持论坛，作者似乎反应足够。

Do you consider the following to be an example of write access to the terminal?:

ssh -t -t -p 12345 [email protected] 'command1; command2;'

If so then you can do that with phpseclib's pure PHP SSH implementation. eg.

$ssh = new Net_SSH2(...);
$ssh->login(..., ...);
$ssh->exec('command1; command2;');

If not then (1) I'd say you'd be better off using phpseclib than you are with you're current implementation and (2) if you want what the phpseclib author has referred to as "interactive" support maybe you could try contacting the author? Maybe offer to pay him some money to incentivize him to develop the feature. Looking at the support forums the author seems responsive enough.

回复收藏 0 原文

噩梦成真你也成魔 2024-10-19 20:12:49

我不确定 php 是不是正确的工具。为什么不使用更接近 shell 环境的东西，比如 bash 脚本？

我可以想象您想要使用 PHP 的唯一原因是您可以通过单击页面上某处的链接来启动该过程，从而在您的系统所谓的安全性中打出一个大洞。但如果您确实必须这样做，那么用对 shell 更友好的语言编写脚本并简单地使用 php 作为调用脚本的网关仍然更容易。

回复收藏 0 原文

乖乖 2024-10-19 20:12:49

您可以使用 PHP 中的 PECL 扩展进行 SSH 连接。
http://php.net/manual/en/book.ssh2.php

$connection = ssh2_connect('server.com', 22);
ssh2_auth_password($connection, 'username', 'password');
$stream1 = ssh2_exec($connection, $command1);
$stream2 = ssh2_exec($connection, $command2);

如果您需要更高级的东西，您还可以使用 ssh2_shell() 创建 ssh 交互式 shell。

You can make SSH connection with a PECL extension in PHP.
http://php.net/manual/en/book.ssh2.php

$connection = ssh2_connect('server.com', 22);
ssh2_auth_password($connection, 'username', 'password');
$stream1 = ssh2_exec($connection, $command1);
$stream2 = ssh2_exec($connection, $command2);

You can also create a ssh interactive shell with ssh2_shell() if you need to more advanced things.

回复收藏 0 原文

~没有更多了~