0

我已经使用过这个脚本,但它不再适合我了。我必须访问 mysite.com/serv.php 才能调用该脚本。所以,首先是脚本:

$ip = "ip";
$user = "user";
$pass = "password";

if (!function_exists("ssh2_connect")) die("function ssh2_connect doesn't exist");

if(!($con = ssh2_connect($ip, 22))){
    echo "<font color='red'>fail: unable to establish connection</font>\n";
} else {   

    if(!ssh2_auth_password($con, $user, $pass)) {
        echo "fail: unable to authenticate";
    } else {
        echo "Sucessful";
        if (!($stream = ssh2_exec($con, "/home/boza/serv.sh" ))) {
            echo "fail: unable to execute command";
        } else {
            stream_set_blocking($stream, true);
            $data = "";
            while ($buf = fread($stream,4096)) {
                $data .= $buf;
            }
            fclose($stream);
        }
    }
}

该脚本运行良好,但我想对其进行一些更改。1. 我想在其中添加 md5 哈希,以使其更安全 2. 我希望在访问 serv.php 时不执行脚本,而是通过按按钮进行 ajax 调用。3. 我希望有用户反馈,比如“成功”或“失败”……就像我现在所做的那样,使用 live ajax 或其他没有刷新站点的东西。

我用谷歌搜索并尝试将 md5('xxxx') 放入脚本中,但我遇到了一个奇怪的错误,我确定我做错了什么。

有人可以帮我处理这个案子吗?

4

2 回答 2

0

MD5是一种单向哈希,它无法保护您的连接。它也很弱,没有以前那么强。我不会推荐它用于任何级别的安全性

你应该看的是 authenticating with public key authentication看这个

示例源 

class NiceSSH { 
    // SSH Host 
    private $ssh_host = 'myserver.example.com'; 
    // SSH Port 
    private $ssh_port = 22; 
    // SSH Server Fingerprint 
    private $ssh_server_fp = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; 
    // SSH Username 
    private $ssh_auth_user = 'username'; 
    // SSH Public Key File 
    private $ssh_auth_pub = '/home/username/.ssh/id_rsa.pub'; 
    // SSH Private Key File 
    private $ssh_auth_priv = '/home/username/.ssh/id_rsa'; 
    // SSH Private Key Passphrase (null == no passphrase) 
    private $ssh_auth_pass; 
    // SSH Connection 
    private $connection; 

    public function connect() { 
        if (!($this->connection = ssh2_connect($this->ssh_host, $this->ssh_port))) { 
            throw new Exception('Cannot connect to server'); 
        } 
        $fingerprint = ssh2_fingerprint($this->connection, SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX); 
        if (strcmp($this->ssh_server_fp, $fingerprint) !== 0) { 
            throw new Exception('Unable to verify server identity!'); 
        } 
        if (!ssh2_auth_pubkey_file($this->connection, $this->ssh_auth_user, $this->ssh_auth_pub, $this->ssh_auth_priv, $this->ssh_auth_pass)) { 
            throw new Exception('Autentication rejected by server'); 
        } 
    } 
    public function exec($cmd) { 
        if (!($stream = ssh2_exec($this->connection, $cmd))) { 
            throw new Exception('SSH command failed'); 
        } 
        stream_set_blocking($stream, true); 
        $data = ""; 
        while ($buf = fread($stream, 4096)) { 
            $data .= $buf; 
        } 
        fclose($stream); 
        return $data; 
    } 
    public function disconnect() { 
        $this->exec('echo "EXITING" && exit;'); 
        $this->connection = null; 
    } 
    public function __destruct() { 
        $this->disconnect(); 
    } 
}
于 2012-09-25T16:13:53.753 回答
0

您只能在按下以下按钮时使用表单来启动脚本:

$ip = "ip";
$user = "user";
$pass = "password";

if (!function_exists("ssh2_connect")) die("function ssh2_connect doesn't exist");
echo '<form action="#" method="POST">';
echo '<input type="submit" name="launch" value="1" />'
echo '</form>';

if($_POST['launch']==1){
    if(!($con = ssh2_connect($ip, 22))){
        echo "<font color='red'>fail: unable to establish connection</font>\n";
    } else {   

        if(!ssh2_auth_password($con, $user, $pass)) {
            echo "fail: unable to authenticate";
        } else {
            echo "Sucessful";
            if (!($stream = ssh2_exec($con, "/home/boza/serv.sh" ))) {
                echo "fail: unable to execute command";
            } else {
                stream_set_blocking($stream, true);
                $data = "";
                while ($buf = fread($stream,4096)) {
                    $data .= $buf;
                }
                fclose($stream);
            }
        }
    }
}

对于密码,您可以使用“baba”类,或者如果它只是源读取的问题,您可以使用简单的可逆加密功能,如 XOR 加密,请注意,这只是使密码不能直接从源代码中读取,但它不是完美的证券化

例子 :

 function XORin($key='asimpletext', $text='pwd'){
     for($i=0;$i<strlen($text);$i++)
     {
         for($j=0;$j<strlen($key);$j++,$i++)
         {
             $outText .= $text{$i} ^ $key{$j};
         }
     }
     return $outText;
 }

 function XORout($key='asimpletext', $text='pwd'){(){
     for($i=0;$i<strlen($text);$i++)
     {
         for($j=0;$j<strlen($key);$j++,$i++)
         {
             $outText .= $key{$j} ^ $text{$i};
         }
     }
     return $outText;
 }
于 2012-09-25T16:18:51.863 回答