PHP - Connect to an SSH server using ssh2_connect
by
Jeremy Canfield |
Updated: January 30 2022
| PHP articles
The ssh2_connect function can be used to connect to an SSH server from PHP. This assumes that PHP has been configured to use the SSH2 module. For example, refer to enable SSH for PHP FPM on Docker.
Here is the basic syntax for making a connection to an SSH server.
<?php
$server = "server1.example.com";
$connection = ssh2_connect($server, 22);
if (!$connection) {
echo "Failed to connect to SSH server $server <br />";
}
else {
echo "Successfully connect to SSH server $server <br />";
}
?>
Let's say the SSH server is a Linux system using OpenSSH. If you have access to the Linux system running OpenSSH, the /var/log/messages log on the Linux system should contain something like this.
Jan 30 04:15:32 docker1 audit[3294710]: CRYPTO_KEY_USER pid=3294710 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:c6:0c:86:5a:f8:de:9a:6d:55:b7:69:ba:ab:1a:d3:08:a6:b3:b7:a9:f7:d0:39:12:cc:75:be:ec:c8:92:62:dc direction=? spid=3294710 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: CRYPTO_SESSION pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes128-ctr ksize=128 mac=hmac-sha2-256 pfs=diffie-hellman-group-exchange-sha256 spid=3294710 suid=74 rport=55878 laddr=192.168.0.16 lport=22 exe="/usr/sbin/sshd" hostname=? addr=192.168.0.15 terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: CRYPTO_SESSION pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes128-ctr ksize=128 mac=hmac-sha2-256 pfs=diffie-hellman-group-exchange-sha256 spid=3294710 suid=74 rport=55878 laddr=192.168.0.16 lport=22 exe="/usr/sbin/sshd" hostname=? addr=192.168.0.15 terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: CRYPTO_KEY_USER pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3294710 suid=74 rport=55878 laddr=192.168.0.16 lport=22 exe="/usr/sbin/sshd" hostname=? addr=192.168.0.15 terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: CRYPTO_KEY_USER pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:c6:0c:86:5a:f8:de:9a:6d:55:b7:69:ba:ab:1a:d3:08:a6:b3:b7:a9:f7:d0:39:12:cc:75:be:ec:c8:92:62:dc direction=? spid=3294710 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: CRYPTO_KEY_USER pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:c6:0c:86:5a:f8:de:9a:6d:55:b7:69:ba:ab:1a:d3:08:a6:b3:b7:a9:f7:d0:39:12:cc:75:be:ec:c8:92:62:dc direction=? spid=3294709 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
Jan 30 04:15:32 docker1 audit[3294709]: USER_LOGIN pid=3294709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=192.168.0.15 terminal=ssh res=failed'
And the /var/log/secure log should contain something like this.
Jan 30 04:15:32 docker1 sshd[3294709]: Connection from 192.168.0.15 port 55878 on 192.168.0.16 port 22 rdomain ""
Jan 30 04:15:32 docker1 sshd[3294709]: Received disconnect from 192.168.0.15 port 55878:11: PECL/ssh2 (http://pecl.php.net/packages/ssh2) [preauth]
Jan 30 04:15:32 docker1 sshd[3294709]: Disconnected from 192.168.0.15 port 55878 [preauth]
Did you find this article helpful?
If so, consider buying me a coffee over at 