ssh connection through shell script with no interruption

Shell Programming and Scripting
1

Hi all,

I need ssh in shell script. My requirement is:

  • Take user_name and password from user (in PHP)
  • Pass this to shell script which will:
  • connect via ssh
  • Run sql query
  • Pass the results back in PHP
  • Put the results to website.

I know PHP has libraries for ssh and ftp, but in my system all are disabled. So, I need to write script for this. I have already done FTP, but I am not getting any luck with ssh.

Everything else on the above list I can do, I just need ssh connection through script with no interuption.

I am using Solaris. Thanks for your help.

---------- Post updated at 01:54 PM ---------- Previous update was at 01:49 PM ----------

Here is the code I used for FTP...

u_id=$1; passw=$2; ip=$3;           // uid, password and ip taken from PHP
ftp -inv $ip <<SCRIPT
user $u_id $passw
mget *
bye
SCRIPT

I need similar thing to be done with ssh, just instead of mget, I need to run queries.

2

ssh is designed to prevent you from using passwords passed along in plaintext because that is extremely insecure. So does any sane authentication system, like su and sudo.

Could you handle the password in the PHP script itself then, and after the PHP script decides its authorized, connect to the appropriate site with noninteractive SSH keys?

---------- Post updated at 12:06 PM ---------- Previous update was at 12:03 PM ----------

Another method would be editing /etc/ssh/sshd_config in the system you're connecting to to be more lax in its security PasswordAuthentication yes which would allow you to use the PEAR-ssh2 PHP module on your system. See ssh2-connect and related calls.

3

Exactly this is my problem.... How would I authorize users in PHP itself while logging into remote machine? I don't know any other method than ssh.

Also I could not find /etc/ssh/sshd_config in the system I am connecting to. There is sshd_config in /etc/ but I am unable to open it.

4

Something like

# in the shell
$ printf "%s" "12345" | sha1sum
8cb2237d0679ca88db6464eac60da96345513964  -
$

// in PHP
if(sha1($password) == "8cb2237d0679ca88db6464eac60da96345513964")
{
        // Connect using keys, not passwords
        system("ssh -i /path/to/id_dsa $username@host"); // or however you want to connect to ssh
}

You don't even need to store the password anywhere :slight_smile: For instructions on how to generate these key files and send them to the computer you want to connect to, google passwordless ssh .

If you don't have root privileges on the system you're connecting to, that won't work.