How can I set flags when using the exec () function phpseclib ssh2?

advertisements

I'm using phpseclib and need to make a couple of php functions that enable someone to programmatically ssh into their server and change the root password and also change the password of a user that may have forgotten their password (so have to be logged in as root).

I tried using libssh2, but found it a bit nasty to use. I'm now looking at phpseclib which seems more robust. But when I tried to use the 'su' command like so:

echo $ssh->exec('su');

I get the reply:

su: must be run from a terminal

and when I try to use sudo:

echo $ssh->exec('sudo passwd root');

I get the error:

sudo: no tty present and no askpass program specified

Anyway, it turns out that su is disabled for direct ssh access, but after having a look at this article, it turns out you can do it with the following command:

ssh -t -t -l 'username' 'host' 'su -'

That's what finally worked for me anyway when entering into a terminal from my laptop (running ubuntu), and then I entered my password and then the root password to finish off.

Quoting from the site linked to above:

Ssh commands (using -t) the remote sshd to establish a 'pseudo-terminal' pipe to the worker process when -t is given.

. ssh does this as long as its stdin is a terminal.

. But if ssh's stdin is a non-terminal, ssh won't direct sshd to establish a
pseudo-terminal unless TWO -t's are given:

echo password | ssh -t -t -l username remote_host

. So with -t -t (from ssh) sshd sets up a pseudo-terminal to the client process.

. The client, whether it be 'tty' or 'su' cannot tell it is connected to a ficticious >terminal:

echo dummystr | ssh -t -t -l username host.com -c ''tty'

echo password | ssh -t -t -l username host.com -c 'su -'

So there is the answer. Use double -t if you are 'su root'ing' on a linux box through an >interactive client ssh like the one from OpenBSD.

So, it actually worked from the terminal as I said above using:

ssh -t -t -l 'username' 'host' 'su -'

but I really want to be able to execute this command using phpseclib. Only thing is I don't know how to put in any flags into the exec() function. Specifically, I need to put in the -t flags (twice).

I've looked for ages and can't find anything. Be really grateful for some help on this. Sorry about the length of this post as well. :)

Cheers

Joe


If sudo passwd root requires a tty try read() / write() in phpseclib. eg.

<?php
include('Net/SSH2.php');

$ssh = new Net_SSH2('localhost', 22);
$ssh->login('username', 'password');

$ssh->read('[prompt]');
$ssh->write("sudo passwd root\n");
$ssh->read('Password:');
$ssh->write("Password\n");
echo $ssh->read('[prompt]');
?>

Actually, I'm just copy / pasting from your other post: php ssh2_exec not executing 'su' command

Looks like you were getting some help there and then stopped following up? Someone suggested you need to add new lines to your commands. Did you try that? They also suggested posting on the phpseclib support forums. Seems like a good bit of advice to me...