I need to connect to a particular API but that API only accept request from my mate server. Then include thoses informations back in our website.
So basically I need to connect to the server make the request receiving the answer transfering it to my host so that I can play around with them and integrating them to my website through a php file.
I've already exchange ssh keys and I can connect to my server easily, I know I probably need to use ssh -L (not -R or -D) for the tunneling, though I don't know what to do with my php files to make that request etc etc or what are the other steps once I've entered that command.
If anyone can help that would be lovely :) !
You can create an SSH tunnel using the -L command line switch:
$ ssh -L [port on local]:[apiserver hostname]:[port on apiserver]
[user]#[your friend's server hostname]
E.g.
$ ssh -L 8080:apiserver.com:80 bob#friend.server.com
After the above command successfully connects to friend.server.com, any requests sent to your localhost:8080 will be tunneled through friend.server.com host and arrive at apiserver.com:80. From apiserver's perspective, the request's origin is friend's server.
(This will actually open an SSH session in the terminal window where executed, i.e. you get the prompt of the remote server, which is not required and you can ignore that prompt. It is possible ro run this in the background w/o console login with other switches)
Related
I have to write a PHP script that will be executed on my client's network when finalized. My computer (A) cannot connect to that network, but I have SSH access to a single server (B) on it.
My script has to do a cURL request (with certificate and private key) to a web server (C) on a specific port on that network. Another difficulty is that I do not have the IP of the C server, only a URL resolvable only when within the network. But server B and C can communicate between each other
Basically I see 3 steps (but there may be more) :
Open SSH connection from computer A to server B
Send cURL request to server C (https://my.remote.server.domain.com:8444) and store response
Close SSH connection
The thing is, I have no idea how to do that (I'm basically ignorant in all things network related). Anyone has a clue ?
Using Bash:
$ ssh user#ssh_server << EOM
curl http://remote.server/ > /home/user/file
EOM
$ scp user#ssh_server:/home/user/file local_file
This first part connects to your ssh server (ssh_server), executes cURL and saves the file locally (on the ssh server). Then, scp is used to download the file on your local machine.
Creating a temporary file is probably the easiest way of doing this. You could create it in /tmp (and, if you really can't stand having that file there, delete it afterwards using ssh + rm: )
$ ssh user#ssh_server 'rm /tmp/file'
Finally, a dirty (and not recommended) way for not creating files is the following:
$ ssh user#ssh_server << EOM
curl http://remote/server | nc -l 1234 &
exit
$ nc ssh_server 1234 > file
I should probably mention once again that this technique should be avoided at all costs, since it transfers unencrypted data and requires no authentication whatsoever. Also, keep in mind that someone else could connect to the server using that same port (1234) before your command executes, thus retrieving the result for themselves, and leaving your script hanging.
So, one last time, don't use that.
I have successed connected and authorized via ssh2 functions.
But I can't exec command via ssh2_exec() function.
Notoriously get this error:
ssh2_exec(): Unable to request command execution on remote host
I was trying pass '/bin/ls' 'ls -l' nothing works.
Also I have changed user and getting the same error.
EDIT:
I have changed remote host and all works as expected.
How to set up first host? User name that I'm using in credentials has bash shell enabled. So I might log in via putty and run same command that I can't via PHP.
Sorted!
Problem was that I have default port 22 assigned to SFTP service that's why I was successfuly connecting to remote host but I could not execute command.
SSH listening on port 23 on that problematic machine, so I changed my script to port 23 and all works as expected now.
So I want to make a daemon.php file which can open a port on a give ip address and request data from client.php and with the browser to listen/read to earlier pipe (Would that be a problem for the security or not?).
I fount this funphp tutorial which seems to be good but is more like a cronjob, I found also function stream-socket-server but can handle only one request and then shuts down, and I really don't know where exactly to put listener.
You can use the PHP Built-In Server
Add PHP to your PATH environment variable
Start your server on a given port, ex: php -S localhost:8000 OR
Start with a router script, ex: php -S localhost:8000 rt.php
Now, just open your browser and type; localhost:8000
I have a shellscript with connects to a a different machine with ssh and a key so it does not need the username and password.
When i run this script from commandline it works fine.. but when I run this script from php shell_exec it does not work.
If I make an ssh connection with PHP and run the script as my own user it does work.
Now for my question :D
Is there a way to just running the script in shell_exec from php without making an connection over ssh as a different user?
Did you specify the private key file correctly?
If you are using Ubuntu or Debian the web server is running with the user name www-data. For other systems please check the web server configuration for the user name. You can simply test if this user (and your php web application) is able to do the SSH connection.
1) Become the user of your web server
sudo su www-data
2) Try connecting the remote host
ssh remoteUser#remoteHost
If you will get connected without entering a password there must be a different problem. If you have to enter a password, the key files were stored for a different user - not for www-data. You have already configured SSH to use the key. Do the same for your local user www-data and it will work.
It seems ssh connection does not work with shell_exec. If i run the shellscript under ssh2_exec it does seem to work.
Which is a little strange as the ssh connection is made in the script file with a public and private key.. I would assume this would just run :s
The webserver is allowed to execute the file, as there are other command in there who work as expected.
Here's my goal :
I have a Windows XP PC with all the source code in it and a development database.
Let's call it "pc.dev.XP".
I have a destination computer that runs Linux.
Let's call it "pc.demo.Linux".
Here's what I've done on "pc.dev.XP" (just so you get the context) :
installed all cygwin stuff
created a valid rsa key and put it on the dest
backup computer so that ssh doesn't
ask for a password
rsync works pretty well this way
If i try to do this on "pc.dev.XP" via a command line :
cd \cygwin\bin
ssh Fred#pc.demo.Linux "cd /var/www && ls -al"
this works perfectly without asking a password
Now here's what I want to do on the "pc.dev.XP":
launch a php script that extract the dev. database into a sql file
zip this file
transfer it via ftp to the "pc.demo.Linux"
log to the "pc.demo.Linux" and execute "unzip then mysql -e "source unzipped file"
if I run on "pc.dev.XP" manually :
putty -load "myconf" -l Fred -pw XXX -m script.file.that.unzip.and.integrates.sql
this works perfectly.
Same for :
cd \cygwin\bin
ssh Fred#dest "cd /var/www && ls -al"
If I try to exec() in php (wamp installed on "pc.dev.XP") those scripts they hangs. I'm pretty sure this is because the user is "SYSTEM" and not "Fred", and putty or ssh ask for a password but maybe I'm wrong.
Anyway I'm looking for a way to automate those 4 tasks I've described and I'm stuck because exec() hangs. There's no problem with safe_exec_mode or safe_exec_dir directives, they're disabled on the development machine, thus exec() works pretty well if I try some basic stuff like exec("dir")
Any idea what I could do / check / correct ?
I'm not sure if this is what you need, but I typically use a construct like this to sync databases across machines:
php extractFromDb.php | ssh user#remote.com "mysql remoteDatabaseName"
This executes the PHP script locally, and pipes the SQL commands the script prints out through SSH straigt into the remote mysql process which executes them in the remote database.
If you need compression, you can either use SSH's -C switch, or integrate the use of your compression program of choice like this:
php extractFromDb.php | gzip -9 | ssh user#remote.com "gunzip | mysql remoteDatabaseName"
You want to do this from PHP running under apache, as in I go to http://myWebserver.com/crazyScript.php and all this happens? Or you just want to write your scripts in PHP and invoke them via cmd line?
If you want the first solution, try running your apache/iss under a different user that has credentials to perform all those tasks.
"if I run on the development PC manually this works perfectly.".
Why not do it like that? When you run that script, I assume you're connecting to the local SSH server on the dev machine. When you do this, you are using the credentials Fred, so everything works. When you run the PHP script, you are right that it is probably running as SYSTEM.
Try either changing the user that apache is running as or use php to connect to the local ssh thereby using alternate credentials.
Here's what I did :
a batch file that :
Calls a php file via "php.exe my_extract_then_compress_then_ftp.php"
Calls rsync to synchronize the source folder
Calls putty -l user -pw password -m file_with_ssh_commands_to_execute
It works like a charm.