I`m using ssh2 php extension to run commands from an server to another, i briefly use it as an API.
My question is if the pull request (SSH) can be intercepted or risk being hacked?
If the SSH pull request can be intercepted i want to know how.
Yes, of course, but it most likely can only be sniffed, without gaining much value.
Every connection can be intercepted if there is no secure communication.
However, it does not matter much, because you need a private key in order to access whatever server you're trying to access through SSH.
You can find more information here:
If a MITM has your public key and you are SSH-ing through the MITM, what is the maximum attack it can perpetrate?
Can an ssh key login to a secure remote server be compromised when on a network run by a bad actor
The SSH extension will use a system library to manage the connection, so it should be as secure as the shell ssh command.
A more important security concern is that you are giving the user running php permission to log in to the remote server and operate there. This means that if your web app is compromised the attacker will be capable to obtain access to the other server as well.
The whole point of SSH is to protect against eavesdroppers. SSH traffic is encrypted and the key is only known to the sender and the recipient through the magic of diffie-hellman key exchange.
Certainly some algorithms are going to be better than others. If your SSH server supports it you'd be better off using ChaCha20 instead of, say, arcfour. But tbh idk if libssh supports ChaCha20 either.
Related
I have to connect to external server (lets name it server B) inside my php script. The easiest way to do that would be by using SSH2. But ssh2 is blocked due to security reasons and Net_SSH2 doesn't work (probably for the same reasons). And for now I have no possibility to turn SSH on, or change this webhosting. Thankfully cURL is working and I'm thinking about some alternatives.
The only thing that comes to my mind is to just write some perl script on this server B, put it into cgi-bin, then to connect to this script through cURL using some authentication and run some things on server B.
Unfortunately this mean to write some authentication and stuff, there are a lot of potential problems with security and stuff.
Anyone have a better idea how to overcome this problem?
Thanks
I have a form that users can fill out, and the data will be stored into a MySQL database using PHP. The connection to the Apache server is encrypted through HTTPS, and I would like to encrypt the connection to the MySQL database. Both Apache and MySQL are on the same server machine.
I digged around the Interweb and Stunnel seems to be what I need. OpenSSL and SSL are supported and activated on the server, since the we are given the option of using the standard port and a stunnel port to connect to the MySQL server. However, all the articles I found online deal with using Stunnel to connect a MySQL client to an external MySQL Server, but not how to use PHP to connect to a local MySQL server. Am I right to assume that just because the form is transmitted through https, it doesn't mean that the connection to the database is also encrypted?
The PHP code I use to connect to MySQL is like this:
$mysqli = new mysqli("ip","user", "password", "database", "standardport");
This works fine using the standardport. However, if I change it to a Stunnel Port, I get a connection time-out error. Clearly I'm missing something; any help and advice is appreciated! Thanks!
You've already stated that you use an HTTPS connection to encrypt traffic between the clients browser and your webserver, and that the webserver and MySQL instance are on the same machine.
Assmuning the HTTPS connection is secure, this should be all you need to protect your data over public networks, and using a secure tunnel for a connection that is only present on the local machine simply adds an unnecessary layer of complexity.
Consider the following examples.
The first is how the connection looks without a secure tunnel.
browser <--HTTPS--> [ webserver <--> mysql ]
So in this scenario, the the connection between the webserver and mysql is unencrypted. Someone who has access to the machine (depending on permissions) will be able to observe all traffic between the webserver and/or read the physical databases from disk themselves.
Now, with a secure tunnel
[ webserver <--> stunnel <--ENCRYPTED--> stunnel <--> mysql ]
I hope you can see that the connections between the webserver and one secure tunnel endpoint, and the connection between mysql and the other endpoint are both unencrypted. In this scenario, exactly the same as before, someone with access to the machine could potentially see all traffic and read the databases from disk.
No additional security has been achieved.
Lastly
[ webserver <--> stunnel ] <--ENCRYPTED--> [ stunnel <--> mysql ]
When you are using two separate servers, then the local traffic is still unencrypted, however stunnel secures the stream between the two machines. Someone with local access to the machines may still be able to observe traffic and read data, however someone observing network traffic between servers will not.
A solution?
All that said, if you really want to encrypt the traffic between PHP and MySQL, even on the same machine, a slightly better solution exists than using stunnel.
MySQL supports SSL natively, as does PHP when both are compiled with SSL support. (Your installations may already be configured this way, it's up to you to check them)
The MySQL manual details how to configure your MySQL server with SSL support and PHP provides the function mysqli_ssl_set
Using this combination, you can natively encrypt the connection between PHP and the mysql server.
[ webserver <--ENCRYPTYED --> mysql ]
However someone with access to the machine may still be able to read the unencrypted database from disk, and may be able to observe the memory of running processes.
You are quite right, the internet is a dangerous place, and proper security is essential. If your server itself and the data it contains are not secure, all is lost, no matter what precautions you take securing how the data enters and leaves it.
So what can be best way to have a Backup of code and DB is it downloading Locally via http ?
But i fear it is security risk as some hacker might get access to it .
I am looking into compress then encrypt the compressed file.
But i dunno what encryption i should use and if linux CLI tool available for password protected encryption ?
Thanks
Arshdeep
The community over at Hacker News raves about Tarsnap. As per the site:
Tarsnap is a secure online backup service for BSD, Linux, OS X, Solaris, Cygwin, and can probably be compiled on many other UNIX-like operating systems. The Tarsnap client code provides a flexible and powerful command-line interface which can be used directly or via shell scripts.
Tarsnap is not free, but it is extremely cheap.
If you're worried about transports, use SSH. I tend to use replication over an SSH tunnel to keep a MySQL database in sync. A backup of the version control server (which is not the same as the deployment server) is passed by rsync over ssh. If you want to encrypt files locally you could use gpg, which would of course not work in tandem with the database replication, in that case you'd be forced to use a dump or snapshot of your database at regular intervals.
You don't make that much sense here.
If downloading locally then you don't go over public networks, so it is not an issue.
Unless you meant simply to download. But the question is to download what?
On the other hand, the issue of securing the upload (for initial setup) and for maintenance is as equally important.
Securing your resources such as code repository and database is critical, but if you can have SSH access to your server you already have encrypted tunnel established and transferring files over that tunnel (scp) is quite secure; if paranoid (or in need) you can bump up security on SSH server setting to version 2 only.
I need to be able to encrypt the MySQL traffic from a web server to a database server. I know how to set MySQL to use SSL based on the server and client settings in my.cnf however, this needs to be done using mysql_connect() in PHP. This may be a 2 part question.
1) Does mysql_connect() use the MySQL client settings that are set in my.cnf?
If not...
I have read that you can use MYSQL_CLIENT_SSL however, where is the SSL data obtained from? Does using MYSQL_CLIENT_SSL in the mysql_connect function automagically encrypt the traffic?
Simply put, what is the best way to do this?
Thanks!
If you connect to MySQL using SSL, all your traffic between your SSL client and server will be encrypted.
MYSQL_CLIENT_SSL is obsolete. Using mysqli if you need to use SSL,
$db = mysqli_init();
$db->ssl_set(null, null,'cacert.pem',NULL,NULL);
$db->real_connect('host','user','pass','db');
As an alternate solution, you can also use SSH tunnels to accomplish compression and encryption.
MYSQL_CLIENT_SSL was removed from PHP and should not work.
You have a few options: the first is that if your web server is also your database server, you don't need encryption because the connection never leaves your box: it just uses localhost.
The second option is to use what Pablo suggested above and take advantage of SSH tunnels. An SSH tunnel essentially does the same thing as an SSL connection, except it takes one "extra step" to get it going.
This seems like a pretty decent tutorial to help get you started:
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
Hope this helps!
According to http://www.php.net/manual/en/mysql.constants.php#mysql.client-flags MYSQL_CLIENT_SSL is still part of PHP 4 and 5. You need to set up the SSL connection beforehand though. You'll have to generate certificates and a bunch of other hassle (http://www.madirish.net/?article=244) but it will encrypt the traffic between your web server and your database host.
As mentioned above, if your web server is on the same host as the database server this encryption is unnecessary as the data travels over a local socket and isn't exposed to the network. The SSL encryption only encrypts traffic over the network.
I would warn against using an SSH tunnel because they have a tendency to die and you'll have to worry about maintaining the connection.
I was wondering, whether knockd http://www.zeroflux.org/cgi-bin/cvstrac.cgi/knock/wiki would be a good was to be able to restart apache without logging into ssh. But my programming question was whether there is a way to send tcp/udp packages via PHP so I can knock via a webclient.
I am aware that this is not the safest way of doing it, but I will only want to do things like update the svn, restart apache without having any passwords in it like with using ssh to do that.
You may use fsockopen() functions... but what you are doing(and the way you are doing it) is very risky from a security standpoit.. as it had been said, ssh is the way:)
If you really want to restart the apache server by using remote access (non-ssh) you can create a small php-daemon, that just watches for a specific file,(ex: /tmp/restart.apache) and when that file appears run exec("/etc/init.d/apache restart") (or whatever the command is for your distribution). This daemon should run as root... and the thing is that the whole security thing is up to you this way, you have to make sure this cannot get arbitrarly executed...
Your portknock ideea... a simple port scanner may restart your apache by mistake:) portknock is recommented to be used in conjunction with a ssh auth , not directly with apache:)
Seriously, you do not want to do what your trying to do.
You should look into calling your remote server through some sort of secure protocol, like SSH. And on the client side, have a small PHP utility application/script that executes remote SSH commands (preferably with a keyfile only based authentication mechanism).
Why not have a PHP script that calls "svn update"? As long as the files are writeable by the user Apache runs as, it works great. Just hit that URL to update the website
For SVN you have whole PHP api, try search SVN on php.net