Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
Ask Question
I am using docker to setup an env
docker env: ubuntu-desktop-lxde (ubuntu 20.04)
(also the server I want to connect to is 20.04)
The docker uses:
RUN apt-get install openssh-server
... lots more
RUN apt-get update;
RUN apt-get install -y --no-install-recommends libssh2-1-dev
RUN pecl install ssh2-1.3.1
# its a ngnix install, so I sed replace the php.ini to get the ssh2 working
RUN sed -i 's/;extension=shmop/;extension=shmop\nextension=ssh2.so/g' /etc/php/7.4/fpm/php.ini
Since its ubuntu 20.04, rsa will no longer works, so I have to use ecdsa
When I am on the machine, via command line I am able to ssh using ecdsa, for example:
ssh -gNf -i /home/autouser/.ssh/ecdsa_key -L 55259:localhost:3306 <username>@<ssh_host> -p <ssh_port>
mysql -h 127.0.0.1 -P <ssh_port> -u <user> -p <db> -p<pass>
The keys have been created correctly, and added to the server
This works, and I can query the db in command line
(I can even do a similar thing with java)
However, when I try to do this with php:
$connection = ssh2_connect($ssh_host , $ssh_port , ['hostkey'=>'ecdsa-sha2-nistp256']);
if(!$connection){die('Unable to connect to ssh host');} // we blow up here
I get the following warning: ssh2_connect(): Failed overriding HOSTKEY method
This I believe implies the ecdsa-sha2-nistp256 is not suppoted by the libssh2
If I look at my php ini for ssh, I can see the following:
extension version 1.3.1
libssh2 version 1.8.0 <----- Note This
banner SSH-2.0-libssh2_1.8.0
SSL Version OpenSSL/1.1.1f
ZLib Version 1.2.11
libSSH Version libssh/0.9.3/openssl/zlib
As you can see the libssh2 is 1.8.0
If we check the site: https://www.libssh2.org/changes.html
ECDSA keys and host key support when using OpenSSL was not added until version 1.9.0
So... I believe I've found the problem (which is usually half the battle), but... I've spent days trying to update this libssh2 library in docker without any luck
... so here I am, I hope someone can help
I've tried doing something like but is still gives the 1.8.0 version:
RUN apt-get install git -y
RUN apt-get update;
RUN apt-get install -y --no-install-recommends libssh2-1-dev
RUN pecl install ssh2-1.3.1
RUN cd /tmp && git clone https://github.com/php/pecl-networking-ssh2.git
RUN cd /tmp/pecl-networking-ssh2 && .travis/build.sh
I dont understand what it is I need to do to get the 1.9 / 1.10 versions mentioned here: https://www.libssh2.org/changes.html
I know if I try on the machine its self:
sudo apt-get install libssh2-1.* // results in:
libssh2-1 is already the newest version (1.8.0-2.1build1).
libssh2-1-dev is already the newest version (1.8.0-2.1build1).
I'm not certain how it can be the newest build when the libssh2 site says there is a later version, some repository I need to add somehow?
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
