Documentation

SSH1
in package

SSH1

Pure-PHP implementation of SSHv1.

AUTH_PASSWORD

password authentication


    public
    mixed
    AUTH_PASSWORD
    = 3

This is the only method that is supported by this library.

AUTH_RHOSTS


    public
    mixed
    AUTH_RHOSTS
    = 1

.rhosts or /etc/hosts.equiv

AUTH_RHOSTS_RSA


    public
    mixed
    AUTH_RHOSTS_RSA
    = 4

.rhosts with RSA host authentication

AUTH_RSA

pure RSA authentication


    public
    mixed
    AUTH_RSA
    = 2

CIPHER_3DES

Triple-DES in CBC mode


    public
    mixed
    CIPHER_3DES
    = 3

All implementations are required to support this

CIPHER_BLOWFISH

Blowfish


    public
    mixed
    CIPHER_BLOWFISH
    = 6

Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and uses it (see cipher.c)

CIPHER_BROKEN_TSS

TRI's Simple Stream encryption CBC


    public
    mixed
    CIPHER_BROKEN_TSS
    = 4

Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h), although it doesn't use it (see cipher.c)

CIPHER_DES

DES in CBC mode


    public
    mixed
    CIPHER_DES
    = 2

CIPHER_IDEA

IDEA in CFB mode


    public
    mixed
    CIPHER_IDEA
    = 1

Not supported.

CIPHER_NONE

No encryption


    public
    mixed
    CIPHER_NONE
    = 0

Not supported.

LOG_COMPLEX

Returns the message content


    public
    mixed
    LOG_COMPLEX
    = 2

LOG_REALTIME

Outputs the content real-time


    public
    mixed
    LOG_REALTIME
    = 3

LOG_REALTIME_FILE

Dumps the content real-time to a file


    public
    mixed
    LOG_REALTIME_FILE
    = 4

LOG_SIMPLE

Returns the message numbers


    public
    mixed
    LOG_SIMPLE
    = 1

MASK_CONNECTED


    public
    mixed
    MASK_CONNECTED
    = 0x2

MASK_CONSTRUCTOR


    public
    mixed
    MASK_CONSTRUCTOR
    = 0x1

MASK_LOGIN


    public
    mixed
    MASK_LOGIN
    = 0x4

MASK_SHELL


    public
    mixed
    MASK_SHELL
    = 0x8

READ_REGEX

Returns when a string matching the regular expression $expect is found


    public
    mixed
    READ_REGEX
    = 2

READ_SIMPLE

Returns when a string matching $expect exactly is found


    public
    mixed
    READ_SIMPLE
    = 1

RESPONSE_DATA

The Response Data


    public
    mixed
    RESPONSE_DATA
    = 2

RESPONSE_TYPE

The Response Type


    public
    mixed
    RESPONSE_TYPE
    = 1

TTY_OP_END


    public
    mixed
    TTY_OP_END
    = 0

$bitmap

Execution Bitmap


    public
        int
    $bitmap
     = 0

The bits that are set represent functions that have been called already. This is used to determine if a requisite function has been successfully executed. If not, an error should be thrown.

$cipher

Default cipher


    public
        int
    $cipher

$connectionTimeout

Timeout for initial connection


    public
        int
    $connectionTimeout

Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor, however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be 10 seconds. It is used by fsockopen() in that function.

$crypto

The cryptography object


    public
        object
    $crypto
     = false

$curTimeout

Current Timeout


    public
        mixed
    $curTimeout

$fsock

The Socket Object


    public
        object
    $fsock

$host

Hostname


    public
        string
    $host

$host_key_public_exponent

The Host Key Public Exponent


    public
        string
    $host_key_public_exponent

Logged for debug purposes

$host_key_public_modulus

The Host Key Public Modulus


    public
        string
    $host_key_public_modulus

Logged for debug purposes

$identifier

The SSH identifier


    public
        string
    $identifier
     = 'SSH-1.5-phpseclib'

$interactiveBuffer

Interactive Buffer


    public
        array<string|int, mixed>
    $interactiveBuffer
     = ''

$log_boundary

Log Boundary


    public
        mixed
    $log_boundary
     = ':'

$log_long_width

Log Long Width


    public
        mixed
    $log_long_width
     = 65

$log_short_width

Log Short Width


    public
        mixed
    $log_short_width
     = 16

$message_log

Message Log


    public
        array<string|int, mixed>
    $message_log
     = array()

$port

Port Number


    public
        int
    $port

$protocol_flag_log

Protocol Flag Log


    public
        array<string|int, mixed>
    $protocol_flag_log
     = array()

$protocol_flags

Protocol Flags


    public
        array<string|int, mixed>
    $protocol_flags
     = array()

$realtime_log_file

Real-time log file pointer


    public
        resource
    $realtime_log_file

$realtime_log_size

Real-time log file size


    public
        int
    $realtime_log_size

$realtime_log_wrap

Real-time log file wrap boolean


    public
        bool
    $realtime_log_wrap

$server_identification

Server Identification


    public
        string
    $server_identification
     = ''

$server_key_public_exponent

The Server Key Public Exponent


    public
        string
    $server_key_public_exponent

Logged for debug purposes

$server_key_public_modulus

The Server Key Public Modulus


    public
        string
    $server_key_public_modulus

Logged for debug purposes

$supported_authentications

Supported Authentications


    public
        array<string|int, mixed>
    $supported_authentications
     = array(self::AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv', self::AUTH_RSA => 'pure RSA authentication', self::AUTH_PASSWORD => 'password authentication', self::AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication')

Logged for debug purposes

$supported_ciphers

Supported Ciphers


    public
        array<string|int, mixed>
    $supported_ciphers
     = array(self::CIPHER_NONE => 'No encryption', self::CIPHER_IDEA => 'IDEA in CFB mode', self::CIPHER_DES => 'DES in CBC mode', self::CIPHER_3DES => 'Triple-DES in CBC mode', self::CIPHER_BROKEN_TSS => 'TRI's Simple Stream encryption CBC', self::CIPHER_RC4 => 'RC4', self::CIPHER_BLOWFISH => 'Blowfish')

Logged for debug purposes

$timeout

Timeout


    public
        mixed
    $timeout

__construct()

Default Constructor.


    public
                __construct(string $host[, int $port = 22 ][, int $timeout = 10 ][, int $cipher = self::CIPHER_3DES ]) : SSH1

Connects to an SSHv1 server

Parameters

$host : string
$port : int = 22
$timeout : int = 10
$cipher : int = self::CIPHER_3DES

Return values

SSH1 —

__destruct()

Destructor.


    public
                __destruct() : mixed

Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call disconnect().

Return values

mixed —

_append_log()

Logs data packets


    public
                _append_log(mixed $protocol_flags, mixed $message) : mixed

Makes sure that only the last 1MB worth of packets will be logged

Parameters

$protocol_flags : mixed
$message : mixed

Return values

mixed —

_connect()

Connect to an SSHv1 server


    public
                _connect() : bool

Return values

bool —

_crc()

Cyclic Redundancy Check (CRC)


    public
                _crc(string $data) : int

PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so we've reimplemented it. A more detailed discussion of the differences can be found after $crc_lookup_table's initialization.

Parameters

$data : string

Return values

int —

_define_array()

Define Array


    public
                _define_array() : mixed

Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of named constants from it, using the value as the name of the constant and the index as the value of the constant. If any of the constants that would be defined already exists, none of the constants will be defined.

Return values

mixed —

_disconnect()

Disconnect


    public
                _disconnect([string $msg = 'Client Quit' ]) : mixed

Parameters

$msg : string = 'Client Quit'

Return values

mixed —

_format_log()

Formats a log for printing


    public
                _format_log(array<string|int, mixed> $message_log, array<string|int, mixed> $message_number_log) : string

Parameters

$message_log : array<string|int, mixed>
$message_number_log : array<string|int, mixed>

Return values

string —

_format_log_helper()

Helper function for _format_log


    public
                _format_log_helper(array<string|int, mixed> $matches) : string

For use with preg_replace_callback()

Parameters

$matches : array<string|int, mixed>

Return values

string —

_get_binary_packet()

Gets Binary Packets


    public
                _get_binary_packet() : array<string|int, mixed>

See 'The Binary Packet Protocol' of protocol-1.5.txt for more info.

Also, this function could be improved upon by adding detection for the following exploit: http://www.securiteam.com/securitynews/5LP042K3FY.html

Return values

array<string|int, mixed> —

_initShell()

Creates an interactive shell


    public
                _initShell() : bool

Return values

bool —

_rsa_crypt()

RSA Encrypt


    public
                _rsa_crypt(BigInteger $m, array<string|int, mixed> $key) : BigInteger

Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that calls this call modexp, instead, but I think this makes things clearer, maybe...

Parameters

$m : BigInteger
$key : array<string|int, mixed>

Return values

BigInteger —

_send_binary_packet()

Sends Binary Packets


    public
                _send_binary_packet(string $data) : bool

Returns true on success, false on failure.

Parameters

$data : string

Return values

bool —

_string_shift()

String Shift


    public
                _string_shift(string &$string[, int $index = 1 ]) : string

Inspired by array_shift

Parameters

$string : string
$index : int = 1

Return values

string —

disconnect()

Disconnect


    public
                disconnect() : mixed

Return values

mixed —

exec()

Executes a command on a non-interactive shell, returns the output, and quits.


    public
                exec(string $cmd[, mixed $block = true ]) : mixed

An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2 servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a shell with the -s option, as discussed in the following links:

http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_62.html

To execute further commands, a new \phpseclib\Net\SSH1 object will need to be created.

Returns false on failure and the output, otherwise.

Parameters

$cmd : string
$block : mixed = true

Return values

mixed —

getHostKeyPublicExponent()

Return the host key public exponent


    public
                getHostKeyPublicExponent([bool $raw_output = false ]) : string

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

$raw_output : bool = false

Return values

string —

getHostKeyPublicModulus()

Return the host key public modulus


    public
                getHostKeyPublicModulus([bool $raw_output = false ]) : string

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

$raw_output : bool = false

Return values

string —

getLog()

Returns a log of the packets that have been sent and received.


    public
                getLog() : array<string|int, mixed>|false|string

Returns a string if NET_SSH1_LOGGING == self::LOG_COMPLEX, an array if NET_SSH1_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH1_LOGGING')

Return values

array<string|int, mixed>|false|string —

getServerIdentification()

Return the server identification.


    public
                getServerIdentification() : string

Return values

string —

getServerKeyPublicExponent()

Return the server key public exponent


    public
                getServerKeyPublicExponent([bool $raw_output = false ]) : string

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

$raw_output : bool = false

Return values

string —

getServerKeyPublicModulus()

Return the server key public modulus


    public
                getServerKeyPublicModulus([bool $raw_output = false ]) : string

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

$raw_output : bool = false

Return values

string —

getSupportedAuthentications()

Return a list of authentications supported by SSH1 server.


    public
                getSupportedAuthentications([bool $raw_output = false ]) : array<string|int, mixed>

Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll get array(self::AUTH_PASSWORD).

Parameters

$raw_output : bool = false

Return values

array<string|int, mixed> —

getSupportedCiphers()

Return a list of ciphers supported by SSH1 server.


    public
                getSupportedCiphers([bool $raw_output = false ]) : array<string|int, mixed>

Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll get array(self::CIPHER_3DES).

Parameters

$raw_output : bool = false

Return values

array<string|int, mixed> —

interactiveRead()

Returns the output of an interactive shell when no more output is available.


    public
                interactiveRead() : string

Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like "^[[00m", you're seeing ANSI escape codes. According to How to Enable ANSI.SYS in a Command Window, "Windows NT does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user, there's not going to be much recourse.

Return values

string —

interactiveWrite()

Inputs a command into an interactive shell.


    public
                interactiveWrite(string $cmd) : bool

Parameters

$cmd : string

Return values

bool —

login()


    public
                login(string $username[, string $password = '' ]) : bool

Parameters

$username : string
$password : string = ''

Return values

bool —

read()

Returns the output of an interactive shell when there's a match for $expect


    public
                read(string $expect[, int $mode = self::READ_SIMPLE ]) : bool

$expect can take the form of a string literal or, if $mode == self::READ_REGEX, a regular expression.

Parameters

$expect : string
$mode : int = self::READ_SIMPLE

Return values

bool —

setTimeout()

Set Timeout


    public
                setTimeout(mixed $timeout) : mixed

$ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. Setting $timeout to false or 0 will mean there is no timeout.

Parameters

$timeout : mixed

Return values

mixed —

write()

Inputs a command into an interactive shell.


    public
                write(string $cmd) : bool

Parameters

$cmd : string

Return values

bool —