使用 SFTP 上传:未使用 CURLOPT_SSLKEY [英] uploading with SFTP : CURLOPT_SSLKEY is not used

问题描述

我必须通过 SFTP 文件从一个服务器上传到另一个服务器

i have to upload via SFTP files from a server to another

这是我的 sftp() 函数:

here is my sftp() function :

function transfert_curl_sftp($local_filename, $distant_filename, $host_destination, $user_destination,$pubkey_filename,$privkey_filename,$port) {
if ( !extension_loaded('curl') ) return 'no_curl_extension';
$distant_filename = ltrim($distant_filename,'/');

$fp = fopen($local_filenam, 'r');
$sftp_server = $host_destination.'/'.$distant_filename;
$curl = curl_init();
curl_setopt($curl, CURLOPT_UPLOAD, TRUE);
curl_setopt($curl, CURLOPT_HEADER, TRUE);
curl_setopt($curl, CURLOPT_VERBOSE, TRUE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_SFTP); 
curl_setopt($curl, CURLOPT_NOPROGRESS, FALSE);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);

$trace = tempnam( dirname($local_filenam),'temp_curl_' );
$fptrace = fopen($trace, 'w');
curl_setopt($curl, CURLOPT_FILE, $fptrace);
curl_setopt($curl, CURLOPT_STDERR, $fptrace);

curl_setopt($curl, CURLOPT_URL, 'sftp://@'.$sftp_server);
curl_setopt($curl, CURLOPT_PORT, $port);
curl_setopt($curl, CURLOPT_USERPWD, $user_destination.':');
curl_setopt($curl, CURLOPT_SSH_PUBLIC_KEYFILE, $pubkey_filename);
curl_setopt($curl, CURLOPT_SSLENGINE, '');
curl_setopt($curl, CURLOPT_SSLKEY, $privkey_filename);
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, '');

curl_setopt($curl, CURLOPT_INFILESIZE, filesize($local_file));
curl_setopt($curl, CURLOPT_INFILE, $fp);

$info = curl_getinfo($curl);
$start_error_no = curl_errno($curl);
$valid_operation = curl_exec($curl);   
$final_error_no = curl_errno($curl);
curl_close($curl);
fclose($fp);
fclose($fptrace);

echo '<pre>trace:',file_get_contents($trace),'<hr>'; var_dump($start_error_no,$valid_operation,$final_error_no);

return true;
}

文件永远不会上传:-(

the file is never uploaded :-(

当我查看跟踪文件时，我看到 * 可用的 SSH 身份验证方法:publickey,password * 使用 ssh 公钥文件/var/www/xxx/yyy/upload/dsa-zzz.pub * 使用 ssh 私钥file id_dsa * SSH 公钥认证失败:回调返回错误 *所以我认为'CURLOPT_SSLKEY'参数并没有真正设置......我所有的密钥文件都可以阅读...

when i look the trace file i see * SSH authentication methods available: publickey,password * Using ssh public key file /var/www/xxx/yyy/upload/dsa-zzz.pub * Using ssh private key file id_dsa * SSH public key authentication failed: Callback returned error * so i think that 'CURLOPT_SSLKEY' parameter is not really set... all my key files are ok for reading...

这是一个 PHP 错误吗?还是我写东西失败了?

is it a PHP bug ? or i fail writing something ?

推荐答案

SFTP 协议使用 SSH2 来保护连接，因此您需要提供 SSH 私钥，而不是 SSL 的私钥.SSH 和 SSL 是保护连接的两种不同方式(有关它们差异的更多详细信息).

SFTP protocol uses SSH2 to secure the connection, so you need to provide an SSH private key, not an SSL's one. SSH and SSL are 2 distinct ways to secure a connection (more details about their difference).

所以你应该替换:

curl_setopt($curl, CURLOPT_SSLENGINE, '');
curl_setopt($curl, CURLOPT_SSLKEY, $privkey_filename);
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, '');

作者:

curl_setopt($curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PUBLICKEY);
curl_setopt($curl, CURLOPT_SSH_PUBLIC_KEYFILE, $pubkey_filename); // you already did it
curl_setopt($curl, CURLOPT_SSH_PRIVATE_KEYFILE, $privkey_filename);
curl_setopt($curl, CURLOPT_KEYPASSWD, '');

这篇关于使用 SFTP 上传:未使用 CURLOPT_SSLKEY的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！