ssh2_fingerprint
(PECL ssh2:0.10-0.9)
ssh2_fingerprint — Retreive fingerprint of remote server
Описание
string ssh2_fingerprint
( resource $session
[, int $flags
] )
Returns a server hostkey hash from an active session.
Список параметров
- session
-
An SSH connection link identifier, obtained from a call to ssh2_connect().
- flags
-
flags may be either of SSH2_FINGERPRINT_MD5 or SSH2_FINGERPRINT_SHA1 logically ORed with SSH2_FINGERPRINT_HEX or SSH2_FINGERPRINT_RAW. Defaults to SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX.
Возвращаемые значения
Returns the hostkey hash as a string.
Примеры
Пример #1 Checking the fingerprint against a known value
<?php
$known_host = '6F89C2F0A719B30CC38ABDF90755F2E4';
$connection = ssh2_connect('shell.example.com', 22);
$fingerprint = ssh2_fingerprint($connection,
SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX);
if ($fingerprint != $known_host) {
die("HOSTKEY MISMATCH!\n" .
"Possible Man-In-The-Middle Attack?");
}
?>
- ssh2_auth_agent
- ssh2_auth_hostbased_file
- ssh2_auth_none
- ssh2_auth_password
- ssh2_auth_pubkey_file
- ssh2_connect
- ssh2_exec
- ssh2_fetch_stream
- ssh2_fingerprint
- ssh2_methods_negotiated
- ssh2_publickey_add
- ssh2_publickey_init
- ssh2_publickey_list
- ssh2_publickey_remove
- ssh2_scp_recv
- ssh2_scp_send
- ssh2_sftp_chmod
- ssh2_sftp_lstat
- ssh2_sftp_mkdir
- ssh2_sftp_readlink
- ssh2_sftp_realpath
- ssh2_sftp_rename
- ssh2_sftp_rmdir
- ssh2_sftp_stat
- ssh2_sftp_symlink
- ssh2_sftp_unlink
- ssh2_sftp
- ssh2_shell
- ssh2_tunnel
Коментарии
If you're going to compare the fingerprint to a user-submitted form field, it's probably a good idea to do case-insensitive comparison:
<?php
if ($conn = ssh2_connect($user, $password)) {
$fingerprint = ssh2_fingerprint($conn);
if (strcasecmp($fingerprint, $known_value) === 0) {
// Do your thing.
}
}
?>
Of course, this is only necessary when you use the SSH2_FINGERPRINT_HEX option, not SSH2_FINGERPRINT_RAW.