使用SFTP上传:不使用CURLOPT_SSLKEY

时间:2013-05-02 16:13:45

标签: php curl ssh

我必须通过SFTP文件从服务器上传到另一个

这是我的sftp()函数:

function transfert_curl_sftp($local_filename, $distant_filename, $host_destination, $user_destination,$pubkey_filename,$privkey_filename,$port) {
if ( !extension_loaded('curl') ) return 'no_curl_extension';
$distant_filename = ltrim($distant_filename,'/');

$fp = fopen($local_filenam, 'r');
$sftp_server = $host_destination.'/'.$distant_filename;
$curl = curl_init();
curl_setopt($curl, CURLOPT_UPLOAD, TRUE);
curl_setopt($curl, CURLOPT_HEADER, TRUE);
curl_setopt($curl, CURLOPT_VERBOSE, TRUE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_SFTP); 
curl_setopt($curl, CURLOPT_NOPROGRESS, FALSE);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE);

$trace = tempnam( dirname($local_filenam),'temp_curl_' );
$fptrace = fopen($trace, 'w');
curl_setopt($curl, CURLOPT_FILE, $fptrace);
curl_setopt($curl, CURLOPT_STDERR, $fptrace);

curl_setopt($curl, CURLOPT_URL, 'sftp://@'.$sftp_server);
curl_setopt($curl, CURLOPT_PORT, $port);
curl_setopt($curl, CURLOPT_USERPWD, $user_destination.':');
curl_setopt($curl, CURLOPT_SSH_PUBLIC_KEYFILE, $pubkey_filename);
curl_setopt($curl, CURLOPT_SSLENGINE, '');
curl_setopt($curl, CURLOPT_SSLKEY, $privkey_filename);
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, '');

curl_setopt($curl, CURLOPT_INFILESIZE, filesize($local_file));
curl_setopt($curl, CURLOPT_INFILE, $fp);

$info = curl_getinfo($curl);
$start_error_no = curl_errno($curl);
$valid_operation = curl_exec($curl);   
$final_error_no = curl_errno($curl);
curl_close($curl);
fclose($fp);
fclose($fptrace);

echo '<pre>trace:',file_get_contents($trace),'<hr>'; var_dump($start_error_no,$valid_operation,$final_error_no);

return true;
}

永远不会上传文件: - (

当我查看跟踪文件时,我看到 *可用的SSH身份验证方法:publickey,password *使用ssh公钥文件/var/www/xxx/yyy/upload/dsa-zzz.pub *使用ssh私钥file id_dsa * SSH公钥认证失败:回调返回错误* 所以我认为'CURLOPT_SSLKEY'参数没有真正设置... 我所有的关键文件都可以阅读...

这是一个PHP错误吗?或者我写错了什么?

1 个答案:

答案 0 :(得分:1)

SFTP协议使用SSH2来保护连接,因此您需要提供SSH私钥,而不是SSL私钥。 SSH和SSL是保护连接的两种不同方式(more details about their difference)。

所以你应该替换:

curl_setopt($curl, CURLOPT_SSLENGINE, '');
curl_setopt($curl, CURLOPT_SSLKEY, $privkey_filename);
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, '');

通过:

curl_setopt($curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PUBLICKEY);
curl_setopt($curl, CURLOPT_SSH_PUBLIC_KEYFILE, $pubkey_filename); // you already did it
curl_setopt($curl, CURLOPT_SSH_PRIVATE_KEYFILE, $privkey_filename);
curl_setopt($curl, CURLOPT_KEYPASSWD, '');
相关问题
最新问题