我正在尝试使用密钥文本而不是密钥路径建立SSH连接,但没有成功。
出于移动性和安全性原因,我将加密的密钥文本保存在数据库中,但是我无法注入ssh config进行连接。我得到的只是“无法连接到服务器”。
我也尝试过使用硬编码的密钥文本,但没有成功。
我认为将密钥存储在数据库中并在以后进行检索是没有问题的,因为如果我将从数据库中检索到的密钥保存到存储器中的临时文件中并使用密钥路径,则表示成功建立了连接。
这有效:
<?php
public function getSshConfig(): array
{
$identity = $this->identityByServiceNumber(22);
$config = array_merge([
'host' => $this->connectionRoute(22),
'username' => $identity->username,
'agent' => '',
'timeout' => 60,
], $identity->private_key ? [
'key' => Storage::put('keys' . DIRECTORY_SEPARATOR . $identity->id, $identity->private_key) ?
storage_path('app' . DIRECTORY_SEPARATOR . 'keys' . DIRECTORY_SEPARATOR . $identity->id) : null,
'keyphrase' => $identity->password,
] : [
'password' => $identity->password,
]);
return $config;
}
这不起作用:
public function getSshConfig(): array
{
$identity = $this->identityByServiceNumber(22);
$config = array_merge([
'host' => $this->connectionRoute(22),
'username' => $identity->username,
'key' => '',
'agent' => '',
'timeout' => 60,
], $identity->private_key ? [
'keytext' => $identity->private_key,
'keyphrase' => $identity->password,
] : [
'password' => $identity->password,
]);
return $config;
}
这两项都不可行:
public function getSshConfig(): array
{
$identity = $this->identityByServiceNumber(22);
$config = array_merge([
'host' => $this->connectionRoute(22),
'username' => $identity->username,
'key' => '',
'agent' => '',
'timeout' => 60,
], $identity->private_key ? [
'keytext' => '-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,069AEAFA71947BEDA3AAA1EC609D62B0
······················································
-----END RSA PRIVATE KEY-----',
'keyphrase' => $identity->password,
] : [
'password' => $identity->password,
]);
return $config;
}
这:
'-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,069AEAFA71947BEDA3AAA1EC609D62B0
······················································
-----END RSA PRIVATE KEY-----'
确切地说是存储在数据库中的内容(在存储时加密,在检索时解密),并且如我所说,如果我保存到临时文件并使用密钥路径,则可以正常工作。