Ajax request to PHP page and exec(ssh....) not working

Question

I am posting to a php page using ajax (ignore the data posted, thats not important)

When I run the php page on my linux server using the command: php addHit.php it correctly echoes out the hostname of the remote server. However this does not happen in ajax, all I get is a blank alert where the success function is. You can see it in action here: http://ec2-54-244-169-118.us-west-2.compute.amazonaws.com/bootstrap/jumbotron-narrow/index.php

    <script>
        $(function() {  
            $("form[name=addHit]").submit(function() {  
                alert("I am an alert box!");
                var link = $("input[name=link]").val();
                var comments = $("input[name=comments]").val();
                var datastring = "link="+link+"&comments="+comments;
                alert(datastring);
                $.ajax({
                    type: "POST",  
                    url: "/bootstrap/jumbotron-narrow/addHit.php",  
                    data: datastring,  
                    success: function(data, status, xhr) {  
                        alert(data);
                    }, 
                    error: function(httpRequest, textStatus, errorThrown) { 
                       alert("status=" + textStatus + ",error=" + errorThrown);
                    }
                });  
                alert("here");
                return false;
            }); 
        });  
    </script>

my addHit.php page

$commands = "ssh -i adoekey.pem ubuntu@ip-10-250-69-130.us-west-2.compute.internal hostname -f ";
echo exec($commands);

Answer 1

Honestly, instead of using proc_open, I think it'd be easier to use phpseclib, a pure PHP SSH implementation. eg

<?php
include('Net/SSH2.php');
include('Crypt/RSA.php');

$ssh = new Net_SSH2('ip-10-250-69-130.us-west-2.compute.internal');
$key = new Crypt_RSA();
$key->loadKey(file_get_contents('adoekey.pem'));
if (!$ssh->login('ubuntu', $key)) {
    exit('Login Failed');
}

//stderr will be included in output unless specifically disabled
//$ssh->enableQuietMode();
echo $ssh->exec('hostname -f');
//be quiet mode enabled or not you can still get stderr with $ssh->getStdError()
?>

Answer 2

How @Archetype2 fixed the problem (from his post):

I had to create the folder /var/www/.ssh and I copied the items from the /root/.ssh folder into this new folder and changed the ownership of the new directory and its contents to www-data. Then I changed the permissions on the pem file to 400.

Getting the stderr output from a command

Instead of using exec to run a command, use the following (from "PHP StdErr after Exec()"):

$descriptorspec = array(
    0 => array("pipe", "r"),  // stdin
    1 => array("pipe", "w"),  // stdout
    2 => array("pipe", "w"),  // stderr
);

$command = "ssh -i adoekey.pem ubuntu@ip-10-250-69-130.us-west-2.compute.internal hostname -f ";
$pipes = '';
$process = proc_open($command, $descriptorspec, $pipes, dirname(__FILE__), null);

$stdout = stream_get_contents($pipes[1]);
fclose($pipes[1]);

$stderr = stream_get_contents($pipes[2]);
fclose($pipes[2]);

echo "stdout : \n";
var_dump($stdout);

echo "stderr :\n";
var_dump($stderr);

$returnCode = proc_close($process);
echo "Return code: " . $returnCode;

---

When you run the php addHit.php command, you're running it as the user you're logged in with (root maybe?). The HTTP server most likely has it's own user with severely limited permissions. What is your server configuration? Are you running a LAMP stack?

Also try to use the absolute file path to the .pem file since whatever is executing your php script may be changing the current working directory to something else.

Answer 3

I had to create the folder /var/www/.ssh and I copied the items from the /root/.ssh folder into this new folder and changed the ownership of the new directory and its contents to www-data. Then I changed the permissions on the pem file to 400.