Reputation: 6693
How can I secure my SSH commands to a remote server in Laravel?
I am using laravelcollective/remote which is documented in Laravel 4.2 but this documentation does not display any information about the 6.x version of this.
I am trying to access my external servers to run Docker commands:
SSH::into('production')->run(["docker inspect --format='{{.Name}}' {$id}"], function($container) {
// ...
});
My configuration looks like this and is pretty basic, although it works:
'connections' => [
'production' => [
'host' => 'xx.xx.xxx.x',
'username' => 'xxx',
'password' => 'xxx',
'key' => '',
'keytext' => '',
'keyphrase' => '',
'agent' => '',
'timeout' => 10,
],
],
When I then use:
SSH::into('production')->run(['ls'], function($x) { echo $x; });
It works fine, but how secure is this? I can see I am missing 4 default fields that I assume make this more secure. How can I generate a key, keytext and keyphrase and what are they?
Upvotes: 0
Views: 439
Answers (1)
Reputation: 5174
The SSH component was removed from Laravel core in 2015 and Laravel Collective is maintaining this component from then on - article on Laravel News. That‘s why you do not find anything about this in the official Laravel docs anymore.
The „key“, „keyphrase“ and „keytext“ field should be used when you want to use an ssh key instead of logging in with username and passwort.
The „key“ field holds the full path to your private ssh key file. In the „keyphrase“ field the passphrase (if existing) of your ssh key should be entered.
The documentation about the config options is not very good - I just searched across Github issues to get some information.
The laravelcollective/remote package uses the phpseclib/phpseclib lib for creating SSH connections. This is a PHP Secure Communications Library implementing
SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, ... and many more. So this question about secure connections should be better asked there. ;-) I'd say, yes it is a secure, encrypted connection.
Upvotes: 1
Related Questions
- Laravel MySql DB Connection with SSH
- SSH into dynamic remote server and run a command - Laravel 5.8
- Laravel connect to remote ssh server
- run composer and laravel (artisan) commands without ssh access
- How to securely maintain a persistent SSH connection in PHP?
- ssh from parameter laravel
- How to Connect Remote Database in Laravel 5 using ssh
- How to configure laravel in order to used ssh keys
- How can I execute remote commands in PHP via ssh?
- Use SSH to mysql_connect with Laravel