Ad

Phpseclib SFTP Failed User Authentication

- 1 answer

i'm attempting to test an SFTP connection thru my web app running on laravel 5.7 framework using phpseclib . This is the authentication code, using only password authentication. The SFTP server is also using IP whitelisting as additional security.

                $sftp = new SFTP(env('SFTP_HOST'));
                if (!$sftp->login(env('SFTP_USER'), env('SFTP_PASSWORD'))) {
                    echo $sftp->getLog();
                }

Ad

Answer

The -vvv logs almost make me wonder if the server is using multi factor authentication. Like you have to provide both an RSA key and a password. If so you should be able to achieve that thusly:

$key = new RSA;
$key->loadKey(file_get_contents('/home/forge/.ssh/id_rsa'));

$sftp = new SFTP(env('SFTP_HOST'));
if (!$sftp->login(env('SFTP_USER'), $key, env('SFTP_PASSWORD'))) {
    echo $sftp->getLog();
}

The -vvv logs also indicate that it's skipping straight to keyboard-interactive auth - that it's not even trying password auth. You can force phpseclib to do keyboard-interactive by doing $sftp->login(env('SFTP_USER'), ['Password:' => env('SFTP_PASSWORD')]) instead of what you are doing.

Maybe some combination of these two tips will help you out.

Ad
source: stackoverflow.com
Ad