Skip to content

SSH2

Pure-PHP implementation of SSHv2.

  • Full name: \phpseclib\Net\SSH2

Constants

Constant Visibility Type Value
NET_SSH2_COMPRESSION_NONE public 1
NET_SSH2_COMPRESSION_ZLIB public 2
NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH public 3
MASK_CONSTRUCTOR public 0x1
MASK_CONNECTED public 0x2
MASK_LOGIN_REQ public 0x4
MASK_LOGIN public 0x8
MASK_SHELL public 0x10
MASK_WINDOW_ADJUST public 0x20
CHANNEL_EXEC public 1
CHANNEL_SHELL public 2
CHANNEL_SUBSYSTEM public 3
CHANNEL_AGENT_FORWARD public 4
CHANNEL_KEEP_ALIVE public 5
LOG_SIMPLE public 1
LOG_COMPLEX public 2
LOG_REALTIME public 3
LOG_REALTIME_FILE public 4
LOG_MAX_SIZE public 1048576
READ_SIMPLE public 1
READ_REGEX public 2
READ_NEXT public 3

Properties

identifier

The SSH identifier

public string $identifier

fsock

The Socket Object

public object $fsock

bitmap

Execution Bitmap

public int $bitmap

The bits that are set represent functions that have been called already. This is used to determine if a requisite function has been successfully executed. If not, an error should be thrown.

errors

Error information

public string $errors

See Also:

  • \phpseclib\Net\self::getErrors() - * \phpseclib\Net\self::getLastError() -

server_identifier

Server Identifier

public array|false $server_identifier

See Also:

  • \phpseclib\Net\self::getServerIdentification() -

kex_algorithms

Key Exchange Algorithms

public array|false $kex_algorithms

See Also:

  • \phpseclib\Net\self::getKexAlgorithims() -

kex_algorithm

Key Exchange Algorithm

public string|false $kex_algorithm

See Also:

  • \phpseclib\Net\self::getMethodsNegotiated() -

kex_dh_group_size_min

Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods

public int $kex_dh_group_size_min

See Also:

  • \phpseclib\Net\self::_key_exchange() -

kex_dh_group_size_preferred

Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods

public int $kex_dh_group_size_preferred

See Also:

  • \phpseclib\Net\self::_key_exchange() -

kex_dh_group_size_max

Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods

public int $kex_dh_group_size_max

See Also:

  • \phpseclib\Net\self::_key_exchange() -

server_host_key_algorithms

Server Host Key Algorithms

public array|false $server_host_key_algorithms

See Also:

  • \phpseclib\Net\self::getServerHostKeyAlgorithms() -

supported_private_key_algorithms

Supported Private Key Algorithms

public array|false $supported_private_key_algorithms

In theory this should be the same as the Server Host Key Algorithms but, in practice, some servers (eg. Azure) will support rsa-sha2-512 as a server host key algorithm but not a private key algorithm

See Also:

  • \phpseclib\Net\self::privatekey_login() -

encryption_algorithms_client_to_server

Encryption Algorithms: Client to Server

public array|false $encryption_algorithms_client_to_server

See Also:

  • \phpseclib\Net\self::getEncryptionAlgorithmsClient2Server() -

encryption_algorithms_server_to_client

Encryption Algorithms: Server to Client

public array|false $encryption_algorithms_server_to_client

See Also:

  • \phpseclib\Net\self::getEncryptionAlgorithmsServer2Client() -

mac_algorithms_client_to_server

MAC Algorithms: Client to Server

public array|false $mac_algorithms_client_to_server

See Also:

  • \phpseclib\Net\self::getMACAlgorithmsClient2Server() -

mac_algorithms_server_to_client

MAC Algorithms: Server to Client

public array|false $mac_algorithms_server_to_client

See Also:

  • \phpseclib\Net\self::getMACAlgorithmsServer2Client() -

compression_algorithms_client_to_server

Compression Algorithms: Client to Server

public array|false $compression_algorithms_client_to_server

See Also:

  • \phpseclib\Net\self::getCompressionAlgorithmsClient2Server() -

compression_algorithms_server_to_client

Compression Algorithms: Server to Client

public array|false $compression_algorithms_server_to_client

See Also:

  • \phpseclib\Net\self::getCompressionAlgorithmsServer2Client() -

languages_server_to_client

Languages: Server to Client

public array|false $languages_server_to_client

See Also:

  • \phpseclib\Net\self::getLanguagesServer2Client() -

languages_client_to_server

Languages: Client to Server

public array|false $languages_client_to_server

See Also:

  • \phpseclib\Net\self::getLanguagesClient2Server() -

preferred

Preferred Algorithms

public array $preferred

See Also:

  • \phpseclib\Net\self::setPreferredAlgorithms() -

encrypt_block_size

Block Size for Server to Client Encryption

public int $encrypt_block_size

"Note that the length of the concatenation of 'packet_length', 'padding_length', 'payload', and 'random padding' MUST be a multiple of the cipher block size or 8, whichever is larger. This constraint MUST be enforced, even when using stream ciphers."

-- http://tools.ietf.org/html/rfc4253#section-6

See Also:

  • \phpseclib\Net\self::__construct() - * \phpseclib\Net\self::_send_binary_packet() -

decrypt_block_size

Block Size for Client to Server Encryption

public int $decrypt_block_size

See Also:

  • \phpseclib\Net\self::__construct() - * \phpseclib\Net\self::_get_binary_packet() -

decrypt

Server to Client Encryption Object

public object $decrypt

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

decryptName

Decryption Algorithm Name

public string|null $decryptName

encrypt

Client to Server Encryption Object

public object $encrypt

See Also:

  • \phpseclib\Net\self::_send_binary_packet() -

encryptName

Encryption Algorithm Name

public string|null $encryptName

hmac_create

Client to Server HMAC Object

public object $hmac_create

See Also:

  • \phpseclib\Net\self::_send_binary_packet() -

hmac_create_name

Client to Server HMAC Name

private string|false $hmac_create_name

hmac_check

Server to Client HMAC Object

public object $hmac_check

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

hmac_check_name

Server to Client HMAC Name

public string|false $hmac_check_name

hmac_size

Size of server to client HMAC

public int $hmac_size

We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is append it.

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

server_public_host_key

Server Public Host Key

public string $server_public_host_key

See Also:

  • \phpseclib\Net\self::getServerPublicHostKey() -

session_id

Session identifier

public string $session_id

"The exchange hash H from the first key exchange is additionally used as the session identifier, which is a unique identifier for this connection."

-- http://tools.ietf.org/html/rfc4253#section-7.2

See Also:

  • \phpseclib\Net\self::_key_exchange() -

exchange_hash

Exchange hash

public string $exchange_hash

The current exchange hash

See Also:

  • \phpseclib\Net\self::_key_exchange() -

message_numbers

Message Numbers

public array $message_numbers

See Also:

  • \phpseclib\Net\self::__construct() -

disconnect_reasons

Disconnection Message 'reason codes' defined in RFC4253

public array $disconnect_reasons

See Also:

  • \phpseclib\Net\self::__construct() -

channel_open_failure_reasons

SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254

public array $channel_open_failure_reasons

See Also:

  • \phpseclib\Net\self::__construct() -

terminal_modes

Terminal Modes

public array $terminal_modes

See Also:

  • \phpseclib\Net\self::__construct() - * http://tools.ietf.org/html/rfc4254#section-8 -

channel_extended_data_type_codes

SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes

public array $channel_extended_data_type_codes

See Also:

  • \phpseclib\Net\self::__construct() - * http://tools.ietf.org/html/rfc4254#section-5.2 -

send_seq_no

Send Sequence Number

public int $send_seq_no

See 'Section 6.4. Data Integrity' of rfc4253 for more info.

See Also:

  • \phpseclib\Net\self::_send_binary_packet() -

get_seq_no

Get Sequence Number

public int $get_seq_no

See 'Section 6.4. Data Integrity' of rfc4253 for more info.

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

server_channels

Server Channels

public array $server_channels

Maps client channels to server channels

See Also:

  • \phpseclib\Net\self::_get_channel_packet() - * \phpseclib\Net\self::exec() -

channel_buffers

Channel Buffers

public array $channel_buffers

If a client requests a packet from one channel but receives two packets from another those packets should be placed in a buffer

See Also:

  • \phpseclib\Net\self::_get_channel_packet() - * \phpseclib\Net\self::exec() -

channel_status

Channel Status

public array $channel_status

Contains the type of the last sent message

See Also:

  • \phpseclib\Net\self::_get_channel_packet() -

packet_size_client_to_server

Packet Size

public array $packet_size_client_to_server

Maximum packet size indexed by channel

See Also:

  • \phpseclib\Net\self::_send_channel_packet() -

message_number_log

Message Number Log

public array $message_number_log

See Also:

  • \phpseclib\Net\self::getLog() -

message_log

Message Log

public array $message_log

See Also:

  • \phpseclib\Net\self::getLog() -

window_size

The Window Size

public int $window_size

Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB)

See Also:

  • \phpseclib\Net\self::_send_channel_packet() - * \phpseclib\Net\self::exec() -

window_resize

What we resize the window to

public int $window_resize

When PuTTY resizes the window it doesn't add an additional 0x7FFFFFFF bytes - it adds 0x40000000 bytes. Some SFTP clients (GoAnywhere) don't support adding 0x7FFFFFFF to the window size after the fact so we'll just do what PuTTY does

See Also:

  • \phpseclib\Net\self::_send_channel_packet() - * \phpseclib\Net\self::exec() -

window_size_server_to_client

Window size, server to client

public array $window_size_server_to_client

Window size indexed by channel

See Also:

  • \phpseclib\Net\self::_send_channel_packet() -

window_size_client_to_server

Window size, client to server

public array $window_size_client_to_server

Window size indexed by channel

See Also:

  • \phpseclib\Net\self::_get_channel_packet() -

signature

Server signature

public string $signature

Verified against $this->session_id

See Also:

  • \phpseclib\Net\self::getServerPublicHostKey() -

signature_format

Server signature format

public string $signature_format

ssh-rsa or ssh-dss.

See Also:

  • \phpseclib\Net\self::getServerPublicHostKey() -

interactiveBuffer

Interactive Buffer

public array $interactiveBuffer

See Also:

  • \phpseclib\Net\self::read() -

log_size

Current log size

public int $log_size

Should never exceed self::LOG_MAX_SIZE

See Also:

  • \phpseclib\Net\self::_send_binary_packet() - * \phpseclib\Net\self::_get_binary_packet() -

timeout

Timeout

public $timeout

See Also:

  • \phpseclib\Net\self::setTimeout() -

curTimeout

Current Timeout

public $curTimeout

See Also:

  • \phpseclib\Net\self::_get_channel_packet() -

keepAlive

Keep Alive Interval

public $keepAlive

See Also:

  • \phpseclib\Net\self::setKeepAlive() -

realtime_log_file

Real-time log file pointer

public resource $realtime_log_file

See Also:

  • \phpseclib\Net\self::_append_log() -

realtime_log_size

Real-time log file size

public int $realtime_log_size

See Also:

  • \phpseclib\Net\self::_append_log() -

signature_validated

Has the signature been validated?

public bool $signature_validated

See Also:

  • \phpseclib\Net\self::getServerPublicHostKey() -

realtime_log_wrap

Real-time log file wrap boolean

public $realtime_log_wrap

See Also:

  • \phpseclib\Net\self::_append_log() -

quiet_mode

Flag to suppress stderr from output

public $quiet_mode

See Also:

  • \phpseclib\Net\self::enableQuietMode() -

last_packet

Time of first network activity

public int $last_packet

exit_status

Exit status returned from ssh if any

public int $exit_status

request_pty

Flag to request a PTY when using exec()

public bool $request_pty

See Also:

  • \phpseclib\Net\self::enablePTY() -

in_request_pty_exec

Flag set while exec() is running when using enablePTY()

public bool $in_request_pty_exec

in_subsystem

Flag set after startSubsystem() is called

public bool $in_subsystem

stdErrorLog

Contents of stdError

public string $stdErrorLog

last_interactive_response

The Last Interactive Response

public string $last_interactive_response

See Also:

  • \phpseclib\Net\self::_keyboard_interactive_process() -

keyboard_requests_responses

Keyboard Interactive Request / Responses

public array $keyboard_requests_responses

See Also:

  • \phpseclib\Net\self::_keyboard_interactive_process() -

Banner Message

public string $banner_message

Quoting from the RFC, "in some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection."

See Also:

  • \phpseclib\Net\self::_filter() - * \phpseclib\Net\self::getBannerMessage() -

is_timeout

Did read() timeout or return normally?

public bool $is_timeout

See Also:

  • \phpseclib\Net\self::isTimeout() -

log_boundary

Log Boundary

public string $log_boundary

See Also:

  • \phpseclib\Net\self::_format_log() -

log_long_width

Log Long Width

public int $log_long_width

See Also:

  • \phpseclib\Net\self::_format_log() -

log_short_width

Log Short Width

public int $log_short_width

See Also:

  • \phpseclib\Net\self::_format_log() -

host

Hostname

public string $host

See Also:

  • \phpseclib\Net\self::__construct() - * \phpseclib\Net\self::_connect() -

port

Port Number

public int $port

See Also:

  • \phpseclib\Net\self::__construct() - * \phpseclib\Net\self::_connect() -

windowColumns

Number of columns for terminal window size

public int $windowColumns

See Also:

  • \phpseclib\Net\self::getWindowColumns() - * \phpseclib\Net\self::setWindowColumns() - * \phpseclib\Net\self::setWindowSize() -

windowRows

Number of columns for terminal window size

public int $windowRows

See Also:

  • \phpseclib\Net\self::getWindowRows() - * \phpseclib\Net\self::setWindowRows() - * \phpseclib\Net\self::setWindowSize() -

crypto_engine

Crypto Engine

public int $crypto_engine

See Also:

  • \phpseclib\Net\self::setCryptoEngine() - * \phpseclib\Net\self::_key_exchange() -

agent

A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario

public \phpseclib\Net\System_SSH_Agent $agent

send_id_string_first

Send the identification string first?

public bool $send_id_string_first

send_kex_first

Send the key exchange initiation packet first?

public bool $send_kex_first

bad_key_size_fix

Some versions of OpenSSH incorrectly calculate the key size

public bool $bad_key_size_fix

retry_connect

Should we try to re-connect to re-establish keys?

public bool $retry_connect

binary_packet_buffer

Binary Packet Buffer

public string|false $binary_packet_buffer

preferred_signature_format

Preferred Signature Format

public string|false $preferred_signature_format

auth

Authentication Credentials

public array $auth

auth_methods_to_continue

The authentication methods that may productively continue authentication.

public array|null $auth_methods_to_continue

See Also:

  • https://tools.ietf.org/html/rfc4252#section-5.1 -

compress

Compression method

public int $compress

decompress

Decompression method

public resource|object $decompress

compress_context

Compression context

public int $compress_context

decompress_context

Decompression context

public resource|object $decompress_context

regenerate_compression_context

Regenerate Compression Context

public bool $regenerate_compression_context

regenerate_decompression_context

Regenerate Decompression Context

public bool $regenerate_decompression_context

smartMFA

Smart multi-factor authentication flag

public bool $smartMFA

extra_packets

Extra packets counter

public bool $extra_packets

Methods

__construct

Default Constructor.

public __construct(mixed $host, int $port = 22, int $timeout = 10): \phpseclib\Net\SSH2

$host can either be a string, representing the host, or a stream resource. If $host is a stream resource then $port doesn't do anything, altho $timeout still will be used

Parameters:

Parameter Type Description
$host mixed
$port int
$timeout int

See Also:

  • \phpseclib\Net\self::login() -

setCryptoEngine

Set Crypto Engine Mode

public setCryptoEngine(int $engine): mixed

Possible $engine values: CRYPT_MODE_INTERNAL, CRYPT_MODE_MCRYPT

Parameters:

Parameter Type Description
$engine int

sendIdentificationStringFirst

Send Identification String First

public sendIdentificationStringFirst(): mixed

https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, both sides MUST send an identification string". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy

sendIdentificationStringLast

Send Identification String Last

public sendIdentificationStringLast(): mixed

https://tools.ietf.org/html/rfc4253#section-4.2 says "when the connection has been established, both sides MUST send an identification string". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy

sendKEXINITFirst

Send SSH_MSG_KEXINIT First

public sendKEXINITFirst(): mixed

https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy

sendKEXINITLast

Send SSH_MSG_KEXINIT Last

public sendKEXINITLast(): mixed

https://tools.ietf.org/html/rfc4253#section-7.1 says "key exchange begins by each sending sending the [SSH_MSG_KEXINIT] packet". It does not say which side sends it first. In theory it shouldn't matter but it is a fact of life that some SSH servers are simply buggy

_connect

Connect to an SSHv2 server

public _connect(): bool

_generate_identifier

Generates the SSH identifier

public _generate_identifier(): string

You should overwrite this method in your own class if you want to use another identifier

_key_exchange

Key Exchange

public _key_exchange(string $kexinit_payload_server = false): mixed

Parameters:

Parameter Type Description
$kexinit_payload_server string optional

_encryption_algorithm_to_key_size

Maps an encryption algorithm name to the number of key bytes.

public _encryption_algorithm_to_key_size(string $algorithm): int|null

Parameters:

Parameter Type Description
$algorithm string Name of the encryption algorithm

Return Value:

Number of bytes as an integer or null for unknown

_encryption_algorithm_to_crypt_instance

Maps an encryption algorithm name to an instance of a subclass of \phpseclib\Crypt\Base.

public _encryption_algorithm_to_crypt_instance(string $algorithm): mixed

Parameters:

Parameter Type Description
$algorithm string Name of the encryption algorithm

Return Value:

Instance of \phpseclib\Crypt\Base or null for unknown

_bad_algorithm_candidate

Tests whether or not proposed algorithm has a potential for issues

public _bad_algorithm_candidate(string $algorithm): bool

Parameters:

Parameter Type Description
$algorithm string Name of the encryption algorithm

See Also:

  • https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html - * https://bugzilla.mindrot.org/show_bug.cgi?id=1291 -

login

Login

public login(string $username): bool

The $password parameter can be a plaintext password, a \phpseclib\Crypt\RSA object or an array

Parameters:

Parameter Type Description
$username string

See Also:

  • \phpseclib\Net\self::_login() -

_login

Login Helper

public _login(string $username): bool

Parameters:

Parameter Type Description
$username string

See Also:

  • \phpseclib\Net\self::_login_helper() -

_keyboard_interactive_login

Login via keyboard-interactive authentication

public _keyboard_interactive_login(string $username, string $password): bool

See {@link http://tools.ietf.org/html/rfc4256} for details. This is not a full-featured keyboard-interactive authenticator.

Parameters:

Parameter Type Description
$username string
$password string

_keyboard_interactive_process

Handle the keyboard-interactive requests / responses.

public _keyboard_interactive_process(): bool

_ssh_agent_login

Login with an ssh-agent provided key

public _ssh_agent_login(string $username, \phpseclib\System\SSH\Agent $agent): bool

Parameters:

Parameter Type Description
$username string
$agent \phpseclib\System\SSH\Agent

getTimeout

Return the currently configured timeout

public getTimeout(): int

setTimeout

Set Timeout

public setTimeout(mixed $timeout): mixed

$ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. Setting $timeout to false or 0 will mean there is no timeout.

Parameters:

Parameter Type Description
$timeout mixed

setKeepAlive

Set Keep Alive

public setKeepAlive(int $interval): mixed

Sends an SSH2_MSG_IGNORE message every x seconds, if x is a positive non-zero number.

Parameters:

Parameter Type Description
$interval int

getStdError

Get the output from stdError

public getStdError(): mixed

exec

Execute Command

public exec(string $command, callable $callback = null): string

If $callback is set to false then \phpseclib\Net\SSH2::_get_channel_packet(self::CHANNEL_EXEC) will need to be called manually. In all likelihood, this is not a feature you want to be taking advantage of.

Parameters:

Parameter Type Description
$command string
$callback callable

_initShell

Creates an interactive shell

public _initShell(): bool

See Also:

  • \phpseclib\Net\self::read() - * \phpseclib\Net\self::write() -

_get_interactive_channel

Return the channel to be used with read() / write()

public _get_interactive_channel(): int

See Also:

  • \phpseclib\Net\self::read() - * \phpseclib\Net\self::write() -

_get_open_channel

Return an available open channel

public _get_open_channel(): int

read

Returns the output of an interactive shell

public read(string $expect = '', int $mode = self::READ_SIMPLE): string|bool

Returns when there's a match for $expect, which can take the form of a string literal or, if $mode == self::READ_REGEX, a regular expression.

Parameters:

Parameter Type Description
$expect string
$mode int

See Also:

  • \phpseclib\Net\self::write() -

write

Inputs a command into an interactive shell.

public write(string $cmd): bool

Parameters:

Parameter Type Description
$cmd string

See Also:

  • \phpseclib\Net\self::read() -

startSubsystem

Start a subsystem.

public startSubsystem(string $subsystem): bool

Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented if there's sufficient demand for such a feature.

Parameters:

Parameter Type Description
$subsystem string

See Also:

  • \phpseclib\Net\self::stopSubsystem() -

stopSubsystem

Stops a subsystem.

public stopSubsystem(): bool

See Also:

  • \phpseclib\Net\self::startSubsystem() -

reset

Closes a channel

public reset(): mixed

If read() timed out you might want to just close the channel and have it auto-restart on the next read() call

isTimeout

Is timeout?

public isTimeout(): mixed

Did exec() or read() return because they timed out or because they encountered the end?

disconnect

Disconnect

public disconnect(): mixed

__destruct

Destructor.

public __destruct(): mixed

Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call disconnect().

isConnected

Is the connection still active?

public isConnected(): bool

isAuthenticated

Have you successfully been logged in?

public isAuthenticated(): bool

ping

Pings a server connection, or tries to reconnect if the connection has gone down

public ping(): bool

Inspired by http://php.net/manual/en/mysqli.ping.php

_reconnect

In situ reconnect method

public _reconnect(): bool

_reset_connection

Resets a connection for re-use

public _reset_connection(int $reason): mixed

Parameters:

Parameter Type Description
$reason int

_get_binary_packet

Gets Binary Packets

public _get_binary_packet(mixed $skip_channel_filter = false): string

See '6. Binary Packet Protocol' of rfc4253 for more info.

Parameters:

Parameter Type Description
$skip_channel_filter mixed

See Also:

  • \phpseclib\Net\self::_send_binary_packet() -

_filter

Filter Binary Packets

public _filter(mixed $payload, mixed $skip_channel_filter): string

Because some binary packets need to be ignored...

Parameters:

Parameter Type Description
$payload mixed
$skip_channel_filter mixed

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

enableQuietMode

Enable Quiet Mode

public enableQuietMode(): mixed

Suppress stderr from output

disableQuietMode

Disable Quiet Mode

public disableQuietMode(): mixed

Show stderr in output

isQuietModeEnabled

Returns whether Quiet Mode is enabled or not

public isQuietModeEnabled(): bool

See Also:

  • \phpseclib\Net\self::enableQuietMode() - * \phpseclib\Net\self::disableQuietMode() -

enablePTY

Enable request-pty when using exec()

public enablePTY(): mixed

disablePTY

Disable request-pty when using exec()

public disablePTY(): mixed

isPTYEnabled

Returns whether request-pty is enabled or not

public isPTYEnabled(): bool

See Also:

  • \phpseclib\Net\self::enablePTY() - * \phpseclib\Net\self::disablePTY() -

_get_channel_packet

Gets channel data

public _get_channel_packet(int $client_channel, bool $skip_extended = false): mixed|bool

Returns the data as a string if it's available and false if not.

Parameters:

Parameter Type Description
$client_channel int
$skip_extended bool

_send_binary_packet

Sends Binary Packets

public _send_binary_packet(string $data, string $logged = null): bool

See '6. Binary Packet Protocol' of rfc4253 for more info.

Parameters:

Parameter Type Description
$data string
$logged string

See Also:

  • \phpseclib\Net\self::_get_binary_packet() -

_append_log

Logs data packets

public _append_log(string $message_number, string $message): mixed

Makes sure that only the last 1MB worth of packets will be logged

Parameters:

Parameter Type Description
$message_number string
$message string

_send_channel_packet

Sends channel data

public _send_channel_packet(int $client_channel, string $data): bool

Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate

Parameters:

Parameter Type Description
$client_channel int
$data string

_close_channel

Closes and flushes a channel

public _close_channel(int $client_channel, bool $want_reply = false): bool

\phpseclib\Net\SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server and for SFTP channels are presumably closed when the client disconnects. This functions is intended for SCP more than anything.

Parameters:

Parameter Type Description
$client_channel int
$want_reply bool

_disconnect

Disconnect

public _disconnect(int $reason): bool

Parameters:

Parameter Type Description
$reason int

_string_shift

String Shift

public _string_shift(string& $string, int $index = 1): string

Inspired by array_shift

Parameters:

Parameter Type Description
$string string
$index int

_define_array

Define Array

public _define_array(): mixed

Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of named constants from it, using the value as the name of the constant and the index as the value of the constant. If any of the constants that would be defined already exists, none of the constants will be defined.

getLog

Returns a log of the packets that have been sent and received.

public getLog(): array|false|string

Returns a string if NET_SSH2_LOGGING == self::LOG_COMPLEX, an array if NET_SSH2_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING')

_format_log

Formats a log for printing

public _format_log(array $message_log, array $message_number_log): string

Parameters:

Parameter Type Description
$message_log array
$message_number_log array

_format_log_helper

Helper function for _format_log

public _format_log_helper(array $matches): string

For use with preg_replace_callback()

Parameters:

Parameter Type Description
$matches array

_on_channel_open

Helper function for agent->_on_channel_open()

public _on_channel_open(): mixed

Used when channels are created to inform agent of said channel opening. Must be called after channel open confirmation received

_array_intersect_first

Returns the first value of the intersection of two arrays or false if the intersection is empty. The order is defined by the first parameter.

public _array_intersect_first(array $array1, array $array2): mixed

Parameters:

Parameter Type Description
$array1 array
$array2 array

Return Value:

False if intersection is empty, else intersected value.

getErrors

Returns all errors / debug messages on the SSH layer

public getErrors(): string[]

If you are looking for messages from the SFTP layer, please see SFTP::getSFTPErrors()

getLastError

Returns the last error received on the SSH layer

public getLastError(): string

If you are looking for messages from the SFTP layer, please see SFTP::getLastSFTPError()

getServerIdentification

Return the server identification.

public getServerIdentification(): string

getKexAlgorithms

Return a list of the key exchange algorithms the server supports.

public getKexAlgorithms(): array

getServerHostKeyAlgorithms

Return a list of the host key (public key) algorithms the server supports.

public getServerHostKeyAlgorithms(): array

getEncryptionAlgorithmsClient2Server

Return a list of the (symmetric key) encryption algorithms the server supports, when receiving stuff from the client.

public getEncryptionAlgorithmsClient2Server(): array

getEncryptionAlgorithmsServer2Client

Return a list of the (symmetric key) encryption algorithms the server supports, when sending stuff to the client.

public getEncryptionAlgorithmsServer2Client(): array

getMACAlgorithmsClient2Server

Return a list of the MAC algorithms the server supports, when receiving stuff from the client.

public getMACAlgorithmsClient2Server(): array

getMACAlgorithmsServer2Client

Return a list of the MAC algorithms the server supports, when sending stuff to the client.

public getMACAlgorithmsServer2Client(): array

getCompressionAlgorithmsClient2Server

Return a list of the compression algorithms the server supports, when receiving stuff from the client.

public getCompressionAlgorithmsClient2Server(): array

getCompressionAlgorithmsServer2Client

Return a list of the compression algorithms the server supports, when sending stuff to the client.

public getCompressionAlgorithmsServer2Client(): array

getLanguagesServer2Client

Return a list of the languages the server supports, when sending stuff to the client.

public getLanguagesServer2Client(): array

getLanguagesClient2Server

Return a list of the languages the server supports, when receiving stuff from the client.

public getLanguagesClient2Server(): array

getServerAlgorithms

Returns a list of algorithms the server supports

public getServerAlgorithms(): array

getSupportedKEXAlgorithms

Returns a list of KEX algorithms that phpseclib supports

public getSupportedKEXAlgorithms(): array

getSupportedHostKeyAlgorithms

Returns a list of host key algorithms that phpseclib supports

public getSupportedHostKeyAlgorithms(): array

getSupportedEncryptionAlgorithms

Returns a list of symmetric key algorithms that phpseclib supports

public getSupportedEncryptionAlgorithms(): array

getSupportedMACAlgorithms

Returns a list of MAC algorithms that phpseclib supports

public getSupportedMACAlgorithms(): array

getSupportedCompressionAlgorithms

Returns a list of compression algorithms that phpseclib supports

public getSupportedCompressionAlgorithms(): array

getAlgorithmsNegotiated

Return list of negotiated algorithms

public getAlgorithmsNegotiated(): array

Uses the same format as https://www.php.net/ssh2-methods-negotiated

setPreferredAlgorithms

Accepts an associative array with up to four parameters as described at https://www.php.net/manual/en/function.ssh2-connect.php

public setPreferredAlgorithms(array $methods): mixed

Parameters:

Parameter Type Description
$methods array

getBannerMessage

Returns the banner message.

public getBannerMessage(): string

Quoting from the RFC, "in some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection."

getServerPublicHostKey

Returns the server public host key.

public getServerPublicHostKey(): mixed

Caching this the first time you connect to a server and checking the result on subsequent connections is recommended. Returns false if the server signature is not signed correctly with the public host key.

getExitStatus

Returns the exit status of an SSH command or false.

public getExitStatus(): false|int

getWindowColumns

Returns the number of columns for the terminal window size.

public getWindowColumns(): int

getWindowRows

Returns the number of rows for the terminal window size.

public getWindowRows(): int

setWindowColumns

Sets the number of columns for the terminal window size.

public setWindowColumns(int $value): mixed

Parameters:

Parameter Type Description
$value int

setWindowRows

Sets the number of rows for the terminal window size.

public setWindowRows(int $value): mixed

Parameters:

Parameter Type Description
$value int

setWindowSize

Sets the number of columns and rows for the terminal window size.

public setWindowSize(int $columns = 80, int $rows = 24): mixed

Parameters:

Parameter Type Description
$columns int
$rows int

_updateLogHistory

Update packet types in log history

public _updateLogHistory(string $old, string $new): mixed

Parameters:

Parameter Type Description
$old string
$new string

getAuthMethodsToContinue

Return the list of authentication methods that may productively continue authentication.

public getAuthMethodsToContinue(): array|null

See Also:

  • https://tools.ietf.org/html/rfc4252#section-5.1 -

enableSmartMFA

Enables "smart" multi-factor authentication (MFA)

public enableSmartMFA(): mixed

disableSmartMFA

Disables "smart" multi-factor authentication (MFA)

public disableSmartMFA(): mixed

Automatically generated on 2025-03-18