I have a script which allows a user to upload a file. The script does
some filename editing, mimetype checking, etc., and it's then supposed
to send the file to a remote server, without any username/password
prompt ( I have root access to both servers ).
I'm trying to run an exec/passthru command using scp or rsync, but
there's one fundamental question that I can't answer. When exec is
called from the command line, e.g. `php some_script.php`, the user
executing the php script will be whatever user is currently logged
into the shell. Which user executes php when it's called from http?
In order to use scp and rsync without being prompted for username/
password on every command, you need to set the .ssh/authorized_keys on
the remote server to accept your login, but without a username I can't
do that...
Here's the section that doesn't work:
<?php
$filename = "test.txt" ;
$dest = "/home/user/htdocs/upload/" . $filename ;
exec("scp $filename re********@some.remove.server:$dest", $output) ;
print_r($output) ;
?>
Now when run from the shell, you can add your specific login to the
authorized_keys to circumvent manually entering user/pass, but when
called from http, the script hangs and fails since authorized_keys is
not set for whatever user executes PHP.
So which user executes php from http? And is there a better way to do
this?? 4  12560 
You could use the -i option to use a different key file. You can
create a new key, then do something like:
scp -q -i /path/to/my-id file user@host:/path
Or setup sudo, which would be better.
You can get the current web user like so:
echo posix_getpwuid(posix_geteuid());
On Jan 31, 2:25 pm, "Tom" <bie...@gmail.comwrote:
I have a script which allows a user to upload a file. The script does
some filename editing, mimetype checking, etc., and it's then supposed
to send the file to a remote server, without any username/password
prompt ( I have root access to both servers ).
I'm trying to run an exec/passthru command using scp or rsync, but
there's one fundamental question that I can't answer. When exec is
called from the command line, e.g. `php some_script.php`, the user
executing the php script will be whatever user is currently logged
into the shell. Which user executes php when it's called from http?
In order to use scp and rsync without being prompted for username/
password on every command, you need to set the .ssh/authorized_keys on
the remote server to accept your login, but without a username I can't
do that...
Here's the section that doesn't work:
<?php
$filename = "test.txt" ;
$dest = "/home/user/htdocs/upload/" . $filename ;
exec("scp $filename remoteu...@some.remove.server:$dest", $output) ;
print_r($output) ;
?>
Now when run from the shell, you can add your specific login to the
authorized_keys to circumvent manually entering user/pass, but when
called from http, the script hangs and fails since authorized_keys is
not set for whatever user executes PHP.
So which user executes php from http? And is there a better way to do
this??
On Wed, 31 Jan 2007 11:25:46 -0800, Tom <bi****@gmail.comwrote:
I have a script which allows a user to upload a file. The script does
some filename editing, mimetype checking, etc., and it's then supposed
to send the file to a remote server, without any username/password
prompt ( I have root access to both servers ).
I'm trying to run an exec/passthru command using scp or rsync, but
there's one fundamental question that I can't answer. When exec is
called from the command line, e.g. `php some_script.php`, the user
executing the php script will be whatever user is currently logged
into the shell. Which user executes php when it's called from http?
In order to use scp and rsync without being prompted for username/
password on every command, you need to set the .ssh/authorized_keys on
the remote server to accept your login, but without a username I can't
do that...
Here's the section that doesn't work:
<?php
$filename = "test.txt" ;
$dest = "/home/user/htdocs/upload/" . $filename ;
exec("scp $filename re********@some.remove.server:$dest", $output) ;
print_r($output) ;
?>
Now when run from the shell, you can add your specific login to the
authorized_keys to circumvent manually entering user/pass, but when
called from http, the script hangs and fails since authorized_keys is
not set for whatever user executes PHP.
So which user executes php from http? And is there a better way to do
this??
Apache should be running as nobody, and thus, so should your scripts.
petersprc's ideas also look helpful, if you're not sure.
--
Curtis, http://dyersweb.com
On Jan 31, 11:30 pm, Curtis <dyers...@verizon.netwrote:
On Wed, 31 Jan 2007 11:25:46 -0800, Tom <bie...@gmail.comwrote:
I have a script which allows a user to upload a file. The script does
some filename editing, mimetype checking, etc., and it's then supposed
to send the file to a remote server, without any username/password
prompt ( I have root access to both servers ).
I'm trying to run an exec/passthru command using scp or rsync, but
there's one fundamental question that I can't answer. When exec is
called from the command line, e.g. `php some_script.php`, the user
executing the php script will be whatever user is currently logged
into the shell. Which user executes php when it's called from http?
In order to use scp and rsync without being prompted for username/
password on every command, you need to set the .ssh/authorized_keys on
the remote server to accept your login, but without a username I can't
do that...
Here's the section that doesn't work:
<?php
$filename = "test.txt" ;
$dest = "/home/user/htdocs/upload/" . $filename ;
exec("scp $filename remoteu...@some.remove.server:$dest", $output) ;
print_r($output) ;
?>
Now when run from the shell, you can add your specific login to the
authorized_keys to circumvent manually entering user/pass, but when
called from http, the script hangs and fails since authorized_keys is
not set for whatever user executes PHP.
So which user executes php from http? And is there a better way to do
this??
Apache should be running as nobody, and thus, so should your scripts.
petersprc's ideas also look helpful, if you're not sure.
--
Curtis,http://dyersweb.com
Thanks for the help. I don't believe you can make an id_rsa.pub file
with user `nobody', although it would be interesting to see if you can
manually edit those rsa keys :-)
After all my searching I've found that the PECL extension libssh2 is
really what I'm looking for here: http://us2.php.net/manual/en/ref.ssh2.php
On Wed, 31 Jan 2007 22:52:49 -0800, Tom <bi****@gmail.comwrote:
On Jan 31, 11:30 pm, Curtis <dyers...@verizon.netwrote:
>On Wed, 31 Jan 2007 11:25:46 -0800, Tom <bie...@gmail.comwrote:
I have a script which allows a user to upload a file. The script does
some filename editing, mimetype checking, etc., and it's then supposed
to send the file to a remote server, without any username/password
prompt ( I have root access to both servers ).
I'm trying to run an exec/passthru command using scp or rsync, but
there's one fundamental question that I can't answer. When exec is
called from the command line, e.g. `php some_script.php`, the user
executing the php script will be whatever user is currently logged
into the shell. Which user executes php when it's called from http?
In order to use scp and rsync without being prompted for username/
password on every command, you need to set the .ssh/authorized_keyson
the remote server to accept your login, but without a username I can't
do that...
Here's the section that doesn't work:
<?php
$filename = "test.txt" ;
$dest = "/home/user/htdocs/upload/" . $filename ;
exec("scp $filename remoteu...@some.remove.server:$dest", $output) ;
print_r($output) ;
?>
Now when run from the shell, you can add your specific login to the
authorized_keys to circumvent manually entering user/pass, but when
called from http, the script hangs and fails since authorized_keys is
not set for whatever user executes PHP.
So which user executes php from http? And is there a better way todo
this??
Apache should be running as nobody, and thus, so should your scripts.
petersprc's ideas also look helpful, if you're not sure.
--
Curtis,http://dyersweb.com
Thanks for the help. I don't believe you can make an id_rsa.pub file
with user `nobody', although it would be interesting to see if you can
manually edit those rsa keys :-)
After all my searching I've found that the PECL extension libssh2 is
really what I'm looking for here:
http://us2.php.net/manual/en/ref.ssh2.php
Glad to hear you've found what you were looking for. Good luck!
--
Curtis, http://dyersweb.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Alexander Gilman Carver |
last post by:
I have written a pair of scripts that are supposed to work together to
display an index of files and then, upon the user choosing the files (with
checkboxes on an HTML form submitted to itself),...
|
by: Kolar |
last post by:
1.. EXEC sp_addlinkedserver ServerName1, N'SQL Server'
EXEC sp_addlinkedserver ServerName2
EXEC sp_configure 'remote access', 1
RECONFIGURE
GO
2.. Stop and restart the first SQL Server.
3.....
|
by: bettervssremoting |
last post by:
To view the full article, please visit
http://www.BetterVssRemoting.com
Better VSS Remote Access Tool including SourceOffSite, SourceAnyWhere
and VSS Remoting
This article makes a detailed...
|
by: TWEB |
last post by:
I think I may have an IIS / ASP.Net Configuration issue that I need some
guidance with resolving.
Here's the problem:
a) I have a .stm file.
b) I referenc a .aspx file on this .stm file using a...
|
by: robert |
last post by:
Hello,
I want to put (incrementally) changed/new files from a big file tree
"directly,compressed and password-only-encrypted" to a remote backup
server incrementally via FTP,SFTP or DAV.... At...
|
by: Prarthana Choudhary |
last post by:
Hi,
I have to search some tablename in all of existing SPs.
I want to have content of all SPs in a particular text file .
Plz tell me...how can I transfer the result of all executed statements...
|
by: boomertoo55 |
last post by:
Trying to exec DTS task involving load of MS Access table to SQL Server 2000 table using Data Pump task via remote exec of xp_cmdshell command of dtsrun. That is, on client, connect to database...
|
by: axelman |
last post by:
Hi guys,
I'm using Classic ASP, IIS6, IE 7, FF 3
I've developed a vb script to downloand files hosted in my server (zip, doc,
pdf, jpg, xls, et. etc.) it's very straight forward and there's a ...
|
by: empiresolutions |
last post by:
I'm trying to call a PHP page to run when called from another page. To do this it seems i have to use the exec() function. The code would go something like
// set pathing
$file =...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
