Exceptions are thrown whenever a
bool(true) or a
bool(false) is insufficient to capture the error.
login() for example. If
bool(true) means that the login was successful then it stands to reason that
bool(false) would mean that the login was not successful. But what if there was a connection error in the login process?
bool(false) could be returned but then you couldn't distinguish between bad passwords (which is a bit of an oversimplification) or connection errors.
phpseclib throws exceptions for various errors:
Key Exchange Errors:
\phpseclib3\Exception\InsufficientSetupException: thrown when you try to perform certain operations prior to being logged in
Depending on the situation an exception may or may not result in the SSH2 session being closed.
SSH2.php doesn't connect to a server after the constructor has been called - it makes the connection after one of the following methods is called:
isConnected() prior to any of these methods will return
bool(false). Premature closure of the session will also result in
bool(true) only after you've been successfully logged in.
getErrors() returns an array of all errors or messages that have been reported by the server.
getLastError() returns the most recent of these errors / messages.
getSFTPLastError() work similarily for the SFTP layer.
getServerIdentification() returns the server identification string. eg.
SSH-2.0-OpenSSH_8.0p1 Ubuntu-6build1 or whatever.
Quoting RFC4252 § 5.4. Banner Message, "In some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection. Many UNIX machines, for example, normally display text from /etc/issue, use TCP wrappers, or similar software to display a banner before issuing a login prompt."
Logging can be enabled by doing the following:
Several different logging options exist:
Can be obtained with
$ssh->getLog(), which returns an array that, when passed through
print_r, looks like simple.txt.
Can be obtained with
$ssh->getLog(), which return a string that looks like complex.txt. These logs are capped at 1 MiB.
Outputs, in realtime, logs that look like complex.txt.
$ssh->getLog()does nothing with this method.
Logs data to a file realtime. Useful if your script is stalling or dying before you have a chance to call
Used in conjunction with
Log sizes are capped at 1 MiB. If they go over the log file will wrap around. Outside of the wrap around boundry the log files otherwise look like complex.txt.
For all log types, if you're logging in with password authentication, whatever password you were using is replaced with 'password'. So if your password was actually '123456' (the most common password in 2019) it'll be replaced with 'password' in the logs.
SFTP logs can be enabled thusly:
The logging options are largely the same as they are for SSH2, with the caveat that there is no analog to