Cloud Platform

Issue connecting with SSH in PHP using keys with passphrases

A bug exists in PHP that prevents users from connecting to a remote infrastructure using SSH with a passphrase. You are able to connect using the command line, but may encounter problems with the same key pair when connecting using PHP. This can also potentially be a problem if you’re using SSH tunneling for server-side applications.


You cannot SSH directly into Cloud Platform database infrastructure (fsdb and fsdbmesh machines), but you can SSH into web infrastructure.

The version of PHP that is making this connection (whether it’s running locally or on a remote infrastructure) needs the SSH2 PHP extension.

Here’s an example of some PHP you might use to try to connect to an Cloud Platform infrastructure:


   $conn_id = ssh2_connect("",22, array('hostkey'=>'ssh-rsa'));

   if (ssh2_auth_pubkey_file($conn_id, 'username','/Users/usename/.ssh/','/Users/username/.ssh/key','passphrase')) {
      echo "Public Key Authentication Successful\n";
      } else {
      die('Public Key Authentication Failed');


If the file requires a passphrase, the connection attempt can fail with this error:

PHP Warning:  ssh2_auth_pubkey_file(): Authentication failed for <username>
using public key: Callback returned error in <path_to_script>
line <line_number>

This is still an open bug with PHP. To work around this on Cloud Platform, create a public/private key pair without a passphrase. Then, add it to your Acquia profile using the Cloud Platform interface. You can then use the key, using ssh2_auth_pubkey_file() (as in the preceding example) without the optional passphrase parameter.