A bug exists in PHP that prevents users from connecting to a remote infrastructure using SSH with a passphrase. You are able to connect using the command line, but may encounter problems with the same key pair when connecting using PHP. This can also potentially be a problem if you’re using SSH tunneling for server-side applications.
Note
You cannot SSH directly into Cloud Platform database infrastructure
(fsdb and fsdbmesh machines), but you can SSH into web
infrastructure.
The version of PHP that is making this connection (whether it’s running locally or on a remote infrastructure) needs the SSH2 PHP extension.
Here’s an example of some PHP you might use to try to connect to an Cloud Platform infrastructure:
<?php
$conn_id = ssh2_connect("srv-NNNN.devcloud.hosting.acquia.com",22, array('hostkey'=>'ssh-rsa'));
if (ssh2_auth_pubkey_file($conn_id, 'username','/Users/usename/.ssh/key.pub','/Users/username/.ssh/key','passphrase')) {
echo "Public Key Authentication Successful\n";
} else {
die('Public Key Authentication Failed');
}
?>
If the key.pub file requires a passphrase, the connection attempt
can fail with this error:
PHP Warning: ssh2_auth_pubkey_file(): Authentication failed for <username>
using public key: Callback returned error in <path_to_script>
line <line_number>
This is still an open bug with PHP. To work around this on Cloud Platform,
create a public/private key pair without a passphrase. Then, add it to
your Acquia profile using the
Cloud Platform interface. You can then use the key, using
ssh2_auth_pubkey_file() (as in the preceding example) without the optional
passphrase parameter.