CXXVIII. Secure Shell2 Functions


Bindings to the libssh2 library which provide access to resources (shell, remote exec, tunneling, file transfer) on a remote machine using a secure cryptographic transport.


Windows binaries may be found at To install, download php_ssh2.dll to the folder specified by your php.ini file's extension_dir directive. Enable it by adding extension=php_ssh2.dll to your php.ini and restarting your webserver.


Linux, BSD, and other *nix variants can be compiled using the following steps:

  • Download and install OpenSSL. If you install OpenSSL via your distribution's packaging system be sure to install the development libraries as well. This will typically be a package named openssl-dev, openssl_devel, or some variation thereof.

  • Download and install libssh2. Typically this means executing the following command from the libssh2 source tree. ./configure && make all install.

  • Run the pear installer for PECL/ssh2: pear install ssh2

  • Copy from the directory indicated by the build process to the location specified in your php.ini file under extension_dir.

  • Add to your php.ini

  • Restart your webserver to reload your php.ini settings.

Development Versions: There are currently no stable versions of PECL/ssh2, to force installation of the beta version of PECL/ssh2 execute: pear install ssh2-beta

Compiling PECL/ssh2 without using the PEAR command: Rather than using pear install ssh2 to automatically download and install PECL/ssh2, you may download the tarball from PECL. From the root of the unpacked tarball, run: phpize && ./configure --with-ssh2 && make to generate Once built, continue the installation from step 4 above.


注: You will need version 0.4 or greater of the libssh2 library (possibly higher, see release notes).


以下常量由本扩展模块定义,因此只有在本扩展模块被编译到 PHP 中,或者在运行时被动态加载后才有效。


Flag to ssh2_fingerprint() requesting hostkey fingerprint as an MD5 hash.


Flag to ssh2_fingerprint() requesting hostkey fingerprint as an SHA1 hash.


Flag to ssh2_fingerprint() requesting hostkey fingerprint as a string of hexits.


Flag to ssh2_fingerprint() requesting hostkey fingerprint as a raw string of 8-bit characters.


Flag to ssh2_shell() specifying that width and height are provided as character sizes.


Flag to ssh2_shell() specifying that width and height are provided in pixel units.


Default terminal width requested by ssh2_shell().


Default terminal height requested by ssh2_shell().


Default terminal units requested by ssh2_shell().


Flag to ssh2_fetch_stream() requesting STDIO subchannel.


Flag to ssh2_fetch_stream() requesting STDERR subchannel.


Default terminal type (e.g. vt102, ansi, xterm, vanilla) requested by ssh2_shell().

ssh2_auth_hostbased_file --  Authenticate using a public hostkey
ssh2_auth_none --  Authenticate as "none"
ssh2_auth_password --  Authenticate over SSH using a plain password
ssh2_auth_pubkey_file --  Authenticate using a public key
ssh2_connect --  Connect to an SSH server
ssh2_exec --  Execute a command on a remote server
ssh2_fetch_stream --  Fetch an extended data stream
ssh2_fingerprint --  Retreive fingerprint of remote server
ssh2_methods_negotiated --  Return list of negotiated methods
ssh2_publickey_add --  Add an authorized publickey
ssh2_publickey_init --  Initialize Publickey subsystem
ssh2_publickey_list --  List currently authorized publickeys
ssh2_publickey_remove --  Remove an authorized publickey
ssh2_scp_recv --  Request a file via SCP
ssh2_scp_send --  Send a file via SCP
ssh2_sftp_lstat --  Stat a symbolic link
ssh2_sftp_mkdir --  Create a directory
ssh2_sftp_readlink --  Return the target of a symbolic link
ssh2_sftp_realpath --  Resolve the realpath of a provided path string
ssh2_sftp_rename --  Rename a remote file
ssh2_sftp_rmdir --  Remove a directory
ssh2_sftp_stat --  Stat a file on a remote filesystem
ssh2_sftp_symlink --  Create a symlink
ssh2_sftp_unlink --  Delete a file
ssh2_sftp --  Initialize SFTP subsystem
ssh2_shell --  Request an interactive shell
ssh2_tunnel --  Open a tunnel through a remote server

add a note add a note User Contributed Notes
S Haycroft
19-Oct-2006 06:30
I also struggled with the
configure: error: libssh2 version >= 0.4 not found
error using verions 0.10 of ssh2 and 0.14 of libssh.

When looking in the config.log file I found that it was unable to find my SSL libraries, and as I installed my openssl in /usr/local/ssl it could not find it.  It was only looking in /usr/local/lib.

To get round this problem, I set
 LDFLAGS="-L /usr/local/ssl/lib"
and this works a treat.
astribuncio at gmail dot com
01-Sep-2006 01:17
Installing on HPUX 11.11 cookbook

Just follow the install instructions on the man page and solved the problems as they appear

- when making libssh2
Problem related with /lib/pa20_64 and 64 bits library in 32 bits link
Edited the configure file  and changed
SHLIB_LDFLAGS="-b +vnocompatwarnings -L/lib/pa20_64"
SHLIB_LDFLAGS="-b +vnocompatwarnings -L/lib"

-when executing phpize
Problems with aclocal, autom4ke and m4
Installed automake, autoconf and m4

-when ./configuring the ssh2
Configure: error: libssh2 version >= 0.4 not found
Edited the configure.m4 and removed the -ldl switch from line (as posted before)
39      -L$SSH2_DIR/lib -lm -ldl
runned phpize again and ./configure --with-ssh2
chris dot britton at cingular dot com
11-Aug-2006 09:11
I was building out the ssh2 extension (0.10) under OpenBSD 3.9 on sparc64 and I got this error when running configure:

checking for libssh2_banner_set in -lssh2... no
configure: error: libssh2 version >= 0.4 not found

I did some poking around in the configure file and traced the problem down.  The reason for the failure is that configure is trying to compile a test program with -ldl.  libdl is not installed on OpenBSD 3.9. The OpenBSD folks purged libdl years ago and I could not find a package that contains it.

(The error message above is misleading because the problem is not with libssh2.)

I looked at the ssh2 extension code and could not see a reason for using libdl, so I removed the -ldl from the config.m4 file.  Re-ran phpize and configure. No errors.  Did make and installed  Works fine.
kickthedonkey at gmail dot com
25-Jul-2006 12:02
Just a quick note about the manual installation instructions above.  If your PHP is in a non-standard location, or you're running multiple installs of different PHP version, you have to complie the module with an explicit path to phpize and php-config:

/path/to/correct/php/bin/phpize && ./configure --with-ssh2 --with-php-config=/path/to/correct/php/bin/php-config && make

Took me an hour to figure out why I was getting a "Unable to initialize module Module compiled with module API" error when I loaded the module.  Turns out, it was compiling against my php4 libs, and not the php5 ones.
stevec at carbondesignsystems dot com
06-Jun-2006 12:57
I couldn't get `pear install ssh2-beta` to work, so I tried the manual installation.  I followed the instructions:

phpize && ./configure --with-ssh2 && make
Copy from the directory indicated by the build process to the location specified in your php.ini file under extension_dir.

When I restarted Apache, I got:
PHP Warning:  Unknown(): Invalid library (maybe not a PHP library) ''  in Unknown on line 0

To fix the problem, I ran `make install`, instead of copying into the extension directory.
Mike <esnik8202 at sneakemail dot com>
27-Mar-2006 01:08
To slightly correct the directory listing code below....

= ssh2_connect("hostname", 22);
// use any of the ssh2_auth_* methods
ssh2_auth_password($connection,"username", "password");
$sftp = ssh2_sftp($connection);
$dir = "ssh2.sftp://$sftp/path/to/dir/";
$dh = opendir($dir);
while ((
$file = readdir($dh)) !== false) {
"$file is in hostname:/path/to/dir\ n";

(thanks to Sara for assisting)
dotwho at NSPM dot mac dot com
05-Oct-2005 06:15
Trying to compile this ssh PECL extension for Mac OS X (10.4.2)
with's php5 distribution? Read on: PART 2:

11) Check your shell's path variable by SHELL$ "echo $PATH".
If your php5 binary directory is not listed before the standard OS X binary directory,
update your $PATH variable to list it first. Mine reads:
/usr/local/mysql/bin/: /usr/local/php5/bin/: /bin:/sbin: /usr/bin:/usr/sbin
11a) if you do not do this step, the PECL extension will link against the old
php4 version that ships with Mac OS X. You will know this by the fact that the
next step lists a server API that is different than the output of phpinfo():
My version was 20041030, Apples version was 20020429.
12) Run: phpize && ./configure --with-ssh2 && make
This will produce a lot of output and probably some warnings. If you get a note
at the end that says "Build Complete", then the process has completed
(probably successfully). The command has produced the output file within
the ssh2-0.9 (or whatever version) directory.
13) Check where the extension directory is located at by running the following command:
SHELL$/usr/local/php5/bin/php-config --extension-dir
If it lists some directory that actually exists, copy the file to this directory.
If it doesn't list a location that exists, you can either create the location, or
choose a different location and update the line in your php.ini file:
extension_dir = "./"
to point to the directory you would like to use. I chose:
extension_dir = "/usr/local/php5/extensions/"?>
14) Add the line
to the Dynamic Extensions area of your php.ini file.
15) Restart your web server for the extensioin to be loaded. If there are any problems, they will be written to the webserver log.
16) Check if your new ssh based streams are available by running:
SHELL$ /usr/local/php5/bin/php -r "print_r(stream_get_wrappers());"
You should get something similar to this output:
   [0] => php
   [1] => file
   [2] => http
   [3] => ftp
   [4] => compress.bzip2
   [5] => compress.zlib
   [6] => https
   [7] => ftps
   [8] =>
   [9] => ssh2.exec
   [10] => ssh2.tunnel
   [11] => ssh2.scp
   [12] => ssh2.sftp
You should now be able to do all the cool things you need to do with ssh
(like sftp scp ssh execution)! Take a look at some of the comment here for some
example scripts to test things out:

Good luck... hope that saves you my headache! :)
dotwho at NSPM dot mac dot com
05-Oct-2005 06:12
Trying to compile this ssh PECL extension for Mac OS X (10.4.2)
with's php5 distribution? Read on: PART 1:
1) Download libssh (I used version 0.11)
2) Unzip the directory and cd to the upacked directory in the terminal.
3) run: ./configure; make all install;
libssh should compile and place the output file in src/*.o
4) copy all headers from the include folder within the libssh2 directory to
5) copy all compiled files (*.o) from the src folder within the libssh2
directory to /usr/local/lib/
6) Download ssh2
(I used version 0.9 with additional changes from cvs - explained below)
7) unzip the downloaded archive.
8) version 0.9 has a conflict with an existing symbol used in some of the ZEND headers...
a change is available in cvs which renames the symbol in ssh2 to avoid the conflict
down load at least the 1.10 version of ssh2.c
if you decide to download a newer version, download any of the corresponding related files,
such as the php_ssh2.h header file.
9) replace the old version of ssh2.c with the new version of ssh2.c
(and any other files you downloaded).
10) From the terminal:
cd to the source directory (for me ssh2-0.9/ssh2-0.9/).

(Continued in a PART 2 comment)
jr at cnb dot uam dot es
27-May-2005 10:29
OK, the SSH class I wrote is now available for free on the Net.

The class uses an underlying SSH implementation, and hence does not require any library to be compiled against.

It is available at as a byproduct of project GridGramm (look in the downloads section). There are two releases available, the first one establishes a connection for each command, having a serious authentication overhead. The second release shares a master connection, highly reducing auth payload, but requires openssh >= 3.8.

They are also available from the development site at

and come with extensive documentation and examples.

These are work in progress, and I hope to add more enhancements in the close future. But you are welcome to use them now.