Return to Question

added 367 characters in body

Source Link

edited Aug 27, 2013 at 16:39

I have a private key file that will be used in the following two use-cases:

SSH -i /path/to/private/key within terminal -- Requires 600 permission set
A file_get_contents() statement within PHP -- Requires more open permissions set

The file currently has permissions set at 600 to allow usage within SSH via terminal. However because of this I get a permission denied when trying to read the file within PHP.

Please can anyone suggest a viable solution, whilst maintaining good security on the key file, to enable me to use the same key file for both the aforementioned use-cases?

Edit: For clarification, I'm using PHPSecLib (as opposed to PECL's SSH2 extension), to connect to an Amazon EC2 instance within PHP. The following is a code example:

$key = new Crypt_RSA();
$key->loadKey(file_get_contents('private_key.pem'));

$ssh = new Net_SSH2('amazon-ec2-ip');
$ssh->login('ubuntu', $key); // HERRO PRIVATE KEY

I have a private key file that will be used in the following two use-cases:

SSH -i /path/to/private/key within terminal -- Requires 600 permission set
A file_get_contents() statement within PHP -- Requires more open permissions set

The file currently has permissions set at 600 to allow usage within SSH via terminal. However because of this I get a permission denied when trying to read the file within PHP.

Please can anyone suggest a viable solution, whilst maintaining good security on the key file, to enable me to use the same key file for both the aforementioned use-cases?

I have a private key file that will be used in the following two use-cases:

SSH -i /path/to/private/key within terminal -- Requires 600 permission set
A file_get_contents() statement within PHP -- Requires more open permissions set

The file currently has permissions set at 600 to allow usage within SSH via terminal. However because of this I get a permission denied when trying to read the file within PHP.

Please can anyone suggest a viable solution, whilst maintaining good security on the key file, to enable me to use the same key file for both the aforementioned use-cases?

Edit: For clarification, I'm using PHPSecLib (as opposed to PECL's SSH2 extension), to connect to an Amazon EC2 instance within PHP. The following is a code example:

$key = new Crypt_RSA();
$key->loadKey(file_get_contents('private_key.pem'));

$ssh = new Net_SSH2('amazon-ec2-ip');
$ssh->login('ubuntu', $key); // HERRO PRIVATE KEY

Source Link

asked Aug 27, 2013 at 16:10

James

Permissions dilemma - Private key requires 600 for terminal SSH, more open for PHP

I have a private key file that will be used in the following two use-cases:

SSH -i /path/to/private/key within terminal -- Requires 600 permission set
A file_get_contents() statement within PHP -- Requires more open permissions set

The file currently has permissions set at 600 to allow usage within SSH via terminal. However because of this I get a permission denied when trying to read the file within PHP.

Please can anyone suggest a viable solution, whilst maintaining good security on the key file, to enable me to use the same key file for both the aforementioned use-cases?