developer icon indicating copy to clipboard operation
developer copied to clipboard

Published 20 hours ago verified publisher icon easy-wi

[BUG] SSHKeys & phpseclib

Open AEon-Jan opened this issue 1 year ago • 0 comments

Description:

When attempting to use SSH keys in Easy-WI under PHP 7.4, errors may occur as some changes to the phpseclib library and some classes within Easy-WI are required to ensure compatibility. Version 3.x of the phpseclib library includes some class renaming and namespace changes that may have implications for the Easy-WI modules and functions that directly access these classes and namespace structures. Another issue is that phpseclib version 3.x no longer supports the use of RSA keys less than 2048 bits in length.

Solution:

To address potential issues with using SSH keys in Easy-WI under PHP 7.4 and newer versions, we will update the phpseclib library to the latest version and update the affected classes and functions within Easy-WI.

To accomplish this, we will first update the phpseclib library to the latest version. Then, we will modify the code in the affected files to use the latest versions of the library.

After the update, we will test the functionality of SSH keys to ensure everything is working properly.

Here are some examples of affected files and changes that need to be made to ensure compatibility between Easy-WI and the latest version of the phpseclib library:

  • In the file "easy-wi/library/ssh/ssh.class.php," the namespace for the phpseclib classes needs to be updated. This can be done by adding "use phpseclib3\Crypt\RSA;" or similar at the beginning of the file.

  • In the file "easy-wi/modules/remote/server.class.php," some methods need to be updated to use the latest versions of the phpseclib classes. In particular, the "login" and "ssh_exec" methods need to be updated to use the latest version of the phpseclib library.

  • In the file "easy-wi/modules/user/key.class.php," the "generate" method needs to be updated to use the latest version of the phpseclib library and ensure that RSA keys less than 2048 bits in length are not used.

  • In the file "easy-wi/modules/remote/cmdline.class.php," the code needs to be updated to use the latest versions of the phpseclib classes. In particular, the "ssh_connect" method needs to be updated to use the latest version of the phpseclib library.

Impact:

If these changes are not made, SSH keys may not work properly, which can cause problems executing remote commands on remote servers. It is therefore recommended to carefully test all changes before implementing them in a production environment.

Future Update:

In a future update of Easy-WI, we will update the phpseclib library to the latest version and update all affected classes and functions to ensure compatibility with PHP 7.4 and newer versions. We will also provide alternative methods for using RSA keys less than 2048 bits in length.

AEon-Jan avatar Mar 03 '23 11:03 AEon-Jan