PHPCon Poland 2024


ssh2://Secure Shell 2

Descrizione ssh2.exec:// ssh2.tunnel:// ssh2.sftp:// ssh2.scp:// (PECL)

Nota: This wrapper is not enabled by default
In order to use the ssh2.*:// wrappers, the » SSH2 extension available from » PECL must be installed.

In addition to accepting traditional URI login details, the ssh2 wrappers will also reuse open connections by passing the connection resource in the host portion of the URL.


  • ssh2.exec://
  • ssh2.tunnel://
  • ssh2.s


Wrapper Summary
Attribute ssh2.exec ssh2.tunnel ssh2.sftp ssh2.scp
Restricted by allow_url_fopen Yes Yes Yes Yes Yes
Allows Reading Yes Yes Yes Yes Yes
Allows Writing Yes Yes Yes Yes No
Allows Appending No No No Yes (When supported by server) No
Allows Simultaneous Reading and Writing Yes Yes Yes Yes No
Supports stat() No No No Yes No
Supports unlink() No No No Yes No
Supports rename() No No No Yes No
Supports mkdir() No No No Yes No
Supports rmdir() No No No Yes No

Context options
Name Usage Default
session Preconnected ssh2 resource to be reused  
sftp Preallocated sftp resource to be reused  
methods Key exchange, hostkey, cipher, compression, and MAC methods to use  
username Username to connect as  
password Password to use with password authentication  
pubkey_file Name of public key file to use for authentication  
privkey_file Name of private key file to use for authentication  
env Associate array of environment variables to set  
term Terminal emulation type to request when allocating a pty  
term_width Width of terminal requested when allocating a pty  
term_height Height of terminal requested when allocating a pty  
term_units Units to use with term_width and term_height SSH2_TERM_UNIT_CHARS


Example #1 Opening a stream from an active connection

= ssh2_connect('', 22);
ssh2_auth_pubkey_file($session, 'username', '/home/username/.ssh/',
'/home/username/.ssh/id_rsa', 'secret');
$stream = fopen("ssh2.tunnel://$session/", 'r');

Example #2 This $session variable must be kept available!

In order to use the ssh2.*://$session wrappers, the $session resource variable must be kept. The code below will not have the desired effect:

= ssh2_connect('', 22);
ssh2_auth_pubkey_file($session, 'username', '/home/username/.ssh/',
'/home/username/.ssh/id_rsa', 'secret');
$connection_string = "ssh2.sftp://$session/";
$stream = fopen($connection_string . "path/to/file", 'r');

unset() closes the session, because $connection_string does not hold a reference to the $session variable, just a string cast derived from it. This also happens when the unset() is implicit because of leaving scope (like in a function).

add a note

User Contributed Notes 4 notes

10 years ago
The "password" context option can also be used to provide the passphrase for the keyfile supplied by "privkey_file" and "pubkey_file".

Note this bug:
Encrypted keys may not work unless you build libssh2 against openssl. (It only worked for me on Debian Wheezy once I recompiled the library).
bluej100 at gmail dot com
11 years ago
Be aware that opendir is currently broken on sftp root directories, but you can work around it by appending a dot. See and
guilhem at no dot spam dot answeb dot net
6 years ago
Please beware of a PHP bug, noted by thomas at gielfeldt dot dk, that you must intval() the connection variable before putting it in the connection string :

= ssh2_connect('', 22);
ssh2_auth_password($connection, 'username', 'password');
$sftp = ssh2_sftp($connection);
// See:
$stream = fopen("ssh2.sftp://" . intval($sftp) . "/path/to/file", 'r');
thomas at gielfeldt dot dk
7 years ago
// Connect with public key.
$session = ssh2_connect('', 22);
$result = ssh2_auth_pubkey_file($session, 'remote-username', '/home/local-username/.ssh/',
// Setup sftp stream wrapper
$sftp = ssh2_sftp($session);
// See:
$connection_string = 'ssh2.sftp://' . intval($sftp);

// List files in remote homedir.
$i = new \RecursiveDirectoryIterator("$connection_string/home/remote-username");
$r = new \RecursiveIteratorIterator($i);
foreach (
$r as $f) {
$f->getPathname() . "\n";
To Top