February 19, 2008

PHP Shell, for secure remote access when SSH isn't available

Author: Ben Martin

Many companies offer LAMP hosting, but some of the cheaper LAMP providers do not allow SSH access, reserving that feature for higher-paying customers. Without SSH you may think you'll have trouble executing commands on the hosted server. Not so -- PHP Shell allows execution of some commands without having SSH access to the LAMP server.

The only PHP function that PHP Shell requires is proc_open(). If you can execute that function using PHP code, then PHP Shell should work. As PHP Shell is easy to install, the easiest way to find out if you are allowed to execute it is to just install it and see if it runs.

You might wonder about the security of setting up a PHP script that allows shell commands to be executed, but PHP Shell is no more or less secure an application than any other PHP file on the server. Of course, you must be responsible for your own security.

When using PHP Shell you should protect the directory containing the PHP file from unauthorized access. The best way to protect it would be to force the use of the secure protocol HTTPS to access that directory and to use bidirectional certificate authentication. Unfortunately, the use of HTTPS is another feature that many of the cheaper LAMP providers reserve for higher-paying customers. An alternative approach is to use hash-based HTTP authorization and to delete the PHP Shell script from the server when you are done.

For the article I'll use phpshell-2.1 on a 64-bit Fedora 8 machine. To install the software, expand the archive into the DocumentRoot of your Apache server:

# cd /var/www/html
# tar xjvf /T/phpshell-2.1.tar.bz2
# chown -R root.apache phpshell-2.1

No users can log in via PHP Shell by default. The first thing you should do is load pwhash.php into your browser and set a username and password to generate a password hash. As the pwhash.php page mentions, you must add this hashed password line into the [users] section of PHP Shell's config.php file.

You should then be able to log in to PHP Shell. The username and password checks are done by PHP Shell; they do not affect the Linux user that the script is running as. By default PHP Shell gives you the abilities of the user who is running the PHP script itself -- in this case, the Apache Web server user and group. This lack of more restrictive permissions has engendered some negative feedback in the comments on PHP Shell's homepage, where some folks say they have had their Web servers tampered with. Depending on where you are using PHP Shell, you might want to look at setting up SuPHP to only allow the use of PHP Shell as certain Linux users.


You cannot run interactive programs with PHP Shell. For example, running vi will result in PHP Shell sitting for a long time, because vi requires keyboard input and cannot get it. To log out from a PHP Shell in which you have run an interactive program, you might need to either wait for a timeout for that command or kill the command process itself.

Another area where non-interactive use can make things annoying is if you execute cp -avi source target. The copy command will ask if you wish to replace the output, but as it cannot get a reply it will fail.

By far the main drawback of non-interactive use is the inability to stop an errant process. For example, if you run vi, then that session of PHP Shell will not operate properly again until you kill the vi process from another PHP Shell session or by using different means.

I found that PHP Shell would not allow me to log in again from a second tab in my Web browser. The second login attempt would just log in immediately to the same session as the first tab. To get around this, I had to run another Web browser with a different profile. This tactic can be handy to keep in mind if you accidentally start something and need to kill it from a second login.

If PHP has the proc_open() function listed in disabled_functions in /etc/php.ini then you won't be able to use PHP Shell at all. If PHP is running in safe mode then there are restrictions on what you can do from the shell; you can only cd into directories that you own, wildcards do not work, and you may execute programs only from a directory listed in safe_mode_exec_dir. See the PHP Shell security file for exact details.

PHP Shell could be just the tool you are looking for if you want to expand a tarball or rename a few files on a cheap LAMP host from a command line but do not want to pay for the privilege of SSH access. Just remember to keep in mind not to run any interactive tool; firing up vi or emacs will render your PHP Shell session useless.


  • Tools & Utilities
  • Networking