Cannot use WP-cli in PHP with shell_exec. ‘Error: Cannot connect over SSH using provided configuration.’
What steps can be taken to replicate the issue? Feel free to include screenshots, videos, etc
I’m trying to develop a plugin which connects to a remote site using wp-cli with php using shell_exec(). I’m trying to test things in my Local WP install, but running into an issue.
I have gotten wp-cli working with shell_exec() by placing a wp.bat file into my wp folder and inside there pointing to the wp-cli.phar file in WP Local folder.
But now I’m having an issue when trying to use SSH. I have set up keys properly and when using the shell, i am able to connect the remote site just fine. But using shell_exec(), it’s not working and I’m getting: ‘Error: Cannot connect over SSH using provided configuration.’
It seem’s like it’s not finding the config file in my .ssh folder or something. I’m using Windows 11 and that folder exists in c:\users<username>.ssh
Anyone have any ideas where I should place the ssh private key and config file? Or if there is some other issue
System Details
Local Version:
6.4.3+6116
Operating System (OS) and OS version:
Windows 11 23H2
Security Reminder
Local does a pretty good job of scrubbing private info from the logs and the errors it produces, however there’s always the possibility that something private can come through. Because these are public forums, always review the screenshots you are sharing to make sure there isn’t private info like passwords being displayed.
Hi, I updated to latest version of Local WP and now even “wp --info” ran locally stopped working with shell_exec(). It still works fine when running it in shell. Also, running wp-cli with ssh to an external server works fine in shell.
Using var_dump(shell_exec('wp --info 2>&1')); gives ''php' is not recognized as an internal or external command, operable program or batch file.'
var_dump(shell_exec('wp --info 2>&1')); started working locally after a reboot again, but still not working with a remote site. Still getting 'Error: Cannot connect over SSH using provided configuration.' And same command does work in shell.
I’m having a little trouble fully understanding how the desired end-result should work. From what you’re describing, I think this is the general flow of what your plugin is doing:
Within wp-admin, click a button that fires off a request to the site’s WP installation
WordPress handles that request and spawns a new shell
within the shell, a new cli PHP process is spawned to run a wp command that connects to a remote server
Does that sound about right? Do you have a basic WP plugin that shows a concrete example of this?
If that is the rough setup for the plugin, it sounds like a fairly fragile configuration and I’d be cautious about proceeding too far with this solution. The main issue I see is that there are a number of ways that this could fail within different environments. For example:
What if the server doesn’t have wp installed?
What if the server doesn’t have an ssh key installed/configured for the server to be connected to?
What if the remote target server doesn’t accept ssh connections?
…
In terms of solving the specific question about why is the shell_exec('wp...) command not working.
I think our PHP process has a pretty minimal environment. To check, I created a simple php file like this and visited it in the browser:
<?php
// get the environment settings for this process and var_dump them
echo "<pre>";
echo "Main process environment settings:\n";
var_dump($_ENV);
// use shell_exec to spawn another process and dump the environment settings for that
echo "Child process environment settings:\n";
var_dump(shell_exec('php -r "var_dump($_ENV);"'));
// get the $_SERVER settings for this process and var_dump them
echo "Main process server settings:\n";
var_dump($_SERVER);
// use shell_exec to spawn another process and dump the $_SERVER settings for that
echo "Child process server settings:\n";
var_dump(shell_exec('php -r "var_dump($_SERVER);"'));
echo "</pre>";
It seems like the PATH is only set to find the ghostscript binary (gs), which means that the shell that is spawned won’t find php, let alone any of the other tools that would allow it to connect, for example, ssh.
I’m trying to send a basic wp-cli command within wordpress environment to a remote wordpress site. Both of these environments are known and controlled so wp-cli will always be installed. Plugin wont be for public use. I only need to run a command once to the remote site, so using wp-cli is a bit simpler than using the REST API and dealing with authentication. Since there are already is an SSH connection set up with a public key between the “master” and the other site(s) (and confirmed working using the shell), it just makes more sense in this case.
shell_exec('wp...) started working when i installed php on my local machine, so I guess Local is picking up the php from my windows 11 system somehow. But the configuration file I have set up in c:\users\<username>\.ssl\ doesn’t seem to be working since the remote commands don’t work, but local commands do. i.e. shell_exec('wp --info); works, but shell_exec('wp ssh=user@<ip-address>/path/to/webapp --info); doesn’t.
Yeah, that all make sense. You’re still probably going to have trouble getting in and correctly configuring the environment for each of those spawned processes.
My guess is that the ssh command that wpcli is trying to use doesn’t have the correct ssh connection info and you’ll need to tell it exactly where the key is. I’m not seeing much documentation around this, but at least in this part of the docs, it mentions that you can specify a path to the key file within a config yaml file:
The SSH connection type also supports two advanced connection configuration options, which must be specified via an alias in the YAML configuration:
proxyjump – Specifies a jumpbox connection string, which is passed to ssh -J
key – Specifies the key (identify file) to use, which is passed to ssh -i
Thanks. All those other instances are spun up from known backups, so I’m able create custom wp-cli commands easily on that end and be sure they are present for example.
Thanks for that link, it looks kind of promising. I’ll poke around and see if I can figure it out.
