From 96ff262333dbdba767c6fdcb43b1c8c375fb5dba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=80=97=E5=AD=90?= <haozi@loli.email>
Date: Tue, 11 Nov 2025 10:36:19 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20ssh=E7=A7=81=E9=92=A5=E6=94=AF=E6=8C=81?=
 =?UTF-8?q?=E8=AE=BE=E7=BD=AE=E5=AF=86=E7=A0=81=20(#346)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/lib/DeployHelper.php | 6 ++++++
 app/lib/deploy/ssh.php   | 7 +++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/lib/DeployHelper.php b/app/lib/DeployHelper.php
index 7a6fad1..37c7917 100644
--- a/app/lib/DeployHelper.php
+++ b/app/lib/DeployHelper.php
@@ -2273,6 +2273,12 @@ ctrl+x 保存退出',
                     'required' => true,
                     'show' => 'auth==1',
                 ],
+                'passphrase' => [
+                    'name' => '私钥密码',
+                    'type' => 'input',
+                    'placeholder' => '若私钥有设置密码，请填写此项',
+                    'show' => 'auth==1',
+                ],
                 'windows' => [
                     'name' => '是否Windows',
                     'type' => 'radio',
diff --git a/app/lib/deploy/ssh.php b/app/lib/deploy/ssh.php
index 241ad99..af61df9 100644
--- a/app/lib/deploy/ssh.php
+++ b/app/lib/deploy/ssh.php
@@ -2,6 +2,7 @@
 
 namespace app\lib\deploy;
 
+use app\lib\CertHelper;
 use app\lib\DeployInterface;
 use Exception;
 
@@ -49,7 +50,8 @@ class ssh implements DeployInterface
             fclose($stream);
             $this->log('私钥已保存到：' . $config['pem_key_file']);
         } elseif ($config['format'] == 'pfx') {
-            $pfx = \app\lib\CertHelper::getPfx($fullchain, $privatekey, $config['pfx_pass'] ? $config['pfx_pass'] : null);
+            $pfx_pass = $config['pfx_pass'] ?? null;
+            $pfx = CertHelper::getPfx($fullchain, $privatekey, $pfx_pass);
 
             $stream = fopen("ssh2.sftp://$sftp{$config['pfx_file']}", 'w');
             if (!$stream) {
@@ -157,7 +159,8 @@ class ssh implements DeployInterface
             file_put_contents($privateKeyPath, $this->config['privatekey']);
             file_put_contents($publicKeyPath, $publicKey);
             umask($umask);
-            if (!ssh2_auth_pubkey_file($connection, $this->config['username'], $publicKeyPath, $privateKeyPath)) {
+            $passphrase = $this->config['passphrase'] ?? null; // 私钥密码
+            if (!ssh2_auth_pubkey_file($connection, $this->config['username'], $publicKeyPath, $privateKeyPath, $passphrase)) {
                 throw new Exception('私钥认证失败');
             }
         } else {