Authenticate over SSH using a plain password
Example 2345. Authenticating with a password
Code Examples / Notes » ssh2_auth_password
This function is useful for authenticating website clients against local (or remote) Unix users.
I'd played around with Apache+PAM, various mod_auths and homebrewed shell programs and even NIS, but to authenticate a user against a Unix shadow file fundamentally requires root priviledges, so either your PHP script needs root or an external program needs it's sticky bit set. Both of these have *serious* security implications.
Using SSH, the overhead is obviously going to be greater but you're trusting a root service that's been (and continues to be) really well tested. Just try authing with SSH against localhost (or another host if you want).
The sshd you are trying to connect to requires PasswordAuthentication yes in its sshd_config file.
Most normal SSH features work with this off, but this requires it on. Note, this defaults to off in FreeBSD 5.x
Do not try to authenticate or log in more than once on a ssh2 connection. It won't work. You'll need a new connection via ssh2_connect() which will result in a poor performance if you're doing several connects to the same server.