I`m using ssh2 php extension to run commands from an server to another, i briefly use it as an API. My question is if the pull request (SSH) can be intercepted or risk being hacked?
If the SSH pull request can be intercepted i want to know how.
Yes, of course, but it most likely can only be sniffed, without gaining much value.
Every connection can be intercepted if there is no secure communication.
However, it does not matter much, because you need a private key in order to access whatever server you're trying to access through SSH.
You can find more information here:
The SSH extension will use a system library to manage the connection, so it should be as secure as the shell ssh command.
A more important security concern is that you are giving the user running php permission to log in to the remote server and operate there. This means that if your web app is compromised the attacker will be capable to obtain access to the other server as well.
The whole point of SSH is to protect against eavesdroppers. SSH traffic is encrypted and the key is only known to the sender and the recipient through the magic of diffie-hellman key exchange.
Certainly some algorithms are going to be better than others. If your SSH server supports it you'd be better off using ChaCha20 instead of, say, arcfour. But tbh idk if libssh supports ChaCha20 either.