The vendor we deal with requires the use of both password authentication AND a public/private key authentication.
After much pain and testing, this is what we did to make it work, bypassing the need to install phpseclib:
<?php
$server = "subdomain.example.com";
$username = "username";
$password = "password";
$path_to_public_key = "file.pub";
$path_to_private_key = "file.priv"; // critical: permissions must be 0600!!
$path_to_needed_file = "/path/to/file/needed.txt";
$ssh2 = ssh2_connect($server);
@ssh2_auth_pubkey_file($ssh2,$username,$path_to_public_key,$path_to_private_key); // this returns a warning but it is normal and can be ignored
ssh2_auth_password($ssh2,$username,$password);
$sftp = ssh2_sftp($ssh2);
$file = fopen("ssh2.sftp://" . intval($sftp). $path_to_needed_file,"r");
$content = fread($file,1024);
fclose($file);
ssh2_disconnect($ssh2);
echo $content;
?>