Net::SSH::Perl::Auth::RSA(3pm)

1Net::SSH::Perl::Auth::RUSsAe(r3)Contributed Perl DocumenNteatt:i:oSnSH::Perl::Auth::RSA(3)
2
3
4

NAME

6       Net::SSH::Perl::Auth::RSA - Perform RSA authentication
7

SYNOPSIS

9           use Net::SSH::Perl::Auth;
10           my $auth = Net::SSH::Perl::Auth->new('RSA', $ssh);
11           print "Valid auth" if $auth->authenticate;
12

DESCRIPTION

14       Net::SSH::Perl::Auth::RSA performs RSA authentication with a remote
15       sshd server. When you create a new RSA auth object, you give it an $ssh
16       object, which should contain an open connection to an ssh daemon, as
17       well as any data that the authentication module needs to proceed. In
18       this case, for example, the $ssh object might contain a list of RSA
19       identity files (see the docs for Net::SSH::Perl).
20
21       The authenticate method first tries to establish a connection to an
22       authentication agent. If the connection attempt is successful, the
23       client loops through the identities returned from the agent, and tries
24       each identity/key against the server. The client enters into a dialog
25       with the server. The client sends the public portion of the key
26       returned from the agent. The server responds, telling the client
27       whether the key is authorized for authentication; if the key is
28       authorized, the server sends an RSA challenge encrypted with the user's
29       public key. The client then asks the agent to decrypt the challenge
30       using the private portion of the key, and sends back its response. If
31       the response is correct, the client is authenticated successfully.
32
33       If the client cannot connect to the authentication agent, or if none of
34       the identities returned from the agent successfully authenticate the
35       user, authenticate then loops through each of the files listed as
36       identity files (see the Net::SSH::Perl constructor). If no identity
37       files are explicitly listed, $ENV{HOME}/.ssh/identity is used as a
38       default. For each identity, the client enters into a dialog with the
39       sshd server.
40
41       The client sends the public key to the server, then waits for a
42       challenge. Once this challenge is received, the client must decrypt the
43       challenge using the private key (loaded from the identity file). When
44       loading the private key, you may need to enter a passphrase to decrypt
45       the private key itself; first authenticate tries to decrypt the key
46       using an empty passphrase (which requires no user intervention). If
47       this fails, the client checks to see if it's running in an interactive
48       session. If so, it queries the user for a passphrase, which is then
49       used to decrypt the private key. If the session is non-interactive and
50       the private key cannot be loaded, the client simply sends a dummy
51       response to the RSA challenge, to comply with the SSH protocol.
52
53       Otherwise, if the private key has been loaded, and the challenge
54       decrypted, the client sends its response to the server, then waits for
55       success or failure.
56

AUTHOR & COPYRIGHTS

58       Please see the Net::SSH::Perl manpage for author, copyright, and
59       license information.
60
61
62
63perl v5.12.2                      2008-10-21      Net::SSH::Perl::Auth::RSA(3)