1Net::SSH::Perl::Auth::RUhsoesrtsC_oRnStAr(i3b)uted PerlNDeotc:u:mSeSnHt:a:tPieornl::Auth::Rhosts_RSA(3)
2
3
4
6 Net::SSH::Perl::Auth::Rhosts_RSA - Perform Rhosts-RSA authentication
7
9 use Net::SSH::Perl::Auth;
10 my $auth = Net::SSH::Perl::Auth->new('Rhosts_RSA', $ssh);
11 print "Valid auth" if $auth->authenticate;
12
14 Net::SSH::Perl::Auth::Rhosts_RSA performs Rhosts with RSA
15 authentication with a remote sshd server. This is standard Rhosts
16 authentication, plus a challenge-response phase where the server RSA-
17 authenticates the client based on its host key. When you create a new
18 Rhosts_RSA auth object, you give it an $ssh object, which should
19 contain an open connection to an ssh daemon, as well as any data that
20 the authentication module needs to proceed. In this case, the $ssh
21 object must contain the name of the user trying to open the connection.
22
23 Note that the sshd server will require two things from your client:
24
25 1. Privileged Port
26 sshd will require your client to be running on a privileged port
27 (below 1024); this will, in turn, likely require your client to be
28 running as root. If your client is not running on a privileged
29 port, the Rhosts-RSA authentication request will be denied.
30
31 If you're running as root, Net::SSH::Perl should automatically
32 detect that and try to start up on a privileged port. If for some
33 reason that isn't happening, take a look at the Net::SSH::Perl
34 docs.
35
36 2. Private Host Key
37 In order to do RSA-authentication on your host key, your client
38 must be able to read the host key. This will likely be impossible
39 unless you're running as root, because the private host key file
40 (/etc/ssh_host_key) is readable only by root.
41
42 With that aside, to use Rhosts-RSA authentication the client sends a
43 request to the server to authenticate it, including the name of the
44 user trying to authenticate, as well as the public parts of the host
45 key. The server first ensures that the host can be authenticated using
46 standard Rhosts authentication (shosts.equiv, hosts.equiv, etc.). If
47 the client passes this test, the server sends an encrypted challenge to
48 the client. The client must decrypt this challenge using its private
49 host key, then respond to the server with its response.
50
51 Once the response has been sent, the server responds with success or
52 failure.
53
55 Please see the Net::SSH::Perl manpage for author, copyright, and
56 license information.
57
58
59
60perl v5.36.0 2023-01-20Net::SSH::Perl::Auth::Rhosts_RSA(3)