Net::SSH::Perl::Agent(3pm)

1Net::SSH::Perl::Agent(3U)ser Contributed Perl DocumentatiNoent::SSH::Perl::Agent(3)
2
3
4

NAME

6       Net::SSH::Perl::Agent - Client for agent authentication
7

SYNOPSIS

9           use Net::SSH::Perl::Agent;
10           my $agent = Net::SSH::Perl::Agent->new(2);  ## SSH-2 protocol
11           my $iter = $agent->identity_iterator;
12           while (my($key, $comment) = $iter->()) {
13               ## Do something with $key.
14           }
15

DESCRIPTION

17       Net::SSH::Perl::Agent provides a client for agent-based publickey
18       authentication. The idea behind agent authentication is that an auth
19       daemon is started as the parent of all of your other processes (eg. as
20       the parent of your shell process); all other processes thus inherit the
21       connection to the daemon.
22
23       After loading your public keys into the agent using ssh-add, the agent
24       listens on a Unix domain socket for requests for identities.  When
25       requested it sends back the public portions of the keys, which the SSH
26       client (ie. Net::SSH::Perl, in this case) can send to the sshd, to
27       determine if the keys will be accepted on the basis of authorization.
28       If so, the client requests that the agent use the key to decrypt a ran‐
29       dom challenge (SSH-1) or sign a piece of data (SSH-2).
30
31       Net::SSH::Perl::Agent implements the client portion of the authentica‐
32       tion agent; this is the piece that interfaces with Net::SSH::Perl's
33       authentication mechanism to contact the agent daemon and ask for iden‐
34       tities, etc. If you use publickey authentication (RSA authentication in
35       SSH-1, PublicKey authentication in SSH-2), an attempt will automati‐
36       cally be made to contact the authentication agent. If the attempt suc‐
37       ceeds, Net::SSH::Perl will try to use the identities returned from the
38       agent, in addition to any identity files on disk.
39

USAGE

41       Net::SSH::Perl::Agent->new($version)
42
43       Constructs a new Agent object and returns that object.
44
45       $version should be either 1 or 2 and is a mandatory argument; it speci‐
46       fies the protocol version that the agent client should use when talking
47       to the agent daemon.
48
49       $agent->identity_iterator
50
51       This is probably the easiest way to get at the identities provided by
52       the agent. identity_iterator returns an iterator function that, when
53       invoked, will returned the next identity in the list from the agent.
54       For example:
55
56           my $iter = $agent->identity_iterator;
57           while (my($key, $comment) = $iter->()) {
58                ## Do something with $key.
59           }
60
61       If called in scalar context, the iterator function will return the next
62       key (a subclass of Net::SSH::Perl::Key). If called in list context (as
63       above), both the key and the comment are returned.
64
65       $agent->first_identity
66
67       Returns the first identity in the list provided by the auth agent.
68
69       If called in scalar context, the iterator function will return the next
70       key (a subclass of Net::SSH::Perl::Key). If called in list context,
71       both the key and the comment are returned.
72
73       $agent->next_identity
74
75       Returns the next identity in the list provided by the auth agent. You
76       must call this after first calling the first_identity method. For exam‐
77       ple:
78
79           my($key, $comment) = $agent->first_identity;
80           ## Do something.
81
82           while (($key, $comment) = $agent->next_identity) {
83               ## Do something.
84           }
85
86       If called in scalar context, the iterator function will return the next
87       key (a subclass of Net::SSH::Perl::Key). If called in list context,
88       both the key and the comment are returned.
89
90       $agent->sign($key, $data)
91
92       Asks the agent $agent to sign the data $data using the private portion
93       of $key. The key and the data are sent to the agent, which returns the
94       signature; the signature is then sent to the sshd for verification.
95
96       This method is only applicable in SSH-2.
97
98       $agent->decrypt($key, $data, $session_id)
99
100       Asks the agent to which $agent holds an open connection to decrypt the
101       data $data using the private portion of $key.  $data should be a big
102       integer (Math::GMP object), and is generally a challenge to a request
103       for RSA authentication.  $session_id is the SSH session ID:
104
105           $ssh->session_id
106
107       where $ssh is a Net::SSH::Perl::SSH1 object.
108
109       This method is only applicable in SSH-1.
110

AUTHOR & COPYRIGHTS

112       Please see the Net::SSH::Perl manpage for author, copyright, and
113       license information.
114
115
116
117perl v5.8.8                       2003-12-03          Net::SSH::Perl::Agent(3)