Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Net::SSH::Perl Login

by alongwor (Novice)
on Oct 07, 2003 at 16:08 UTC ( [id://297325]=perlquestion: print w/replies, xml ) Need Help??

alongwor has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks,

I am looking for a little advice. I am using the Net::SSH::Perl module with limited results. I can log into a remote machine using a username and password without problems.
What I am having problems with is using the identity files to log into the machine.
Can someone point me in the right direction with a little sample of how to do this? I have tried may combinations without any joy.

Your help would be greatly appreciated,
Thanks in advance.

Replies are listed 'Best First'.
Re: Net::SSH::Perl Login
by naChoZ (Curate) on Oct 07, 2003 at 18:27 UTC

    What have you tried so far? The Net::SSH::Perl perldoc cites:

    Net::SSH::Perl->new($host, %params) To set up a new connection, call the new method, which connects to $host and returns a Net::SSH::Perl object. new accepts the following named parameters in %params: <snip> o identity_files A list of RSA/DSA identity files to be used in RSA/DSA authentication. The value of this argument should be a reference to an array of strings, each string identifying the location of an identity file. Each identity file will be tested against the server until the client finds one that authenticates successfully. If you don't provide this, RSA authentication defaults to using $ENV{HOME}/.ssh/identity, and DSA authentication defaults to $ENV{HOME}/.ssh/id_dsa.

    --
    "I just read perlman:perlboot," said Tom, objectively.
    naChoZ

Re: Net::SSH::Perl Login
by alongwor (Novice) on Oct 08, 2003 at 11:58 UTC
    Once again, thanks so far. I have tried the sugested method and I have got a little further. As well as changing my code I have switched on the debug mode. Bellow is the code that I am using

    #perl use Net::SSH::Perl; $identity = ".ssh/id_dsa"; $debug_level = 1; $protocol = 1; $host = "192.211.12.45"; $usr = "dm"; $args{identity_files} = [ $identity ]; $args{debug} = [ $debug_level ]; $args{protocol} = $protocol; $ssh = Net::SSH::Perl->new( $host, %args); $ssh->login("$usr");
    And here is the output that I get from the code when I run it.
    target: Reading configuration data /home/dm/.ssh/config target: Reading configuration data /etc/ssh_config target: Connecting to 192.211.12.45, port 22. target: Remote protocol version 1.99, remote software version OpenSSH_ +3.1p1 target: Net::SSH::Perl Version 1.23, protocol version 1.5. target: No compat match: OpenSSH_3.1p1. target: Connection established. target: Waiting for server public key. target: Received server public key (768 bits) and host key (1024 bits) +. target: Host '192.211.12.45' is known and matches the host key. target: Encryption type: DES3 target: Sent encrypted session key. target: Received encryption confirmation. target: RSA authentication failed: Can't load public key. target: Doing challenge response authentication. target: No challenge presented. target: Trying password authentication. target: Will not query passphrase in batch mode.
    It looks to me like I have a problem with the file that I am presenting? Which file should I be presenting, as you can see from the code I am using the id_dsa file.
    I hope this error is meaningful to someone :-)

    Thanks again so far.

      The key there is:

      target: Will not query passphrase in batch mode.

      As the document I referenced before indicates, a private key will only be usable in batch mode if it is not encrypted. You can test this by creating a key with no passphrase on it:

      $ ssh-keygen -t rsa -N '' -f testkey

      Remember, when you stare long into the abyss, you could have been home eating ice cream.
Re: Net::SSH::Perl Login
by zentara (Archbishop) on Oct 08, 2003 at 13:45 UTC
    Since you are having trouble with Net::SSH::Perl, maybe you should try a simple login test with Net::SSH. It only uses keys for authorization, so it might work better.
    #!/usr/bin/perl #this uses Net::SSH, instead of Net::SSH::Perl #and it needs the key method of authentication, #it won't use passwords. use strict; use warnings; use Net::SSH qw(sshopen3); my $user = "zz"; my $host = "zz@.z.net"; my $cmd = "uptime"; sshopen3( "$user\@$host", *WRITER, *READER, *ERROR, "$cmd" ); my $uptime = <READER>; my $error = <ERROR>; chomp $uptime; print "$uptime\n"; print "$error\n";
Re: Net::SSH::Perl Login
by idsfa (Vicar) on Oct 08, 2003 at 01:22 UTC

    Are these unencrypted private keys, are you being prompted for the passphrase or is this the problem:

    When loading each of the private key files, the client first tries to load the key using an empty passphrase. If this fails, the client either prompts the user for a passphrase (if the session is interactive) or skips the key altogether.

    --Net::SSH::Perl::Auth::PublicKey


    Remember, when you stare long into the abyss, you could have been home eating ice cream.
Re: Net::SSH::Perl Login
by alongwor (Novice) on Oct 09, 2003 at 12:28 UTC
    Okay guys,
    I have managed to solve the problem. In the end it turned out that DSA is only suported in SSH2. As I wasnt explicitly declaring to use SSH2 it was throwing this error. Now I expressly define which protocol to use and it works.
    Thanks for all your help.
Re: Net::SSH::Perl Login
by sunadmn (Curate) on Oct 07, 2003 at 17:20 UTC
    Can you give me a little better understanding of what you mean by "identity files"?? Are you talking about using the keys which auto auth a user into the box??
      Thanks for the replies so far. To answer the questions thrown up so far.

      sunadmn - The identity files are exactly what you say. The files used in RSA/DSA authentication

      naChoZ - I am using the module documentation as my help, its about all I can find on this :-)

      idsfa - Normally when I use these keys to log into the machines (manually) I am not asked for a pass phrase.

      I have been having another look today and this is what I have so far.
      $identity = "id_dsa"; $host = "target"; $usr = "user"; my %args; $args{identity_files} = $identity; $ssh = Net::SSH::Perl->new($host, %args); $ssh->login($usr);
      When I run this I get the following errors which I dont really understand.
      Can't use string ("id_dsa") as an ARRAY ref while "strict refs" in use + at /usr/lib/perl5/site_perl/5.6.1/Net/SSH/Perl/Auth/RSA.pm line 36.
      Some more help would be appreciated as I dont seem to be able to get round this :-/

        try...

        $args{identity_files} = [ $identity ]; # takes ARRAY $args{protocol} = '2,1'; # try v2 first

        works for me...

        use Net::SSH::Perl; $ssh = Net::SSH::Perl->new( "rtrfoo", { identity_files => ["$ENV{HOME}/.ssh/id_dsa"], protocol => "2" } +); $ssh->login("myself"); print "@{[$ssh->cmd(q(show version))]}" __END__ Hostname: rtrfoo Model: m20 JUNOS Base OS boot [5.6R2.4] JUNOS Base OS Software Suite [5.6R2.4] ...

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://297325]
Approved by Courage
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others cooling their heels in the Monastery: (5)
As of 2024-03-28 14:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found