Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Is Net::SSH::Perl broken for login via explicit user/password?

by tphyahoo (Vicar)
on Dec 18, 2006 at 15:30 UTC ( [id://590452]=perlquestion: print w/replies, xml ) Need Help??

tphyahoo has asked for the wisdom of the Perl Monks concerning the following question:

SSHing in with an explicit user/password seems not to work for me using Net::SSH::Perl.

This seems to be the same problem, or a related problem, as in Net::SSH::Perl gotcha!

That was back in 2002, and I'm thinking there must be a fix in, or at least a better understanding of the problem. But I looked around and couldn't find anything.

Here is a snip from my terminal to show what is going wrong

Is there some gotcha involving Net::SSH::Perl that I need to know about? 

$ ssh thartman@localhost # works fine
Password:
Linux none 2.4.29-linode39-1um #1 Wed Jan 19 12:22:14 EST 2005 i686 GN
+U/Linux... etc, etc
$ exit # get back to my original process
logout
Connection to localhost closed.
$ cat net-ssh-perl.t # the code to connect via Net::SSH::Perl
use strict;
use warnings;

use Net::SSH::Perl;
use IO::Prompt;

my $ssh_box = 'localhost';
my $ssh_login = prompt "$ssh_box user: ";

my $ssh_password = prompt "$ssh_box password: ", -e => '*';

my $ssh = Net::SSH::Perl->new($ssh_box);

$ssh->login($ssh_login, $ssh_password);
$ perl net-ssh-perl.t # same login, same password
localhost user: thartman
localhost password: *********
Permission denied at net-ssh-perl.t line 14
$ head -n14 net-ssh-perl.t | tail -n 1 # echo line 14 -- of course, it
+'s the login
$ssh->login($ssh_login, $ssh_password);
$

[download]

Much obliged for anybody that can point me in the right direction.

UPDATE, fwiw, doing the same thing with Net::SSH works fine 

$ perl net-ssh.t
localhost user: thartman
localhost command: ls
blee
learning
nbarter
pari-2.1.7
pari-2.1.7.tgz
pimpmycat
pmc_external_dependencies
shellenv
$ cat net-ssh.t
use strict;
use warnings;

use Net::SSH qw(sshopen2);
use IO::Prompt;

my $ssh_box = "localhost";

my $user = prompt "$ssh_box user: ";;
my $cmd = prompt "$ssh_box command: ";

sshopen2("$user\@$ssh_box", *READER, *WRITER, "$cmd") || die "ssh: $!"
+;

while (<READER>) {
    chomp();
    print "$_\n";
  }

close(READER);
close(WRITER);

[download]

Replies are listed 'Best First'.
Re: Is Net::SSH::Perl broken for login via explicit user/password?
by shmem (Chancellor) on Dec 18, 2006 at 20:16 UTC
    Net::SSH::Perl operates in two modes:
    • batch mode
    • interactive mode

    Interactive mode is off by default and must be turned on explicitly: 

    my $ssh = Net::SSH::Perl->new($ssh_box, interactive => 1);

    [download]

    Passwords and passphrases are read only in interactive mode, and always from the tty. In batch mode, all passwords are ignored.

    Thus batch mode works only with public/private key pairs (rsa or dsa mode), which is IMHO The Right Thing. Storing passwords as plaintext in config files or scripts is unwise at it's best.

    The documentation of Net::SSH::Perl is misleading on this behalf, as the method 

    $ssh->login($user, $pass);

    [download]

    will never work - by design!

    Searching a bit further, I found the following in Net::SSH::Perl::Auth::KeyboardInt:

    The authenticate method will enter into a dialog with the server. For keyboard-interactive authentication, this entails sending a request to authenticate the user using this form of authentication, then waiting for any number of prompts for authentication. These prompts are then presented to the user, who enters his/her responses; the responses are then sent back to the server, which either allows or denies the user's credentials.

    The fact that this authentication method requires responses to interactive prompts requires that you only use this method in an interactive SSH connection.

    Net::SSH::Perl appearently supports - besides user/password pairs - also challenge/response authentication methods; the authentication can involve multiple methods with would not fit into a simple user/pass schema.

    I recall that this question is asked often; the manual page of Net::SSH::Perl is outdated and inaccurate and should be fixed. But it has a link for reporting bugs ;-)

    <update>

    If Net::SSH::Perl operates in batch mode, it disables the keyboard-interactive authentication method. You can verify this by commenting out line 116 of $perllib/Net/SSH/AuthMgr.pm: 

    # in sub auth_failure:
    for my $meth ( split /,/, $authlist ) {
        ...
        # next unless $auth->enabled;  # <--  line 116 in v1.29
        ...
    }

    [download]

    If you run your code with this modification, keyboard-interactive is tried in batch mode as well, and you are prompted for a password - the password you supplied to $ssh->login(); is just ignored.

    </update>

    --shmem 

    _($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
[reply]
[d/l]
[select]
      Seems like what I really should have done is look in the /eg dir of the distribution, as the docu suggests somewhere that eluded my first scan. This has

      http://search.cpan.org/src/DBROBINS/Net-SSH-Perl-1.30/eg/cmd.pl

      which seems to accomplish what I want without interactive => 1 in the constructor. (But I haven't actually tried if it works yet ;) )

      UPDATE: Well, I tried it and YOU ARE RIGHT.

      You need interactive => 1

      The sample script they give there is busted. I guess it is time to fire up rt :)

[reply]
[d/l]
[select]
        Well... running that code confirms what I wrote. Log follows.
        Read more... (3 kB)

        and with line 116 in Net::SSH::Perl::AuthMgr commented out:

        Read more... (4 kB)

        --shmem 

        _($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
[reply]
[d/l]
[select]
Re: Is Net::SSH::Perl broken for login via explicit user/password?
by zentara (Archbishop) on Dec 18, 2006 at 17:00 UTC
    Maybe try protocol2 and debug? 
    my $ssh = Net::SSH::Perl->new( $host,  
                port => 22 , 
                protocol => 2, 
               debug => 1,    
                     );

    [download]
    I'm not really a human, but I play one on earth. Cogito ergo sum a bum
[reply]
[d/l]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://590452]
Approved by Crackers2
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others examining the Monastery: (5)
As of 2024-04-23 06:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found