|
Unix VPS
Support
FAQ
Network
Miscellaneous
|
| Net::SSH::AuthorizedKey(3) | User Contributed Perl Documentation | Net::SSH::AuthorizedKey(3) |
NAME
Net::SSH::AuthorizedKey - Virtual Base Class for SSH Public KeysSYNOPSIS
use Net::SSH::AuthorizedKey;
# Either parse a string (without leading whitespace or comments):
my $key = Net::SSH::AuthorizedKey->parse( $line );
if(defined $key) {
# ssh-1 or ssh-2
print "Key parsed, type is ", $key->type(), "\n";
} else {
die "Cannot parse key '$line'";
}
# ... or create an object yourself:
my $pubkey = Net::SSH::AuthorizedKey->new(
options => { from => 'foo@bar.com',
"no-agent-forwarding" => 1 },
key => "123....890",
keylen => 1024,
exponent => 35,
type => "ssh-1",
);
DESCRIPTION
Net::SSH::AuthorizedKey is a virtual base class for ssh public keys. Real implementations of it are Net::SSH::AuthorizedKey::SSH1 and Net::SSH::AuthorizedKey::SSH2.The only way to using it directly is by calling its parse() method, and passing it an authorized_keys string (aka a line from an authorized_keys file). If it recognizes either a ssh-1 or a ssh-2 type key, it will return a Net::SSH::AuthorizedKey::SSH1 or a Net::SSH::AuthorizedKey::SSH2 object, both of which support the accessor methods defined in the FIELDS section below.
The as_string() method will cobble the (perhaps modified) fields together and return them as a string suitable as a line for an authorized_keys file.
METHODS
- "parse( $line )"
- Reads in a single text line containing a ssh-1 or ssh-2 key. Returns a Net::SSH::AuthorizedKey::SSH1 or a Net::SSH::AuthorizedKey::SSH2 object, or "undef" in case of an error.
- "fingerprint()"
- Returns a MD5 hex hash of the parsed key. The hash is unique for functionally identical keys. Fields not contributing to the key's functional uniqueness are ignored.
- "error()"
- Returns the last parsing error encountered as a text string.
- "as_string( )"
- Return the object as a string suitable as a autorized_keys line.
FIELDS
All of the following fields are available via accessors:- "type"
- Type of ssh key, usually "ssh-1" or "ssh-2".
- "key"
- Public key, either a long number (ssh-1) or a line of alphanumeric characters (ssh-2).
- "keylen"
- Length of the key in bit (e.g. 1024).
- "exponent"
- Two-digit number in front of the key in ssh-1 authorized_keys lines.
- "options"
- Returns a reference to a hash with options key/value pairs, listed in front of the key.
IMPLEMENTATION REFERENCE
The key parsers implemented in this distribution are implemented similarily as the authorized_keys file parser in the openssh source distribution.Openssh contains the authorized_keys parser in its auth2_pubkey.c file. The user_key_allowed2() function opens the file and reads it line by line, ignoring leading whitespace, empty and comment lines.
After that, if a line doesn't contain a plain key, the parser skips ahead until the first whitespace (zooming through quoted areas "..." and interpreting '\"' as an escaped quote), then skips this whitespace and tries to read a key one more time.
Regarding options, the Perl parser isn't as elaborate with semantic peculiarities as openssh's auth_parse_options(), but this might be added in the future.
NOTES FOR SUBCLASS DEVELOPERS
If you're just using Net::SSH::AuthorizedKey to parse keys, the following section doesn't concern you. It's only relevant if you add new subclasses to this package, on top of what's already provided.Net::SSH::AuthorizedKey is a (semi-)virtual base class that implements options handling for its SSH1 and SSH2 subclasses.
SSH key lines can contain options that carry values (like command="ls") and binary options that are either set or unset (like "no_agent_forwarding"). To distinguish the two, and to provide a set of allowed option names, the subclass has to implement the method option_type(), which takes an option name, and returns
- undef if the option is not supported
- "s" if the option is a "string" option that carries a value
- 1 if the option is a binary option
The subclasses Net::SSH::AuthorizedKey::SSH1 and Net::SSH::AuthorizedKey::SSH2 are doing this already.
LEGALESE
Copyright 2005-2009 by Mike Schilli, all rights reserved. This program is free software, you can redistribute it and/or modify it under the same terms as Perl itself.AUTHOR
2005, Mike Schilli <m@perlmeister.com>| 2014-05-07 | perl v5.32.1 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.