GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::SSH::Perl::Auth::RSA(3) User Contributed Perl Documentation Net::SSH::Perl::Auth::RSA(3)

Net::SSH::Perl::Auth::RSA - Perform RSA authentication

    use Net::SSH::Perl::Auth;
    my $auth = Net::SSH::Perl::Auth->new('RSA', $ssh);
    print "Valid auth" if $auth->authenticate;

Net::SSH::Perl::Auth::RSA performs RSA authentication with a remote sshd server. When you create a new RSA auth object, you give it an $ssh object, which should contain an open connection to an ssh daemon, as well as any data that the authentication module needs to proceed. In this case, for example, the $ssh object might contain a list of RSA identity files (see the docs for Net::SSH::Perl).

The authenticate method first tries to establish a connection to an authentication agent. If the connection attempt is successful, the client loops through the identities returned from the agent, and tries each identity/key against the server. The client enters into a dialog with the server. The client sends the public portion of the key returned from the agent. The server responds, telling the client whether the key is authorized for authentication; if the key is authorized, the server sends an RSA challenge encrypted with the user's public key. The client then asks the agent to decrypt the challenge using the private portion of the key, and sends back its response. If the response is correct, the client is authenticated successfully.

If the client cannot connect to the authentication agent, or if none of the identities returned from the agent successfully authenticate the user, authenticate then loops through each of the files listed as identity files (see the Net::SSH::Perl constructor). If no identity files are explicitly listed, $ENV{HOME}/.ssh/identity is used as a default. For each identity, the client enters into a dialog with the sshd server.

The client sends the public key to the server, then waits for a challenge. Once this challenge is received, the client must decrypt the challenge using the private key (loaded from the identity file). When loading the private key, you may need to enter a passphrase to decrypt the private key itself; first authenticate tries to decrypt the key using an empty passphrase (which requires no user intervention). If this fails, the client checks to see if it's running in an interactive session. If so, it queries the user for a passphrase, which is then used to decrypt the private key. If the session is non-interactive and the private key cannot be loaded, the client simply sends a dummy response to the RSA challenge, to comply with the SSH protocol.

Otherwise, if the private key has been loaded, and the challenge decrypted, the client sends its response to the server, then waits for success or failure.

Please see the Net::SSH::Perl manpage for author, copyright, and license information.
2017-03-12 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.