Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
Net::SSH::Perl::Auth::User3Contributed Perl DocumeNet::SSH::Perl::Auth::RSA(3)

       Net::SSH::Perl::Auth::RSA - Perform RSA authentication

	   use Net::SSH::Perl::Auth;
	   my $auth = Net::SSH::Perl::Auth->new('RSA', $ssh);
	   print "Valid	auth" if $auth->authenticate;

       Net::SSH::Perl::Auth::RSA performs RSA authentication with a remote
       sshd server. When you create a new RSA auth object, you give it an $ssh
       object, which should contain an open connection to an ssh daemon, as
       well as any data	that the authentication	module needs to	proceed. In
       this case, for example, the $ssh	object might contain a list of RSA
       identity	files (see the docs for	Net::SSH::Perl).

       The authenticate	method first tries to establish	a connection to	an
       authentication agent. If	the connection attempt is successful, the
       client loops through the	identities returned from the agent, and	tries
       each identity/key against the server. The client	enters into a dialog
       with the	server.	The client sends the public portion of the key
       returned	from the agent.	The server responds, telling the client
       whether the key is authorized for authentication; if the	key is
       authorized, the server sends an RSA challenge encrypted with the	user's
       public key. The client then asks	the agent to decrypt the challenge
       using the private portion of the	key, and sends back its	response. If
       the response is correct,	the client is authenticated successfully.

       If the client cannot connect to the authentication agent, or if none of
       the identities returned from the	agent successfully authenticate	the
       user, authenticate then loops through each of the files listed as
       identity	files (see the Net::SSH::Perl constructor). If no identity
       files are explicitly listed, $ENV{HOME}/.ssh/identity is	used as	a
       default.	For each identity, the client enters into a dialog with	the
       sshd server.

       The client sends	the public key to the server, then waits for a
       challenge. Once this challenge is received, the client must decrypt the
       challenge using the private key (loaded from the	identity file).	When
       loading the private key,	you may	need to	enter a	passphrase to decrypt
       the private key itself; first authenticate tries	to decrypt the key
       using an	empty passphrase (which	requires no user intervention).	If
       this fails, the client checks to	see if it's running in an interactive
       session.	If so, it queries the user for a passphrase, which is then
       used to decrypt the private key.	If the session is non-interactive and
       the private key cannot be loaded, the client simply sends a dummy
       response	to the RSA challenge, to comply	with the SSH protocol.

       Otherwise, if the private key has been loaded, and the challenge
       decrypted, the client sends its response	to the server, then waits for
       success or failure.

       Please see the Net::SSH::Perl manpage for author, copyright, and
       license information.

perl v5.24.1			  2017-03-12	  Net::SSH::Perl::Auth::RSA(3)


Want to link to this manual page? Use this URL:

home | help