Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
Net::SSH::Perl::Auth::UsertContributed PerlNet::SSH::Perl::Auth::Rhosts_RSA(3)

       Net::SSH::Perl::Auth::Rhosts_RSA	- Perform Rhosts-RSA authentication

	   use Net::SSH::Perl::Auth;
	   my $auth = Net::SSH::Perl::Auth->new('Rhosts_RSA', $ssh);
	   print "Valid	auth" if $auth->authenticate;

       Net::SSH::Perl::Auth::Rhosts_RSA	performs Rhosts	with RSA
       authentication with a remote sshd server. This is standard Rhosts
       authentication, plus a challenge-response phase where the server	RSA-
       authenticates the client	based on its host key. When you	create a new
       Rhosts_RSA auth object, you give	it an $ssh object, which should
       contain an open connection to an	ssh daemon, as well as any data	that
       the authentication module needs to proceed. In this case, the $ssh
       object must contain the name of the user	trying to open the connection.

       Note that the sshd server will require two things from your client:

       1. Privileged Port
	   sshd	will require your client to be running on a privileged port
	   (below 1024); this will, in turn, likely require your client	to be
	   running as root. If your client is not running on a privileged
	   port, the Rhosts-RSA	authentication request will be denied.

	   If you're running as	root, Net::SSH::Perl should automatically
	   detect that and try to start	up on a	privileged port. If for	some
	   reason that isn't happening,	take a look at the Net::SSH::Perl

       2. Private Host Key
	   In order to do RSA-authentication on	your host key, your client
	   must	be able	to read	the host key. This will	likely be impossible
	   unless you're running as root, because the private host key file
	   (/etc/ssh_host_key) is readable only	by root.

       With that aside,	to use Rhosts-RSA authentication the client sends a
       request to the server to	authenticate it, including the name of the
       user trying to authenticate, as well as the public parts	of the host
       key. The	server first ensures that the host can be authenticated	using
       standard	Rhosts authentication (shosts.equiv, hosts.equiv, etc.).  If
       the client passes this test, the	server sends an	encrypted challenge to
       the client. The client must decrypt this	challenge using	its private
       host key, then respond to the server with its response.

       Once the	response has been sent,	the server responds with success or

       Please see the Net::SSH::Perl manpage for author, copyright, and
       license information.

perl v5.24.1			  2017-03-1Net::SSH::Perl::Auth::Rhosts_RSA(3)


Want to link to this manual page? Use this URL:

home | help