Manual Reference Pages - NET::SSH::PERL::AUTH::RHOSTS_RSA (3)
Net::SSH::Perl::Auth::Rhosts_RSA - Perform Rhosts-RSA authentication
my $auth = Net::SSH::Perl::Auth->new(Rhosts_RSA, $ssh);
print "Valid auth" if $auth->authenticate;
Net::SSH::Perl::Auth::Rhosts_RSA performs Rhosts with RSA
authentication with a remote sshd server. This is standard
Rhosts authentication, plus a challenge-response phase where
the server RSA-authenticates the client based on its host
key. When you create a new Rhosts_RSA auth object, you give
it an $ssh object, which should contain an open connection
to an ssh daemon, as well as any data that the authentication
module needs to proceed. In this case, the $ssh object
must contain the name of the user trying to open the connection.
Note that the sshd server will require two things from your
With that aside, to use Rhosts-RSA authentication the client
sends a request to the server to authenticate it, including
the name of the user trying to authenticate, as well as the
public parts of the host key. The server first ensures that
the host can be authenticated using standard Rhosts
authentication (shosts.equiv, hosts.equiv, etc.).
If the client passes this test, the server sends an encrypted
challenge to the client. The client must decrypt this
challenge using its private host key, then respond to the
server with its response.
1. Privileged Port
sshd will require your client to be running on a privileged port
(below 1024); this will, in turn, likely require your client to be
running as root. If your client is not running on a privileged port,
the Rhosts-RSA authentication request will be denied.
If youre running as root, Net::SSH::Perl should
automatically detect that and try to start up on a privileged
port. If for some reason that isnt happening, take a look at
the Net::SSH::Perl docs.
2. Private Host Key
In order to do RSA-authentication on your host key, your client
must be able to read the host key. This will likely be
impossible unless youre running as root, because the private
host key file (/etc/ssh_host_key) is readable only by root.
Once the response has been sent, the server responds with
success or failure.
AUTHOR & COPYRIGHTS
Please see the Net::SSH::Perl manpage for author, copyright,
and license information.
|perl v5.20.3 ||NET::SSH::PERL::AUTH::RHOSTS_RSA (3) ||2015-09-12 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.