GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::SSH::Perl::Mac(3) User Contributed Perl Documentation Net::SSH::Perl::Mac(3)

Net::SSH::Perl::Mac - MAC support for SSH2 

    use Net::SSH::Perl::Mac;
    my $mac = Net::SSH::Perl::Mac->new('hmac-sha1', $key);
    $mac->hmac("foo bar");

Net::SSH::Perl::Mac (and its subclasses) provides MAC support for the SSH2 implementation in Net::SSH::Perl. In the SSH2 protocol, each packet sent between client and server (after the key exchange and algorithm negotiation phase) contains a MAC to protect its integrity. The sending party computes the MAC over the length, padding, and (encrypted) payload fields of the packet, then appends the MAC; and the receiving party recomputes the MAC against the data that it receives.

The MAC is computed using part of the key that is negotiated during the key exchange phase. During negotiation, packets do not contain MAC; after the SSH_MSG_NEWKEYS message is sent, each side turns on its respective encryption, MAC, and compression code, for each packet that is sent after that point.

Net::SSH::Perl supports two MAC algorithms: hmac-sha1 and hmac-md5. These algorithms are implemented, respectively, by Digest::HMAC_SHA1 and Digest::HMAC_MD5.

Each MAC object supports the following methods:

Constructs a new MAC object and returns that object.

Initializes $mac and sets its key to $key (or rather, to a substring of key, key_len bytes long). As this implies, the key_len method should be called before init to set the intended length of the key.

Computes the MAC over $data, using the key set in the initialization phase, and returns the MAC.

Returns the length of the MAC (eg. 20 for HMAC_SHA1).

Given $len sets the key length of $mac to $len. This should be called before the init method, because init uses this value to take a substring of the provided key value.

Most of the time this should just be set to the MAC length (the len method); certain SSH implementations have a bug, however, wherein they always use only the first 16 bytes of the provided key.

Enables the MAC object. This is used by Net::SSH::Perl::Kex to "turn on" the MAC after key negotiation.

Tests the enabled flag (set with the enable method). This is used by Net::SSH::Perl::Packet to determine whether or not to compute a MAC on an outgoing packet.

Please see the Net::SSH::Perl manpage for author, copyright, and license information.

hmac-sha2-256 and hmac-sha2-512 support added by: Lance Kinley E<lkinley@loyaltymethods.com>

Copyright (c) 2015 Loyalty Methods, Inc.

Hey! The above document had some coding errors, which are explained below:
Around line 182:
Unknown E content in E<lkinley@loyaltymethods.com>
2017-03-12 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.