Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication?
Brought to you by:
dbrobins
Menu
▾
▴
Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication?
|
From: Anthony L. <ant...@ya...> - 2012-02-09 22:12:24
|
OK, thanks. I am testing Net::SSH2. I run sshd on my ubuntu box. I logged into my ubuntu as aliu, generated a pair of dsa keys through ssh-keygen -t dsa I transferred the key pair files to my windows box and run this: use Net::SSH2; $host = "my.server.com"; $port = 22; $user = "aliu"; $publickey="id_dsa.pub"; $privatekey = "id_dsa"; my $sftp = Net::SSH2->new(); $sftp->connect($host, $port) or die $!; $sftp->auth_publickey($user, $publickey, $privatekey); if ($sftp->error) { my ( $code, $error_name, $error_message ) = $sftp->error; print "sftp error[$code] $error_name: $error_message \n"; } else { print "Hooray!"; } The error message says: sftp error[-18] LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED: Username/PublicKey combina tion invalid Note that I have no problem ssh-ing to my ubuntu sshd instance through WinSCP using user name aliu and my password. ________________________________ From: Russ Brewer <us...@gm...> To: Anthony Liu <ant...@ya...> Sent: Thursday, February 9, 2012 1:12 PM Subject: Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication? The following works for a Net::SFTP::Foreign connection. I use a Linux system not Windows so I am not sure what difference that might make. But I see this in the documentation at the CPAN site: "Note that password authentication on Windows OSs only works when the Cygwin port of Perl is used." Do you meet that requirement? On my Linux system I use the following code: # the '-v' arg sets ssh debug mode # our @sshargs = ('-v'); my $hostname = 'hostname' my $ssh_cmd = "/usr/bin/ssh" my $user = 'user' my $password = 'password'; # or passphrase my $pki_no_passphrase = 'yes'; # or no if using a password or a passphrase our $sftp; our @ssh_options; if ( $pki_no_passphrase =~ /^yes$/i ) { # using pki keys with no passphrase protection @ssh_options = ('-oPreferredAuthentications=publickey'); $sftp = Net::SFTP::Foreign->new( host => $hostname, user => $user, ssh_cmd => $ssh_cmd, more => [@ssh_options] ); } else { # password (or passphrase protected pki key) is in use @ssh_options = ('-oPreferredAuthentications=publickey,password'); $sftp = Net::SFTP::Foreign->new( host => $hostname, user => $user, password => $password, expect_log_user => 1, ssh_cmd => $ssh_cmd, more => [@ssh_options] ); } You must have the Expect.pm module to use a password or a non-empty PKI passphrase. You must use the 'expect_log_user' item when using a password or a non-empty passphrase. If you are using an empty PKI passphrase you do not use the 'password' or 'expect_log_user' items. This is the easiest way to do it and you don't have to store the password or passphrase in your script. On Thu, Feb 9, 2012 at 11:39 AM, Anthony Liu <ant...@ya...> wrote: Thank you for your hint. Yes, I am really after sftp, and I did try Net::SFTP::Foreign. But I can't seem to succeed. Problem is I can't figure out what combination of parameters I should use in the constructor. > > >use Net::SFTP::Foreign; > > >$host = "my.sftp.server.com"; >$port = 22; >$user = "myusername"; >$keypath = "c:/path/to/private.key"; >$ssh = "c:/path/to/putty.exe"; > > >my $sftp = Net::SFTP::Foreign-> new(host=>$host, port=>$port, user=>$user, ssh_cmd=>$ssh, key_path=>$keypath); > > >if ($sftp->error) >{ > print "sftp error: ". $sftp ->error."\n"; >} > > >I get an error running this, which says "Invalid option 'key_path' or bad combination of options at ..". > > >I have to use the given user name and the given private key file to get authenticated by the remote SFTP server. > > > >________________________________ > From: Russ Brewer <us...@gm...> >To: Anthony Liu <ant...@ya...> >Sent: Wednesday, February 8, 2012 5:24 PM >Subject: Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication? > > > >Net::SSH::Perl supports PKI keys. This is how I do it -- and how I error check it. > > eval {$ssh = Net::SSH::Perl->new($remote_server, debug=>0)}; > > if ($@) { > print "Failed SSH Connection to $remote_server\n"; > print "$@\n"; > } else { > print " Successful SSH connection to $remote_server\n"; > } > > ## Don't need to $user or $password if PKI key pairs are set up, working correctly, and > ## script is being run by $user > > ## $ssh->login($user, $password) > > eval {$ssh->login()}; > if ($@) { > print "Failed Login on Server $remote_server\n"; > print "$@"; > } else { > print " Successful SSH login to $remote_server\n"; > } > >Test your key pairs manually from the command line to be sure they are set up correctly. >But if what you are really after is a Net::SFTP file transfer, I recommend Net::SFTP::Foreign instead of Net::SFTP (which is build on Net::SSH::Perl) > > >On Wed, Feb 8, 2012 at 4:48 PM, Anthony Liu <ant...@ya...> wrote: > >Hi, I am wondering if anyone of you could give me a hint. Using Net::SSH::Perl, how do I authenticate myself through my user name and my DSA private key? >> >> >>$host = "my.server.com"; >>$user = "myusername"; >>$pk = "private.key"; >>$port = 22; >> >> >>$sftp = Net::SSH::Perl->new (?????); # What constructor do I use? >> >> >>Any hint? Thank you. >> >> >>If Net::SSH::Perl doesn't support public/private key authentication, what other module can I use? Any minimum working example? >>------------------------------------------------------------------------------ >>Keep Your Developer Skills Current with LearnDevNow! >>The most comprehensive online learning library for Microsoft developers >>is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, >>Metro Style Apps, more. Free future releases when you subscribe now! >>http://p.sf.net/sfu/learndevnow-d2d >>_______________________________________________ >>Ssh-sftp-perl-users mailing list >>Ssh...@li... >>https://lists.sourceforge.net/lists/listinfo/ssh-sftp-perl-users >> >> > > > |
