Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication?
Brought to you by:
dbrobins
Menu
▾
▴
Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication?
|
From: Anthony L. <ant...@ya...> - 2012-02-10 16:01:46
|
Thank you for your continued support. I followed the instructions at http://www.csse.uwa.edu.au/~ryan/tech/ssh-no-password.html and created authorized_keys2 which contains the public key. In my case, it is exactly the same as id_dsa.pub. See below: aliu@aliu-VirtualBox:~/.ssh$ ls -l total 16 -rw------- 1 aliu aliu 612 2012-02-10 09:52 authorized_keys2 -rw------- 1 aliu aliu 668 2012-02-09 16:01 id_dsa -rw-r--r-- 1 aliu aliu 612 2012-02-09 16:01 id_dsa.pub -rw-r--r-- 1 aliu aliu 222 2012-02-09 14:36 known_hosts aliu@aliu-VirtualBox:~/.ssh$ When I run the code I pasted yesterday, I get an error which says: sftp error[-37] LIBSSH2_ERROR_EAGAIN: Would block requesting userauth list I have no idea what this error means and how to go about it fixing it. I do have id_dsa and id_dsa.pub in the same folder as my perl script on my windows 7 box. ________________________________ From: Russ Brewer <us...@gm...> To: Anthony Liu <ant...@ya...> Sent: Thursday, February 9, 2012 5:48 PM Subject: Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication? Anthony, Is the host target you are connecting to your ubuntu server? If so, are you sure you have the public key correctly installed on the target server? Typically, this would be in the .ssh directory in the home directory for user aliu, for example: /home/aliu/.ssh (with directory permission 600) Within the .ssh directory should be a file named 'authorized_keys' which must hold a copy of the public key you created. If this file is not present, create it and then append the public portion of the key pair into it. When you sftp to the ubuntu server as user aliu, the system uses the /home/aliu/.ssh/authorized_keys file to verify and validate the person attempting the login. The key pair being used for authentication is the private half on the Windows server and the public half as installed in the authorized_keys file on the destination server. I apologize if I am addressing issues you are sure are not the issue. But in my experience the single largest reason for not being able to automate a Perl based ssh or sftp connection is that the keys pairs are not properly installed with correct permissions. Russ On Thu, Feb 9, 2012 at 5:12 PM, Anthony Liu <ant...@ya...> wrote: OK, thanks. I am testing Net::SSH2. > > >I run sshd on my ubuntu box. I logged into my ubuntu as aliu, generated a pair of dsa keys through ssh-keygen -t dsa > > >I transferred the key pair files to my windows box and run this: > > >use Net::SSH2; > > >$host = "my.server.com"; >$port = 22; >$user = "aliu"; >$publickey="id_dsa.pub"; >$privatekey = "id_dsa"; > > >my $sftp = Net::SSH2->new(); >$sftp->connect($host, $port) or die $!; > > >$sftp->auth_publickey($user, $publickey, $privatekey); > > >if ($sftp->error) >{ > my ( $code, $error_name, $error_message ) = $sftp->error; > print "sftp error[$code] $error_name: $error_message \n"; > > >} >else >{ > print "Hooray!"; >} > > >The error message says: > > >sftp error[-18] LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED: Username/PublicKey combina >tion invalid > > >Note that I have no problem ssh-ing to my ubuntu sshd instance through WinSCP using user name aliu and my password. > > > >________________________________ > From: Russ Brewer <us...@gm...> >To: Anthony Liu <ant...@ya...> >Sent: Thursday, February 9, 2012 1:12 PM > >Subject: Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication? > > > >The following works for a Net::SFTP::Foreign connection. > I use a Linux system not Windows so I am not sure what difference that might make. But I see this in the documentation at the CPAN site: > >"Note that password authentication on Windows OSs only works when the Cygwin port of Perl is used." > >Do you meet that requirement? > >On my Linux system I use the following code: > > # the '-v' arg sets ssh debug mode > # our @sshargs = ('-v'); > > my $hostname = 'hostname' > my $ssh_cmd = "/usr/bin/ssh" > my $user = 'user' > my $password = 'password'; # or passphrase > my $pki_no_passphrase = 'yes'; # or no if using a password or a passphrase > > our $sftp; > our @ssh_options; > if ( $pki_no_passphrase =~ /^yes$/i ) { > # using pki keys with no passphrase protection > @ssh_options = ('-oPreferredAuthentications=publickey'); > $sftp = Net::SFTP::Foreign->new( > host => $hostname, > user => $user, > ssh_cmd => $ssh_cmd, > more => [@ssh_options] > ); > } else { > # password (or passphrase protected pki key) is in use > @ssh_options = ('-oPreferredAuthentications=publickey,password'); > $sftp = Net::SFTP::Foreign->new( > host => $hostname, > user => $user, > password => $password, > expect_log_user => 1, > ssh_cmd => $ssh_cmd, > more => [@ssh_options] > ); > } > >You must have the Expect.pm module to use a password or a non-empty PKI passphrase. You must use the 'expect_log_user' item when using a password or a non-empty passphrase. > >If you are using an empty PKI passphrase you do not use the 'password' or 'expect_log_user' items. This is the easiest way to do it and you don't have to store the password or passphrase in your script. > > >On Thu, Feb 9, 2012 at 11:39 AM, Anthony Liu <ant...@ya...> wrote: > >Thank you for your hint. Yes, I am really after sftp, and I did try Net::SFTP::Foreign. But I can't seem to succeed. Problem is I can't figure out what combination of parameters I should use in the constructor. >> >> >>use Net::SFTP::Foreign; >> >> >>$host = "my.sftp.server.com"; >>$port = 22; >>$user = "myusername"; >>$keypath = "c:/path/to/private.key"; >>$ssh = "c:/path/to/putty.exe"; >> >> >>my $sftp = Net::SFTP::Foreign-> new(host=>$host, port=>$port, user=>$user, ssh_cmd=>$ssh, key_path=>$keypath); >> >> >>if ($sftp->error) >>{ >> print "sftp error: ". $sftp ->error."\n"; >>} >> >> >>I get an error running this, which says "Invalid option 'key_path' or bad combination of options at ..". >> >> >>I have to use the given user name and the given private key file to get authenticated by the remote SFTP server. >> >> >> >>________________________________ >> From: Russ Brewer <us...@gm...> >>To: Anthony Liu <ant...@ya...> >>Sent: Wednesday, February 8, 2012 5:24 PM >>Subject: Re: [Ssh-sftp-perl-users] How to load my private DSA key for authentication? >> >> >> >>Net::SSH::Perl supports PKI keys. This is how I do it -- and how I error check it. >> >> eval {$ssh = Net::SSH::Perl->new($remote_server, debug=>0)}; >> >> if ($@) { >> print "Failed SSH Connection to $remote_server\n"; >> print "$@\n"; >> } else { >> print " Successful SSH connection to $remote_server\n"; >> } >> >> ## Don't need to $user or $password if PKI key pairs are set up, working correctly, and >> ## script is being run by $user >> >> ## $ssh->login($user, $password) >> >> eval {$ssh->login()}; >> if ($@) { >> print "Failed Login on Server $remote_server\n"; >> print "$@"; >> } else { >> print " Successful SSH login to $remote_server\n"; >> } >> >>Test your key pairs manually from the command line to be sure they are set up correctly. >>But if what you are really after is a Net::SFTP file transfer, I recommend Net::SFTP::Foreign instead of Net::SFTP (which is build on Net::SSH::Perl) >> >> >>On Wed, Feb 8, 2012 at 4:48 PM, Anthony Liu <ant...@ya...> wrote: >> >>Hi, I am wondering if anyone of you could give me a hint. Using Net::SSH::Perl, how do I authenticate myself through my user name and my DSA private key? >>> >>> >>>$host = "my.server.com"; >>>$user = "myusername"; >>>$pk = "private.key"; >>>$port = 22; >>> >>> >>>$sftp = Net::SSH::Perl->new (?????); # What constructor do I use? >>> >>> >>>Any hint? Thank you. >>> >>> >>>If Net::SSH::Perl doesn't support public/private key authentication, what other module can I use? Any minimum working example? >>>------------------------------------------------------------------------------ >>>Keep Your Developer Skills Current with LearnDevNow! >>>The most comprehensive online learning library for Microsoft developers >>>is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, >>>Metro Style Apps, more. Free future releases when you subscribe now! >>>http://p.sf.net/sfu/learndevnow-d2d >>>_______________________________________________ >>>Ssh-sftp-perl-users mailing list >>>Ssh...@li... >>>https://lists.sourceforge.net/lists/listinfo/ssh-sftp-perl-users >>> >>> >> >> >> > > > |
