Thread: [Ssh-sftp-perl-users] Help using Net::SSH::Perl with automatic authentication
Brought to you by:
dbrobins
Menu
▾
▴
ssh-sftp-perl-users
|
From: Eduardo R. A. <er...@gm...> - 2011-12-08 17:17:43
|
Hi everyone!
I hope this list is still active as I just can't find any help on this.
(And this is my first time ever on mailing list!)
I'm trying to ssh to a remote machine inside a Perl script with
automatic/non-interactive authentication. All machines have keys copied so
that when I ssh through an xterm I don't get prompted for a password and I
get logged in to the other machine without issues. Now, I want the same
using Net::SSH::Perl. My code is as follows:
my $ssh = Net::SSH::Perl->new( $host,
'protocol' => 2,
'debug' => 3,
'interactive' => 0,
'identity_files' =>
["$ENV{'HOME'}/.ssh2/id_rsa_2048_a"],
'options' => [
"AllowedAuthentications publickey",
"QuietMode yes",
"StrictHostKeyChecking no",
]
);
$ssh->login();
I'm getting at the end of the output (I'm removing Perl's paths for a
shorter output)
Trying pubkey authentication with key file '(home)/.ssh2/id_rsa_2048_a'
Invalid key file type 'SSH2': Can't locate Data/Buffer.pm in @INC (...) at
(...)/Crypt/DSA/Key/SSH2.pm line 71.
BEGIN failed--compilation aborted at (...)/Crypt/DSA/Key/SSH2.pm line 71.
Compilation failed in require at (eval 73) line 1.
BEGIN failed--compilation aborted at (eval 73) line 1.
at (...)/Net/SSH/Perl/Key/DSA.pm line 64
Under ~/.ssh2 I got id_rsa_2048_a and id_rsa_2048_a.pub, When I try the
.pub version I get "Loading private key failed" so I'm guessing
Net::SSH::Perl needs the private key to sign the answer to the challenge
the server sends (I'm not too skilled with ssh authentication so I may be
totally wrong).
I also noticed I don't have configuration files under /etc/ssh/ssh or
~/.ssh but under /etc/ssh/ssh2 and ~/.ssh2 and I noticed on the output it's
trying to read the ssh versions but not the ssh2 versions, maybe the
problem is around there.
Anyway, am I missing something here? Am I using the right key? Can someone
enlighten me please?
Thanks in advance for any help you can provide :)
--
ɐʇsoɔɐ zǝɹıɯɐɹ opɹɐnpǝ
"Mas tú, Jehová, eres escudo
alrededor de mí; Mi gloria, y el
que levanta mi cabeza."
Salmo 3:3
|
|
From: Steve P. <st...@fo...> - 2011-12-08 23:18:33
|
On 9/12/2011 4:17 a.m., Eduardo Ramírez Acosta wrote: > Can't locate Data/Buffer.pm in @INC (...) at (...)/Crypt/DSA/Key/SSH2.pm > line 71. I think you'll find that may be part of your problem. It appears to be trying to load the SSH2 module and failing with that error. Do you have all the necessary dependencies installed ? -- Steve. |
|
From: Eduardo R. A. <er...@gm...> - 2011-12-12 16:21:26
|
Looks like it was the Perl installation I was using. I switched to a more recent one and now I'm not getting the Data::Buffer error but I'm getting this (paths and host redacted): machine> ./test.pl machine: Reading configuration data (home)/.ssh/config machine: Reading configuration data /etc/ssh_config machine: Connecting to (host), port 22. machine: Remote version string: SSH-2.0-ReflectionForSecureIT_6.1.2.1 build 3005 machine: Remote protocol version 2.0, remote software version ReflectionForSecureIT_6.1.2.1 build 3005 machine: Net::SSH::Perl Version 1.30, protocol version 2.0. .machine: No compat match: ReflectionForSecureIT_6.1.2.1 build 3005 machine: Connection established. machine: Sent key-exchange init (KEXINIT), wait response. machine: Algorithms, c->s: 3des-cbc hmac-sha1 none machine: Algorithms, s->c: 3des-cbc hmac-sha1 none machine: Entering Diffie-Hellman Group 1 key exchange. machine: Sent DH public key, waiting for reply. machine: Received host key, type 'ssh-dss'. machine: Host '(host)' is known and matches the host key. machine: Computing shared secret key. machine: Verifying server signature. machine: Waiting for NEWKEYS message. machine: Enabling incoming encryption/MAC/compression. machine: Send NEWKEYS, enable outgoing encryption/MAC/compression. machine: Sending request for user-authentication service. machine: Service accepted: ssh-userauth. machine: Trying empty user-authentication request. machine: Authentication methods that can continue: publickey,keyboard-interactive. machine: Next method to try is publickey. machine: Trying pubkey authentication with key file '(home)/.ssh2/id_rsa_2048_a' machine: Will not query passphrase for '(home)/.ssh2/id_rsa_2048_a' in batch mode. machine: Loading private key failed. Permission denied at ./test.pl line 47 Same thing happens with id_rsa_2048_a and id_rsa_2048_a.pub (which one is the correct by the way?). The passphrase is null, could this be the problem? Thanks again, Eduardo 2011/12/8 Steve Phillips <st...@fo...> > On 9/12/2011 4:17 a.m., Eduardo Ramírez Acosta wrote: > >> Can't locate Data/Buffer.pm in @INC (...) at (...)/Crypt/DSA/Key/SSH2.pm >> line 71. >> > > I think you'll find that may be part of your problem. It appears to be > trying to load the SSH2 module and failing with that error. > > Do you have all the necessary dependencies installed ? > > -- > Steve. > -- ɐʇsoɔɐ zǝɹıɯɐɹ opɹɐnpǝ "Mas tú, Jehová, eres escudo alrededor de mí; Mi gloria, y el que levanta mi cabeza." Salmo 3:3 |
|
From: Salvador F. <sfa...@ya...> - 2011-12-12 16:33:50
|
>________________________________ > From: Eduardo Ramírez Acosta <er...@gm...> >To: Steve Phillips <st...@fo...> >Cc: ssh...@li... >Sent: Monday, December 12, 2011 5:20 PM >Subject: Re: [Ssh-sftp-perl-users] Help using Net::SSH::Perl with automatic authentication > > >... > >machine: Trying pubkey authentication with key file '(home)/.ssh2/id_rsa_2048_a' >machine: Will not query passphrase for '(home)/.ssh2/id_rsa_2048_a' in batch mode. > Disable batch mode calling the constructor with... interactive => 1 |
|
From: Eduardo R. A. <er...@gm...> - 2011-12-12 16:41:20
|
Well, actually I want no user interaction at all so disabling batch mode will prompt me for a passphrase, fail and then prompt me for a password. I want a completely automated authentication like when I do ssh from an xterm, since all machines have the keys I'm not getting prompted for a passphrase and/or password but when using Net::SSH::Perl I'm only able to login with a password. Thanks, Eduardo 2011/12/12 Salvador Fandino <sfa...@ya...> > > > ------------------------------ > *From:* Eduardo Ramírez Acosta <er...@gm...> > *To:* Steve Phillips <st...@fo...> > *Cc:* ssh...@li... > *Sent:* Monday, December 12, 2011 5:20 PM > *Subject:* Re: [Ssh-sftp-perl-users] Help using Net::SSH::Perl with > automatic authentication > > ... > > machine: Trying pubkey authentication with key file > '(home)/.ssh2/id_rsa_2048_a' > machine: Will not query passphrase for '(home)/.ssh2/id_rsa_2048_a' in > batch mode. > > > > Disable batch mode calling the constructor with... > > interactive => 1 > > > -- ɐʇsoɔɐ zǝɹıɯɐɹ opɹɐnpǝ "Mas tú, Jehová, eres escudo alrededor de mí; Mi gloria, y el que levanta mi cabeza." Salmo 3:3 |
|
From: Steve P. <st...@fo...> - 2011-12-12 23:41:58
Attachments:
smime.p7s
|
On 13/12/2011 3:20 AM, Eduardo Ramírez Acosta wrote: > Looks like it was the Perl installation I was using. I switched to a > more recent one and now I'm not getting the Data::Buffer error but I'm > getting this (paths and host redacted): > > machine> ./test.pl <http://test.pl> > machine: Reading configuration data (home)/.ssh/config > machine: Reading configuration data /etc/ssh_config > machine: Connecting to (host), port 22. > machine: Remote version string: SSH-2.0-ReflectionForSecureIT_6.1.2.1 > build 3005 > > machine: Remote protocol version 2.0, remote software version > ReflectionForSecureIT_6.1.2.1 build 3005 > machine: Net::SSH::Perl Version 1.30, protocol version 2.0. > .machine: No compat match: ReflectionForSecureIT_6.1.2.1 build 3005 > machine: Connection established. > machine: Sent key-exchange init (KEXINIT), wait response. > machine: Algorithms, c->s: 3des-cbc hmac-sha1 none > machine: Algorithms, s->c: 3des-cbc hmac-sha1 none > machine: Entering Diffie-Hellman Group 1 key exchange. > machine: Sent DH public key, waiting for reply. > machine: Received host key, type 'ssh-dss'. > machine: Host '(host)' is known and matches the host key. > machine: Computing shared secret key. > machine: Verifying server signature. > machine: Waiting for NEWKEYS message. > machine: Enabling incoming encryption/MAC/compression. > machine: Send NEWKEYS, enable outgoing encryption/MAC/compression. > machine: Sending request for user-authentication service. > machine: Service accepted: ssh-userauth. > machine: Trying empty user-authentication request. > machine: Authentication methods that can continue: > publickey,keyboard-interactive. > machine: Next method to try is publickey. > machine: Trying pubkey authentication with key file > '(home)/.ssh2/id_rsa_2048_a' > machine: Will not query passphrase for '(home)/.ssh2/id_rsa_2048_a' in > batch mode. > machine: Loading private key failed. > Permission denied at ./test.pl <http://test.pl> line 47 > > Same thing happens with id_rsa_2048_a and id_rsa_2048_a.pub (which one > is the correct by the way?). The passphrase is null, could this be the > problem? > Thanks again, > Eduardo > It seems it is trying to load your private key and failing for some reason. Is there a way to turn on more debugging (I'm no longer using this module so I forget what options there are available) - also, I'd be checking the file permissions to ensure that this user can actually read the file (to eliminate the obvious) Also, I assume that (home) is just your deletion of the fully qualified home directory ? And the id_rsa_2048_a is the correct file, the other should go on the other side of the connection and be called something like (or appended to if this file already exists) 'authorized_keys' under the remote .ssh (or .ssh2) directory depending on implementation. You'll possibly need to check your man page to verify this as it seems you have a different installation of ssh to the one I'm used to. The public/private thing however is pretty standard, the 'public' key goes on the remote side (the .pub file) and the private key is used locally (and should only be readable by the user - so mode 600) HTH, -- Steve. |
|
From: Eduardo R. A. <er...@gm...> - 2011-12-14 19:43:28
|
Well, permissions are O.K. on the keyfiles (600). Yes, (home) is the redacted path to my home directory. Under .ssh I have a known_hosts2 text file with the list of machines I usually connect and their keys (I believe), this is present in all machines I usually connect to. Also, under .ssh2 I have a hostskeys directory with all .pub files from machines I usually connect to, this is also present on all of them. I also created DSA keys and I'm having the same issue. So everything seems to be O.K. from what you told me and everything I've researched. I'm totally lost about what else I can try... 2011/12/12 Steve Phillips <st...@fo...> > On 13/12/2011 3:20 AM, Eduardo Ramírez Acosta wrote: > >> Looks like it was the Perl installation I was using. I switched to a >> more recent one and now I'm not getting the Data::Buffer error but I'm >> getting this (paths and host redacted): >> >> machine> ./test.pl <http://test.pl> >> >> machine: Reading configuration data (home)/.ssh/config >> machine: Reading configuration data /etc/ssh_config >> machine: Connecting to (host), port 22. >> machine: Remote version string: SSH-2.0-ReflectionForSecureIT_6.1.2.1 >> build 3005 >> >> machine: Remote protocol version 2.0, remote software version >> ReflectionForSecureIT_6.1.2.1 build 3005 >> machine: Net::SSH::Perl Version 1.30, protocol version 2.0. >> .machine: No compat match: ReflectionForSecureIT_6.1.2.1 build 3005 >> machine: Connection established. >> machine: Sent key-exchange init (KEXINIT), wait response. >> machine: Algorithms, c->s: 3des-cbc hmac-sha1 none >> machine: Algorithms, s->c: 3des-cbc hmac-sha1 none >> machine: Entering Diffie-Hellman Group 1 key exchange. >> machine: Sent DH public key, waiting for reply. >> machine: Received host key, type 'ssh-dss'. >> machine: Host '(host)' is known and matches the host key. >> machine: Computing shared secret key. >> machine: Verifying server signature. >> machine: Waiting for NEWKEYS message. >> machine: Enabling incoming encryption/MAC/compression. >> machine: Send NEWKEYS, enable outgoing encryption/MAC/compression. >> machine: Sending request for user-authentication service. >> machine: Service accepted: ssh-userauth. >> machine: Trying empty user-authentication request. >> machine: Authentication methods that can continue: >> publickey,keyboard-interactive. >> machine: Next method to try is publickey. >> machine: Trying pubkey authentication with key file >> '(home)/.ssh2/id_rsa_2048_a' >> machine: Will not query passphrase for '(home)/.ssh2/id_rsa_2048_a' in >> batch mode. >> machine: Loading private key failed. >> Permission denied at ./test.pl <http://test.pl> line 47 >> >> >> Same thing happens with id_rsa_2048_a and id_rsa_2048_a.pub (which one >> is the correct by the way?). The passphrase is null, could this be the >> problem? >> Thanks again, >> Eduardo >> >> > It seems it is trying to load your private key and failing for some > reason. Is there a way to turn on more debugging (I'm no longer using this > module so I forget what options there are available) - also, I'd be > checking the file permissions to ensure that this user can actually read > the file (to eliminate the obvious) > > Also, I assume that (home) is just your deletion of the fully qualified > home directory ? > > And the id_rsa_2048_a is the correct file, the other should go on the > other side of the connection and be called something like (or appended to > if this file already exists) 'authorized_keys' under the remote .ssh (or > .ssh2) directory depending on implementation. You'll possibly need to check > your man page to verify this as it seems you have a different installation > of ssh to the one I'm used to. The public/private thing however is pretty > standard, the 'public' key goes on the remote side (the .pub file) and the > private key is used locally (and should only be readable by the user - so > mode 600) > > HTH, > > -- > Steve. > > -- ɐʇsoɔɐ zǝɹıɯɐɹ opɹɐnpǝ "Mas tú, Jehová, eres escudo alrededor de mí; Mi gloria, y el que levanta mi cabeza." Salmo 3:3 |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X