.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37 .\" .\" Standard preamble: .\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to .\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' .\" expand to `' in nroff, nothing in troff, for use with C<>. .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\} .\" .\" If the F register is turned on, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} .\" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "Net::SSH::Perl::Auth::RSA 3" .TH Net::SSH::Perl::Auth::RSA 3 "2008-10-21" "perl v5.8.8" "User Contributed Perl Documentation" .SH "NAME" Net::SSH::Perl::Auth::RSA \- Perform RSA authentication .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 3 \& use Net::SSH::Perl::Auth; \& my $auth = Net::SSH::Perl::Auth->new('RSA', $ssh); \& print "Valid auth" if $auth->authenticate; .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fINet::SSH::Perl::Auth::RSA\fR performs \s-1RSA\s0 authentication with a remote sshd server. When you create a new \s-1RSA\s0 auth object, you give it an \fI$ssh\fR object, which should contain an open connection to an ssh daemon, as well as any data that the authentication module needs to proceed. In this case, for example, the \fI$ssh\fR object might contain a list of \s-1RSA\s0 identity files (see the docs for \fINet::SSH::Perl\fR). .PP The \fIauthenticate\fR method first tries to establish a connection to an authentication agent. If the connection attempt is successful, the client loops through the identities returned from the agent, and tries each identity/key against the server. The client enters into a dialog with the server. The client sends the public portion of the key returned from the agent. The server responds, telling the client whether the key is authorized for authentication; if the key is authorized, the server sends an \s-1RSA\s0 challenge encrypted with the user's public key. The client then asks the agent to decrypt the challenge using the private portion of the key, and sends back its response. If the response is correct, the client is authenticated successfully. .PP If the client cannot connect to the authentication agent, or if none of the identities returned from the agent successfully authenticate the user, \fIauthenticate\fR then loops through each of the files listed as identity files (see the \fINet::SSH::Perl\fR constructor). If no identity files are explicitly listed, \fI$ENV{\s-1HOME\s0}/.ssh/identity\fR is used as a default. For each identity, the client enters into a dialog with the sshd server. .PP The client sends the public key to the server, then waits for a challenge. Once this challenge is received, the client must decrypt the challenge using the private key (loaded from the identity file). When loading the private key, you may need to enter a passphrase to decrypt the private key itself; first \&\fIauthenticate\fR tries to decrypt the key using an empty passphrase (which requires no user intervention). If this fails, the client checks to see if it's running in an interactive session. If so, it queries the user for a passphrase, which is then used to decrypt the private key. If the session is non-interactive and the private key cannot be loaded, the client simply sends a dummy response to the \&\s-1RSA\s0 challenge, to comply with the \s-1SSH\s0 protocol. .PP Otherwise, if the private key has been loaded, and the challenge decrypted, the client sends its response to the server, then waits for success or failure. .SH "AUTHOR & COPYRIGHTS" .IX Header "AUTHOR & COPYRIGHTS" Please see the Net::SSH::Perl manpage for author, copyright, and license information.