Thread

[ home | FAQ | about | stats | new post | login | register | tags ]
Attend the Test automation using Perl master class on 19-20 June in Chicago, IL. Just after YAPC::NA

Net-SSH-Perl [search.cpan.org] [Kobes search] [View and report bugs] [Ratings 4.0 (9) ]
[AnnoCPAN] [CPAN Tests results] [CPANTS]
Posted on Tue May 23 23:18:06 2006 by cmv
How to provide a passphrase in non-interactive mode?

Folks-
I've used this scenario to great success:
1.) Create DSA public and private keys
2.) Put public key into authorized_keys file on target machine
3.) Run cmds from this machine onto target machine without
providing a password, following this template:
$ssh = Net::SSH::Perl->new($target, interactive=>0); $ssh->login($user, ''); # Note null password my ($stdout, $stderr, $exit) = ssh->cmd('date');

Now, I want the private key to be encrypted. This is easy to do:
$key->write_private($keyfile, $passphrase);

However, running the template will fail because the current Net::Perl::SSH
code is designed to only get the passphrase via interaction with the user, and when
interactive=>0
interaction with the user is prevented, and authentication fails.

So, if I have an encrypted private key, and wish to supply the passphrase
without prompting the user (please avoid going into the security holes
behind this design, they've been taken care of) how can I supply the passphrase?

Unless I'm missing something, this cannot be done without a code change.
Off the top of my head, I'd suggest:
$ssh->login($user, $password, $passphrase);

Any help is appreciated!
-Craig
Direct Responses: 4006 | Write a response
Posted on Wed Jan 10 12:44:03 2007 by ggatto in response to 2336
Re: How to provide a passphrase in non-interactive mode?
Hello, is there any update on this thread? I agree that a method like "ssh-login(user, password, passphrase);" is needed. Or, as mentioned in the package docs: "The password $password is needed only for password authentication (it's not used for passphrases on encrypted RSA/DSA identity files, though perhaps it should be). And if you're running in an interactive session and you've not provided a password, you'll be prompted for one.", the $password parameter should be used for passphrases when needed. Thank you for your help. -Giorgio
Write a response
[ home | FAQ | about | stats | new post | login | register | tags ]
Attend the Test automation using Perl master class on 19-20 June in Chicago, IL. Just after YAPC::NA
Service launched on 2nd of February 2005.
Comments, and other submissions on CPAN Forum are Copyright 2005-2007, their respective owners.
Site maintainer is not responsible for content. Privacy Policy
Maintained and hosted by Gabor Szabo at Perl Training Israel
See also World Wide Perl Training