Also, it is not checking the remote host key. That spoils the security of the SSH protocol.

Ok, I've heard reports that people have had problems with it, but I didn't experience any. You asked for any ideas regarding sftp, so now you are wiser, maybe me too. :-)

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

What is broken with Re^3: instantiating an SFTP object? It is taken right from the perldoc. If it works here, it's not broken. :-)

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

Thanks for your response, zentara . After a third time with a failed login using different methods that seem to work for everyone else, I double-checked my password, which hadn't been updated in my little world of perl development. (sorry about that: I'd roll my eyes if my mom did that) That solves one problem, but as I read, I come closer to the opinion that the preferred method for login is to use RSA key-pairs. So while I want to get some minimal functionality for getting content to my site, I'd also like to update this capability to reflect the methods of grown-ups using encryption.

In order to install Net::SSH2 I had to run the following commands on a debian system:

sudo apt-get install libssh2-1-dev
sudo apt-get install zlib1g
sudo apt-get install zlib1g-dev
[download]

http://www.perlmonks.org/?node_id=569657 was very helpful. Unfortunately, http://cfm.gs.washington.edu/security/ssh/client-pkauth/ gets a 404 from my browser. I looked at https://www.debian.org/devel/passwordlessssh as a source for how I might go forward.

As I look at what's in front of me, I have a machine capable of both SSH1 and SSH2. My ISP makes no distinction. Do I want to use one or the other? Does SSH2 comprehend SSH1? If I write for SSH2, will I have a wider range of application or more likely burdened by a level of encryption that hardly need exist for my little html pages that have nothing to do with banking, or national security and the like?

Anyways, here's caller and sub on the what works now.

#!/usr/bin/perl -w
use strict;
use 5.010;
use lib "template_stuff";
use File::Basename; 
use Net::SSH2;
use File::Spec;
use Term::ReadKey;

my $rftp = get_ftp_object();
say "object created, back in main";
[download]

sub get_ftp_object{
use strict;
use Net::SSH2;
use 5.01;
my $sub_hash = "my_sftp";
my $domain = $config{$sub_hash}->{'domain'};
my $username = $config{$sub_hash}->{'username'};
my $password = $config{$sub_hash}->{'password'};
say "values are $domain $username $password";

#dial up the server
my $ssh2 = Net::SSH2->new();
$ssh2->connect($domain) or die "Unable to connect Host $@ \n";
say "connect worked";
#this works for passwords 
$ssh2->auth_password($username,$password) or die "Unable to login $@ \
+n";
return $ssh2;
}
[download]

Hi, if you read the demo a little more closely, you would see the section:

# works when run from z's homedir because you need
# permission to read the keys
$ssh2->auth_publickey('z',
                 '/home/z/.ssh/id_dsa.pub',
         '/home/z/.ssh/id_dsa',
          $pass );
[download]

Try reading the latest docs for Net::SSH2. maybe that syntax has changed a bit. $pass is the password for your ssh key, not the login account

P.S. use ssh2, ssh1 is very outdated

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

Hi, here is a Net::SSH2 sftp script that works. I just verified it. This shows how to do a login with rsa keys, the password has been changed of course. Works on latest Slackware linux, which is pretty standard generic linux.

#!/usr/bin/perl
use warnings;
use strict;
use Net::SSH2 qw(LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE
                        LIBSSH2_CHANNEL_FLUSH_ALL
                        LIBSSH2_HOSTKEY_POLICY_ASK);

my $pass = 'rumpelstiltskin';
my $ssh2 = Net::SSH2->new( debug => 1 ); 
$ssh2->trace(-1);
$ssh2->timeout(5000);

$ssh2->connect('my.net') or $ssh2->die_with_error;

$ssh2->auth_publickey('me',
                 '/home/me/.ssh/id_rsa.pub',
                   '/home/me/.ssh/id_rsa',
                $pass );


 my $sftp = $ssh2->sftp();
 my $fh = $sftp->open('/etc/passwd') or $sftp->die_with_error;
 print $_ while <$fh>;


return 0;

__END__
[download]

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

After connect you should call check_hostkey. For instance:

$ssh2->check_hostkey(LIBSSH2_HOSTKEY_POLICY_ASK);
[download]

Thanks for this post, zentara, it's really helped me understand the concepts and implementation of rsa authentication in perl. I think that I achieve success in that an sftp object is created using key pairs. The very critical thing to first do is this:

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/bob/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/bob/.ssh/id_rsa.
Your public key has been saved in /home/bob/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LCWI8Wrw14m0Cxz1P+TqmL7Nn+mY19fWETCfjYK87VY bob@bob-ThinkPad-SL
+510
The key's randomart image is:
+---[RSA 2048]----+
|  . .   .        |
|   = o o     o   |
|. o + o +. .  +.o|
| + + + B .o . .+.|
|  * + = S  o .  .|
| . o = .  . . E. |
|    + .  . . o ..|
|   . o o.o. + o .|
|    o.=+=  o .   |
+----[SHA256]-----+
$
[download]

This was output upon first running:

values are home349337426.1and1-data.host 
The authenticity of host 'home349337426.1and1-data.host' can't be esta
+blished.
Key fingerprint is SHA1:6bfe32c8859a967c8ed6cebdd5c48b72edff71c7.
Are you sure you want to continue connecting (yes/no)? y
mkdir is not a valid Net::SSH2 macro at ssh4.pl line 31.
$ 

$
[download]

Running it again, I get none of the dialog regarding whether the responder is trusted. At the end, I'm still left with not being able to invoke a mkdir method.

Turning to the source, the meaning for password has shifted from the one you use for login to the one you used to create the ciphers.

#!/usr/bin/perl -w
use strict;
use Net::SSH2 qw(LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE
                        LIBSSH2_CHANNEL_FLUSH_ALL
                        LIBSSH2_HOSTKEY_POLICY_ASK);

use 5.010;
use lib "template_stuff";
use config2;

# none of this makes any sense until you run
# ssh-keygen -t rsa

my $sub_hash = "my_sftp";
my $domain = $config{$sub_hash}->{'domain'};
my $username = $config{$sub_hash}->{'username'};

say "values are $domain";
my $pass = "ringo";
my $ssh2 = Net::SSH2->new( debug => 1 ); 
$ssh2->trace(-1);
$ssh2->timeout(5000);

$ssh2->connect($domain) or $ssh2->die_with_error;
$ssh2->check_hostkey(LIBSSH2_HOSTKEY_POLICY_ASK);

$ssh2->auth_publickey($username,
                 '/home/bob/.ssh/id_rsa.pub',
                   '/home/bob/.ssh/id_rsa',
                $pass );

my $success = $ssh2->mkdir("perlmonks");
say "success is $success";
return 0;

__END__
[download]

I return to the documentation to find that sftp methods are less than fully supported, indeed that I'm advised to use something else: https://metacpan.org/pod/Net::SSH2#sftp I have found it immensely instructive so far, even if I might use the higher level Net::SFTP::Foreign henceforth. I hope to be able to do roughly this same exercise with that module.