Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

net::ssh::perl Wrong key type

by jpsaraiva (Novice)
on Aug 22, 2019 at 17:23 UTC ( #11104861=perlquestion: print w/replies, xml ) Need Help??

jpsaraiva has asked for the wisdom of the Perl Monks concerning the following question:

Hello, I'm trying to write some code capable of authenticating with a private key on windows. I generate my key with no passphrase:
c:\var\client>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): client_k +ey Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in client_key. Your public key has been saved in client_key.pub. The key fingerprint is: SHA256:eBU07eoloUWInreyZ2WkYMvBAhISc2OIsiE1gp+iS4E user@localhost The key's randomart image is: +---[RSA 3072]----+ |O=* . o+. | |X=.o . . .o. | |+= o o . ... | |E.o . B...+ . | |... +.=S* o | |.. +.+ = . | |.. o + o | |. . o . | | o | +----[SHA256]-----+
The key can be used successfully to authenticate:
c:\var\client>ssh -i client_key localhost Last login: Thu Aug 22 16:34:22 2019 $
My perl code is very simple at the moment:
use Net::SSH::Perl; my $server='localhost'; my %params = ( "protocol" => '2', "use_pty" => 0, "options" => ["stricthostkeychecking no"], "identity_files" => ["client_key"], "debug" => 1, ); $ssh = Net::SSH::Perl->new($server, %params); $ssh->login();
But executing it returns Wrong key type.
c:\var\client>perl test.pl localhost: Reading configuration data C:\Users\user\.ssh\config localhost: Reading configuration data C:\windows\ssh_config localhost: Connecting to localhost, port 22. localhost: Remote version string: SSH-2.0-OpenSSH_8.0 localhost: Remote protocol version 2.0, remote software version OpenSS +H_8.0 localhost: Net::SSH::Perl Version 2.14, protocol version 2.0. localhost: No compat match: OpenSSH_8.0. localhost: Connection established. localhost: Sent key-exchange init (KEXINIT), waiting for response. localhost: Using curve25519-sha256@libssh.org for key exchange localhost: Host key algorithm: ssh-ed25519 localhost: Algorithms, c->s: chacha20-poly1305@openssh.com <implicit> +none localhost: Algorithms, s->c: chacha20-poly1305@openssh.com <implicit> +none localhost: Generating ephemeral key pair. localhost: Entering Curve 25519 Key Exchange. localhost: Sent client public key, waiting for reply. localhost: Received host key, type 'ssh-ed25519'. localhost: Host 'localhost' is known and matches the host key. localhost: Verifying server signature. localhost: Send NEWKEYS. localhost: Waiting for NEWKEYS message. localhost: Enabling encryption/MAC/compression. localhost: Sending request for user-authentication service. localhost: SSH2_MSG_EXT_INFO received localhost: SSH Extension activated: server-sig-algs=ssh-ed25519,ssh-rs +a,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-ni +stp384,ecdsa-sha2-nistp521 localhost: Service accepted: ssh-userauth. localhost: Trying empty user-authentication request. localhost: Authentication methods that can continue: publickey,passwor +d,keyboard-interactive. localhost: Next method to try is publickey. localhost: Trying pubkey authentication with key file 'client_key' Wrong key type at C:/Strawberry/perl/site/lib/Net/SSH/Perl/Auth/Public +Key.pm line 83.
I've tried generating DSA type keys and the error is the same. Googling it is not helping either.

Any help appreciated!

Regards.

Replies are listed 'Best First'.
Re: net::ssh::perl Wrong key type
by jcb (Hermit) on Aug 22, 2019 at 23:09 UTC

    I will take a guess on this and say that Net::SSH::Perl wants to load a public key at that point (maybe it wants both keys?) and is complaining because you gave it a private key. I base this on the error originating from Net::SSH::Perl::Auth::PublicKey, although I have not used this package myself, so I may be completely wrong.

    Try setting identity_files => ['client_key', 'client_key.pub'] and see if that helps.

      Hi jcb,

      Thank you for the pointer, unfortunatelly it does not work.

      I've seen that on other modules like Net::SSH2, auth_publickey expects the path for both public and private keys.

      It appears not to be the case with Net::SSH::Perl. Adding the public key does not change the outcome:

      my %params = ( "protocol" => '2', "use_pty" => 0, "options" => ["stricthostkeychecking no"], "identity_files" => ["client_key","client_key.pub"], "debug" => 1, ); $ssh = Net::SSH::Perl->new($server, %params);# debug=>1, identity_file +s=>\@KEYFILE); $ssh->login();
      localhost: Authentication methods that can continue: publickey,passwor +d,keyboard-interactive. localhost: Next method to try is publickey. localhost: Trying pubkey authentication with key file 'client_key' Wrong key type at C:/Strawberry/perl/site/lib/Net/SSH/Perl/Auth/Public +Key.pm line 83.

      If I try having the public key in the first place it just fails and tries the next one:

      localhost: Next method to try is publickey. localhost: Trying pubkey authentication with key file 'client_key.pub' Use of uninitialized value $object in substitution (s///) at C:/Strawb +erry/perl/site/lib/Net/SSH/Perl/Key.pm line 109. Use of uninitialized value $object in substitution (s///) at C:/Strawb +erry/perl/site/lib/Net/SSH/Perl/Key.pm line 109. localhost: Will not query passphrase for 'client_key.pub' in batch mod +e. Use of uninitialized value $object in substitution (s///) at C:/Strawb +erry/perl/site/lib/Net/SSH/Perl/Key.pm line 109. Use of uninitialized value $object in substitution (s///) at C:/Strawb +erry/perl/site/lib/Net/SSH/Perl/Key.pm line 109. localhost: Loading private key failed. localhost: Trying pubkey authentication with key file 'client_key' Wrong key type at C:/Strawberry/perl/site/lib/Net/SSH/Perl/Auth/Public +Key.pm line 83.

      I'm going to try all the key formats I manage to generate to check if there any issue there, since I don't know what else might be causing the problem.

      Regards.

        Found out a format that worked!

        ssh-keygen by default generates keys like:

        -----BEGIN OPENSSH PRIVATE KEY----- ...

        I tried other combinations until I found one that worked:

        $ openssl genrsa -out privatekey -----BEGIN RSA PRIVATE KEY----- ... $ chmod 600 privatekey $ ssh-keygen -y -f privatekey > publickey

        Running the script again, results in a successful login:

        localhost: Trying pubkey authentication with key file 'privatekey' localhost: Login completed, opening dummy shell channel. localhost: channel 0: new [client-session] localhost: Requesting channel_open for channel 0.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://11104861]
Front-paged by haukex
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (8)
As of 2019-09-17 10:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    The room is dark, and your next move is ...












    Results (206 votes). Check out past polls.

    Notices?