my $ssh = Net::SSH::Perl->new($ssh_box, interactive => 1);
Passwords and passphrases are read only in interactive mode, and always
from the tty. In batch mode, all passwords are ignored.
Thus batch mode works only with public/private key pairs (rsa or dsa mode),
which is IMHO The Right Thing. Storing passwords as plaintext in config
files or scripts is unwise at it's best.
The documentation of Net::SSH::Perl is misleading on this behalf,
as the method
$ssh->login($user, $pass);
will never work - by design!
Searching a bit further, I found the following in Net::SSH::Perl::Auth::KeyboardInt:
The authenticate method will enter into a dialog with the server. For
keyboard-interactive authentication, this entails sending a request to
authenticate the user using this form of authentication, then waiting for
any number of prompts for authentication. These prompts are then presented
to the user, who enters his/her responses; the responses are then sent back
to the server, which either allows or denies the user's credentials.
The fact that this authentication method requires responses to interactive prompts requires that you only use this method in an interactive SSH connection.
Net::SSH::Perl appearently supports - besides user/password pairs
- also challenge/response authentication methods; the authentication can involve
multiple methods with would not fit into a simple user/pass schema.
I recall that this question is asked often; the manual page of Net::SSH::Perl
is outdated and inaccurate and should be fixed. But it has a link for reporting bugs ;-)
<update>
If Net::SSH::Perl operates in batch mode, it disables the keyboard-interactive authentication method. You can verify this by commenting out line 116 of $perllib/Net/SSH/AuthMgr.pm:
# in sub auth_failure:
for my $meth ( split /,/, $authlist ) {
...
# next unless $auth->enabled; # <-- line 116 in v1.29
...
}
If you run your code with this modification, keyboard-interactive is tried in batch mode as well, and you are prompted for a password - the password you supplied to $ssh->login(); is just ignored.
</update>
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
|