Net::SSH::Perl::Auth::Rhosts - Perform Rhosts authentication

Net-SSH-Perl documentation Contained in the Net-SSH-Perl distribution.

Index

Code Index:

NAME

Top

Net::SSH::Perl::Auth::Rhosts - Perform Rhosts authentication

SYNOPSIS

Top

    use Net::SSH::Perl::Auth;
    my $auth = Net::SSH::Perl::Auth->new('Rhosts', $ssh);
    print "Valid auth" if $auth->authenticate;

DESCRIPTION

Top

Net::SSH::Perl::Auth::Rhosts performs Rhosts authentication with a remote sshd server. When you create a new Rhosts auth object, you give it an $ssh object, which should contain an open connection to an ssh daemon, as well as any data that the authentication module needs to proceed. In this case, the $ssh object must contain the name of the user trying to open the connection.

Rhosts authentication is fairly simple from a protocol point of view. However, note that the sshd server will require your client to be running on a privileged port (below 1024); this will, in turn, likely require your client to be running as root. If your client is not running on a privileged port, the Rhosts authentication request will be denied.

If you're running as root, Net::SSH::Perl should automatically detect that and try to start up on a privileged port. If for some reason that isn't happening, take a look at the Net::SSH::Perl docs.

With that aside, to use Rhosts authentication the client sends a request to the server to authenticate it, including the name of the user trying to authenticate. The server uses its shosts.equiv, hosts.equiv, etc. files to determine whether the user/host should be allowed access.

AUTHOR & COPYRIGHTS

Top

Please see the Net::SSH::Perl manpage for author, copyright, and license information.

Net-SSH-Perl documentation Contained in the Net-SSH-Perl distribution. 
# $Id: Rhosts.pm,v 1.10 2003/12/03 15:35:21 autarch Exp $

package Net::SSH::Perl::Auth::Rhosts;

use strict;

use Net::SSH::Perl::Constants qw(
    SSH_SMSG_FAILURE
    SSH_SMSG_SUCCESS
    SSH_CMSG_AUTH_RHOSTS );

use Net::SSH::Perl::Packet;
use Net::SSH::Perl::Auth;
use base qw( Net::SSH::Perl::Auth );

use Scalar::Util qw(weaken);

sub new {
    my $class = shift;
    my $ssh = shift;
    my $auth = bless { ssh => $ssh }, $class;
    weaken $auth->{ssh};
    $auth;
}

sub authenticate {
    my $auth = shift;
    my($packet);
    my $ssh = $auth->{ssh};

    $ssh->debug("Rhosts authentication is disabled by the client."), return
        unless $ssh->config->get('auth_rhosts');

    $ssh->debug("Trying rhosts authentication.");

    $packet = $ssh->packet_start(SSH_CMSG_AUTH_RHOSTS);
    $packet->put_str($ssh->config->get('user'));
    $packet->send;

    $packet = Net::SSH::Perl::Packet->read($ssh);
    my $type = $packet->type;
    if ($type == SSH_SMSG_SUCCESS) {
        return 1;
    }
    elsif ($type != SSH_SMSG_FAILURE) {
        $ssh->fatal_disconnect("Protocol error: got $type in response to rhosts auth");
    }

    return 0;
}

1;
__END__