in reply to Re^5: Net::SSH2 not base64 encoded
in thread Net::SSH2 not base64 encoded

I missed one output from the debug:

Net::SSH2::KnownHosts::DESTROY

This comes from:

$av_obj_SSH->check_hostkey('ask');

Question is why!?

Regards Kallewirsch

Replies are listed 'Best First'.
Re^7: Net::SSH2 not base64 encoded
by Corion (Patriarch) on Dec 12, 2024 at 15:22 UTC

    Looking through Net::SSH2 for knownhost points to LIBSSH2_HOSTKEY_POLICY_STRICT and ->check_hostkey. That method is called when creating a connection.

    A next step could be to call  $av_obj_SSH->check_hostkey(...); from your code and explicitly look at the return value.

    Maybe the object does not find the appropriate known_hosts file or something.

    Without seeing your code, the output, and the various hidden inputs it is quite hard to suggest anything other than looking at the differences between what SSH does and what your script/libssh2 does and verifying at each step that they do the same until you find places where they differ.

[reply]
[d/l]
[select]

      your are naturally right. I should show the code:

      sub av_ssh
{

  $av_obj_SSH->trace(-1);
  $av_obj_SSH->debug(1);

  $av_obj_SSH->connect($av_loc_ROUTER)
    or $av_obj_SSH->die_with_error;

  $av_tmp_STRING = $av_obj_SSH->check_hostkey('ask')
    or $av_obj_SSH->die_with_error;
  
  $av_obj_SSH->auth_publickey("newroot","$ENV{HOME}/.ssh/t_zertifikat_
+t_test_openssh.pub","$ENV{HOME}/.ssh/t_zertifikat_t_test_openssh.key"
+)
    or $av_obj_SSH->die_with_error;
  
  $av_obj_SSH->disconnect();
}


$av_obj_SSH = Net::SSH2->new()
 or die "SSH-Objekt konnte nicht erzeugt werden";

av_ssh();

exit (0);

      [download]

      The known_hosts file was originally filled with one entry by the ssh command!

      la .ssh/
insgesamt 72
drwxrwxr-x  2 fxuser2 fxuser2 4096 Dez 12 15:45 .
drwxr-xr-x 14 fxuser2 fxuser2 4096 Dez 12 15:45 ..
-rw-------  1 fxuser2 fxuser2  381 Aug 31  2021 authorized_keys
-rw-------  1 fxuser2 fxuser2 3434 Aug 31  2021 id_rsa
-rw-r--r--  1 fxuser2 fxuser2  742 Aug 31  2021 id_rsa.pub
-rw-------  1 fxuser2 fxuser2  182 Dez 12 15:46 known_hosts
-rw-------  1 fxuser2 fxuser2 1834 Dez 12 12:59 t_zertifikat_t_test_op
+enssh.key
-rw-------  1 fxuser2 fxuser2  406 Dez 12 12:53 t_zertifikat_t_test_op
+enssh.pub

      [download]
      Regards Kallewirsch
[reply]
[d/l]
[select]

        I don't spot anything in your code that helps debugging this further.

        The error comes from the other end, that the username (newroot) does not match the pubkey/private key pair.

        Maybe look at the remote end, and/or check whether a different username gives a different error.

[reply]
[d/l]

In Section Seekers of Perl Wisdom