in reply to Re: instantiating an SFTP object
in thread instantiating an SFTP object

Thanks for your response, zentara . After a third time with a failed login using different methods that seem to work for everyone else, I double-checked my password, which hadn't been updated in my little world of perl development. (sorry about that: I'd roll my eyes if my mom did that) That solves one problem, but as I read, I come closer to the opinion that the preferred method for login is to use RSA key-pairs. So while I want to get some minimal functionality for getting content to my site, I'd also like to update this capability to reflect the methods of grown-ups using encryption.

In order to install Net::SSH2 I had to run the following commands on a debian system:

sudo apt-get install libssh2-1-dev
sudo apt-get install zlib1g
sudo apt-get install zlib1g-dev

[download]

http://www.perlmonks.org/?node_id=569657 was very helpful. Unfortunately, http://cfm.gs.washington.edu/security/ssh/client-pkauth/ gets a 404 from my browser. I looked at https://www.debian.org/devel/passwordlessssh as a source for how I might go forward.

As I look at what's in front of me, I have a machine capable of both SSH1 and SSH2. My ISP makes no distinction. Do I want to use one or the other? Does SSH2 comprehend SSH1? If I write for SSH2, will I have a wider range of application or more likely burdened by a level of encryption that hardly need exist for my little html pages that have nothing to do with banking, or national security and the like?

Anyways, here's caller and sub on the what works now.

#!/usr/bin/perl -w
use strict;
use 5.010;
use lib "template_stuff";
use File::Basename; 
use Net::SSH2;
use File::Spec;
use Term::ReadKey;

my $rftp = get_ftp_object();
say "object created, back in main";

[download]
sub get_ftp_object{
use strict;
use Net::SSH2;
use 5.01;
my $sub_hash = "my_sftp";
my $domain = $config{$sub_hash}->{'domain'};
my $username = $config{$sub_hash}->{'username'};
my $password = $config{$sub_hash}->{'password'};
say "values are $domain $username $password";

#dial up the server
my $ssh2 = Net::SSH2->new();
$ssh2->connect($domain) or die "Unable to connect Host $@ \n";
say "connect worked";
#this works for passwords 
$ssh2->auth_password($username,$password) or die "Unable to login $@ \
+n";
return $ssh2;
}

[download]

Replies are listed 'Best First'.
Re^3: instantiating an SFTP object
by zentara (Cardinal) on Jun 11, 2017 at 11:30 UTC
    Hi, if you read the demo a little more closely, you would see the section: 
    # works when run from z's homedir because you need
# permission to read the keys
$ssh2->auth_publickey('z',
                 '/home/z/.ssh/id_dsa.pub',
         '/home/z/.ssh/id_dsa',
          $pass );

    [download]
    Try reading the latest docs for Net::SSH2. maybe that syntax has changed a bit. $pass is the password for your ssh key, not the login account

    P.S. use ssh2, ssh1 is very outdated

    I'm not really a human, but I play one on earth. ..... an animated JAPH
[reply]
[d/l]
Re^3: instantiating an SFTP object
by zentara (Cardinal) on Jun 13, 2017 at 17:24 UTC
    Hi, here is a Net::SSH2 sftp script that works. I just verified it. This shows how to do a login with rsa keys, the password has been changed of course. Works on latest Slackware linux, which is pretty standard generic linux. 
    #!/usr/bin/perl
use warnings;
use strict;
use Net::SSH2 qw(LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE
                        LIBSSH2_CHANNEL_FLUSH_ALL
                        LIBSSH2_HOSTKEY_POLICY_ASK);

my $pass = 'rumpelstiltskin';
my $ssh2 = Net::SSH2->new( debug => 1 ); 
$ssh2->trace(-1);
$ssh2->timeout(5000);

$ssh2->connect('my.net') or $ssh2->die_with_error;

$ssh2->auth_publickey('me',
                 '/home/me/.ssh/id_rsa.pub',
                   '/home/me/.ssh/id_rsa',
                $pass );


 my $sftp = $ssh2->sftp();
 my $fh = $sftp->open('/etc/passwd') or $sftp->die_with_error;
 print $_ while <$fh>;


return 0;

__END__

    [download]
    I'm not really a human, but I play one on earth. ..... an animated JAPH
[reply]
[d/l]
      After connect you should call check_hostkey. For instance: 
      $ssh2->check_hostkey(LIBSSH2_HOSTKEY_POLICY_ASK);

      [download]
[reply]
[d/l]
[select]
        Hi, I don't want to feel like a dufus, but I tried 
        my $return = $ssh2->check_hostkey(LIBSSH2_HOSTKEY_POLICY_ASK);
print "Return:  $return\n\n\n\n";

        [download]
        and all I get is Return 00 and the normal filehandle printout. How exactly do I efficiently print out the returns from the check_hostkey command.? I'm cultivating laziness. :-)
        I'm not really a human, but I play one on earth. ..... an animated JAPH
[reply]
[d/l]

      Thanks for this post, zentara, it's really helped me understand the concepts and implementation of rsa authentication in perl. I think that I achieve success in that an sftp object is created using key pairs. The very critical thing to first do is this: 

      $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/bob/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/bob/.ssh/id_rsa.
Your public key has been saved in /home/bob/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LCWI8Wrw14m0Cxz1P+TqmL7Nn+mY19fWETCfjYK87VY bob@bob-ThinkPad-SL
+510
The key's randomart image is:
+---[RSA 2048]----+
|  . .   .        |
|   = o o     o   |
|. o + o +. .  +.o|
| + + + B .o . .+.|
|  * + = S  o .  .|
| . o = .  . . E. |
|    + .  . . o ..|
|   . o o.o. + o .|
|    o.=+=  o .   |
+----[SHA256]-----+
$

      [download]

      This was output upon first running:

      values are home349337426.1and1-data.host 
The authenticity of host 'home349337426.1and1-data.host' can't be esta
+blished.
Key fingerprint is SHA1:6bfe32c8859a967c8ed6cebdd5c48b72edff71c7.
Are you sure you want to continue connecting (yes/no)? y
mkdir is not a valid Net::SSH2 macro at ssh4.pl line 31.
$ 

$

      [download]

      Running it again, I get none of the dialog regarding whether the responder is trusted. At the end, I'm still left with not being able to invoke a mkdir method.

      Turning to the source, the meaning for password has shifted from the one you use for login to the one you used to create the ciphers.

      #!/usr/bin/perl -w
use strict;
use Net::SSH2 qw(LIBSSH2_CHANNEL_EXTENDED_DATA_MERGE
                        LIBSSH2_CHANNEL_FLUSH_ALL
                        LIBSSH2_HOSTKEY_POLICY_ASK);

use 5.010;
use lib "template_stuff";
use config2;

# none of this makes any sense until you run
# ssh-keygen -t rsa

my $sub_hash = "my_sftp";
my $domain = $config{$sub_hash}->{'domain'};
my $username = $config{$sub_hash}->{'username'};

say "values are $domain";
my $pass = "ringo";
my $ssh2 = Net::SSH2->new( debug => 1 ); 
$ssh2->trace(-1);
$ssh2->timeout(5000);

$ssh2->connect($domain) or $ssh2->die_with_error;
$ssh2->check_hostkey(LIBSSH2_HOSTKEY_POLICY_ASK);

$ssh2->auth_publickey($username,
                 '/home/bob/.ssh/id_rsa.pub',
                   '/home/bob/.ssh/id_rsa',
                $pass );

my $success = $ssh2->mkdir("perlmonks");
say "success is $success";
return 0;

__END__

      [download]

      I return to the documentation to find that sftp methods are less than fully supported, indeed that I'm advised to use something else: https://metacpan.org/pod/Net::SSH2#sftp I have found it immensely instructive so far, even if I might use the higher level Net::SFTP::Foreign henceforth. I hope to be able to do roughly this same exercise with that module.

[reply]
[d/l]
[select]
        the meaning for password has shifted from the one you use for login to the one you used to create the ciphers

        Exactly!! :-) Glad you are figuring it out.

        I'm not really a human, but I play one on earth. ..... an animated JAPH
[reply]

In Section Seekers of Perl Wisdom