Net::SSH::Perl::Auth - Base authentication class, plus utility methods


   use Net::SSH::Perl::Cipher;

   # Get list of supported authentication IDs.
   my $supported = Net::SSH::Perl::Auth::supported();

   # Translate an auth name into an ID.
   my $id = Net::SSH::Perl::Auth::id($name);

   # Translate an auth ID into a name.
   my $name = Net::SSH::Perl::Auth::name($id);

   # Get the order in which auth methods are tested.
   my $order = Net::SSH::Perl::Auth::order();


Net::SSH::Perl::Auth provides a base class for each of the authentication method classes. In addition, it defines a set of utility methods that can be called either as functions or object methods.


supported( [ $auth_id [, $server_supports ] ])

Without arguments, returns a reference to an array of auth methods supported by Net::SSH::Perl. These are methods that have working Net::SSH::Perl::Auth:: implementations, essentially.

With one argument $auth_id, returns a true value if that auth method is supported by Net::SSH::Perl, and false otherwise.

With two arguments, $auth_id and $server_supports, returns true if the auth represented by $auth_id is supported both by Net::SSH::Perl and by the sshd server. The list of methods supported by the server should be in $server_supports, a bit mask sent from the server during the session identification phase.

Can be called either as a non-exported function, i.e.

    my $i_support = Net::SSH::Perl::Auth::supported();

or as an object method of a Net::SSH::Perl::Auth object, or an object of a subclass (in which case the first argument should be $server_supports, not the $auth_id):

    if ($auth->supported($server_supports)) {
        print "Server supports auth method $auth";

id( [ $auth_name ] )

Translates an auth method name into an ID (suitable for sending to the sshd server, for example).

If given $auth_name translates that name into the corresponding ID. If called as an object method, translates the object's auth class name into the ID.

name( [ $auth_id ] )

Translates an auth method ID into a name.

If given $auth_id translates that ID into the corresponding name. If called as an object method, returns the (stripped) object's auth class name; for example, if the object were of type Net::SSH::Perl::Auth::Rhosts, name would return Rhosts.


Returns a reference to an array containing auth method IDs. These IDs describe the order in which authentication should be tested against the server. So, for example, if the array listed (2, 4, 3), then the client should test: RSA, then Rhosts-RSA, then Password authentication.


Net::SSH::Perl::Auth->new($auth_name, $ssh)

Instantiates a new auth object of the type $auth_name, and gives it the Net::SSH::Perl object $ssh, which should contain an open connection to an sshd server.

Returns the auth object, which will be blessed into the actual auth subclass.

$valid = $auth->authenticate()

Talks to the sshd server to authenticate the user; if valid, returns true, and if invalid, returns false.


Classes implementing an authentication method must implement the following two methods:

  • $class->new($ssh)

    Given a Net::SSH::Perl object $ssh, should construct a new auth object and bless it into $class, presumably.

  • $class->authenticate()

    Authenticate the current user with the remote daemon. This requires following the messaging protocol defined for your authentication method. All of the data you need--user name, password (if required), etc.--should be in the $ssh object.

    Returns 1 if the authentication is successful, 0 otherwise.


Please see the Net::SSH::Perl manpage for author, copyright, and license information.