NAME
Config::OpenSSH::Authkey::Entry - authorized_keys file entry handler
SYNOPSIS
This module is used by Config::OpenSSH::Authkey, though can be used standalone:
my $entry = Config::OpenSSH::Authkey::Entry->new();
# assuming $fh is opened to an authorized_keys file...
eval {
$entry->parse($fh->getline);
if ($entry->protocol == 1) {
warn "warning: deprecated SSHv1 key detected ...\n";
}
};
...
DESCRIPTION
This module parses lines from OpenSSH authorized_keys
files, and offers various methods to interact with the data. The AUTHORIZED_KEYS FILE FORMAT section of sshd(8) details the format of these lines. I use the term entry to mean a line from an authorized_keys
file.
Errors are thrown via die
or croak
, notably when parsing an entry via the new or key methods.
CLASS METHODS
- new optional data to parse
-
Constructor. Optionally accepts an
authorized_keys
file entry to parse. - split_options option string
-
Accepts a string of comma seperated options, and parses these into a list of hash references. In scalar context, returns a reference to the list. In list context, returns a list.
INSTANCE METHODS
- parse data to parse
-
Utility method in event data to parse was not passed to new.
- key optional key to parse
-
Returns the public key material. If passed a string, will attempt to parse that string as a new key (and options, and comment, if those are present).
- keytype
-
Returns the type of the key, either
rsa1
for a SSHv1 key, orrsa
ordsa
for the two different SSHv2 key types. This is the same format as the ssh-keygen(1)-t
option accepts. - protocol
-
Returns the major SSH protocol version of the key, 1 or 2.
Note that SSHv1 has been replaced by SSHv2 for over a decade as of 2010. I strongly recommend that SSHv1 be disabled.
- comment optional new comment
-
Returns the comment, if any, of the parsed entry. ssh-keygen(1) defaults to
user@host
for this field. If a string is passed, updates the comment to that string. - unset_comment
-
Deletes the comment.
- options optional new option string
-
Returns any options set in the entry as a comma separated value string, or, if passed a string, sets that string as the new option set.
# get my $option_str = $entry->options(); # set $entry->options('from="127.0.0.1",no-agent-forwarding');
Returns
undef
if no options have been set. - unset_options
-
Deletes all the options.
- get_option option name
-
Returns the value (or values) for a named option. OpenSSH does allow duplicate entries for options, though in most cases this method will only return a single value. Options are boolean or string value; boolean options return the name of the method, while string options return the string value. Assuming the options have been set as shown above:
# returns 'no-agent-forwarding' $entry->get_option('no-agent-forwarding'); # returns '127.0.0.1' $entry->get_option('from');
In scalar context, only the first option is returned. In list context, a list of one (or rarely more) values will be returned.
- set_option option name, optional value
-
Enables an option, or with an additional argument, sets the string value for that option.
# boolean $entry->set_option('no-agent-forwarding'); # string value $entry->set_option(from => '127.0.0.1');
If multiple options with the same name are present in the options list, only the first option found will be updated, and all subseqent entries removed from the options list.
- unset_option option name
-
Deletes all occurrences of the named option.
- as_string
-
Returns the entry formatted as an OpenSSH authorized_keys line.
- duplicate_of optional value
-
If supplied with an argument, stores this data in the object. Always returns the value of this data, which is
0
by default. Used by Config::OpenSSH::Authkey to track whether (and of what) a key is a duplicate of.
BUGS
No known bugs. Newer versions of this module may be available from CPAN.
If the bug is in the latest version, send a report to the author. Patches that fix problems or add new features are welcome.
SEE ALSO
sshd(8), ssh-keygen(1), Config::OpenSSH::Authkey
AUTHOR
Jeremy Mates, <jmates@sial.org>
COPYRIGHT
Copyright 2009-2010 by Jeremy Mates.
This program is free software; you can redistribute it and/or modify it under the Artistic license.