NAME
Net::SSH::Perl::Key - Public or private key abstraction
SYNOPSIS
use Net::SSH::Perl::Key;
my $key = Net::SSH::Perl::Key->new;
DESCRIPTION
Net::SSH::Perl::Key implements an abstract base class interface to key objects (either DSA or RSA keys, currently). The underlying implementation for RSA is an internal, hash-reference implementation; the DSA implementation uses Crypt::DSA.
USAGE
Net::SSH::Perl::Key->new($key_type [, $blob [, $compat_flag_ref ]])
Creates a new object of type Net::SSH::Perl::Key::$key_type, after loading the class implementing $key_type. $key_type should be either DSA
or RSA
, currently; these are the only supported key implementations at the moment.
$blob, if present, should be a string representation of the key, from which the key object can be initialized. In fact, it should be the representation that is returned from the as_blob method, below.
$compat_flag_ref should be a reference to the SSH compatibility flag, which is generally stored inside of the Net::SSH::Perl object. This flag is used by certain key implementations (DSA
) to work around differences between SSH2 protocol implementations.
Returns the new key object, which is blessed into the subclass.
Net::SSH::Perl::Key->read_private($key_type, $file [, $pass])
Reads a private key of type $key_type out of the key file $file. If the private key is encrypted, an attempt will be made to decrypt it using the passphrase $pass; if $pass is not provided, the empty string will be used. An empty passphrase can be a handy way of providing password-less access using publickey authentication.
If for any reason loading the key fails, returns undef; most of the time, if loading the key fails, it's because the passphrase is incorrect. If you first tried to read the key using an empty passphrase, this might be a good time to ask the user for the actual passphrase. :)
Returns the new key object, which is blessed into the subclass denoted by $key_type (either DSA
or RSA
).
Net::SSH::Perl::Key->keygen($key_type, $bits)
Generates a new key and returns that key. The key returned is the private key, which (presumably) contains all of the public key data, as well. $bits is the number of bits in the key.
Your $key_type implementation may not support key generation; if not, calling this method is a fatal error.
Returns the new key object, which is blessed into the subclass denoted by $key_type (either DSA
or RSA
).
Net::SSH::Perl::Key->extract_public($key_type, $key_string)
Given a key string $key_string, which should be a textual representation of the public portion of a key of $key_type, extracts the key attributes out of that string. This is used to extract public keys out of entries in known_hosts and public identity files.
Returns the new key object, which is blessed into the subclass denoted by $key_type (either DSA
or RSA
).
$key->write_private([ $file [, $pass] ])
Writes out the private key $key to $file, and encrypts it using the passphrase $pass. If $pass is not provided, the key is unencrypted, and the only security protection is through filesystem protections.
If $file is not provided, returns the content that would have been written to the key file.
$key->dump_public
Performs the inverse of extract_public: takes a key $key and dumps out a textual representation of the public portion of the key. This is used when writing public key entries to known_hosts and public identity files.
Returns the textual representation.
$key->as_blob
Returns a string representation of the public portion of the key; this is not the same as dump_public, which is intended to match the format used in known_hosts, etc. The return value of as_blob is used as an intermediary in computing other values: the key fingerprint, the known hosts representation, etc.
$key->equal($key2)
Returns true if the public portions of $key are equal to those of $key2, and false otherwise. This is used when comparing server host keys to keys in known_hosts.
$key->size
Returns the size (in bits) of the key $key.
$key->fingerprint([ $type ])
Returns a fingerprint of $key. The default fingerprint is a hex representation; if $type is equal to bubblebabble
, the Bubble Babble representation of the fingerprint is used instead. The former uses an MD5 digest of the public key, and the latter uses a SHA-1 digest.
AUTHOR & COPYRIGHTS
Please see the Net::SSH::Perl manpage for author, copyright, and license information.