Ubuntu Manpage: Net::SSH::AuthorizedKey - Virtual Base Class for SSH Public Keys

Provided by: libnet-ssh-authorizedkeysfile-perl_0.18-4_all

NAME

       Net::SSH::AuthorizedKey - Virtual Base Class for SSH Public Keys

SYNOPSIS

           use Net::SSH::AuthorizedKey;

             # Either parse a string (without leading whitespace or comments):
           my $key = Net::SSH::AuthorizedKey->parse( $line );

           if(defined $key) {
                 # ssh-1 or ssh-2
               print "Key parsed, type is ", $key->type(), "\n";
           } else {
               die "Cannot parse key '$line'";
           }

             # ... or create an object yourself:
           my $pubkey = Net::SSH::AuthorizedKey->new(
               options  => { from                  => 'foo@bar.com',
                             "no-agent-forwarding" => 1 },
               key      => "123....890",
               keylen   => 1024,
               exponent => 35,
               type     => "ssh-1",
           );

DESCRIPTION

       Net::SSH::AuthorizedKey is a virtual base class for ssh public keys.  Real implementations of it are
       Net::SSH::AuthorizedKey::SSH1 and Net::SSH::AuthorizedKey::SSH2.

       The only way to using it directly is by calling its parse() method, and passing it an authorized_keys
       string (aka a line from an authorized_keys file). If it recognizes either a ssh-1 or a ssh-2 type key, it
       will return a Net::SSH::AuthorizedKey::SSH1 or a Net::SSH::AuthorizedKey::SSH2 object, both of which
       support the accessor methods defined in the FIELDS section below.

       The as_string() method will cobble the (perhaps modified) fields together and return them as a string
       suitable as a line for an authorized_keys file.

   METHODS
       "parse( $line )"
           Reads in a single text line containing a ssh-1 or ssh-2 key.  Returns a Net::SSH::AuthorizedKey::SSH1
           or a Net::SSH::AuthorizedKey::SSH2 object, or "undef" in case of an error.

       "fingerprint()"
           Returns  a MD5 hex hash of the parsed key. The hash is unique for functionally identical keys. Fields
           not contributing to the key's functional uniqueness are ignored.

       "error()"
           Returns the last parsing error encountered as a text string.

       "as_string( )"
           Return the object as a string suitable as a autorized_keys line.

   FIELDS
       All of the following fields are available via accessors:

       "type"
           Type of ssh key, usually "ssh-1" or "ssh-2".

       "key"
           Public key, either a long number (ssh-1) or a line of alphanumeric characters (ssh-2).

       "keylen"
           Length of the key in bit (e.g. 1024).

       "exponent"
           Two-digit number in front of the key in ssh-1 authorized_keys lines.

       "options"
           Returns a reference to a hash with options key/value pairs, listed in front of the key.

   IMPLEMENTATION REFERENCE
       The key parsers implemented in this distribution are implemented similarily as the  authorized_keys  file
       parser in the openssh source distribution.

       Openssh  contains the authorized_keys parser in its auth2_pubkey.c file. The user_key_allowed2() function
       opens the file and reads it line by line, ignoring leading whitespace, empty and comment lines.

       After that, if a line doesn't contain a plain key, the parser skips  ahead  until  the  first  whitespace
       (zooming  through  quoted  areas  "..."  and  interpreting  '\"'  as  an  escaped quote), then skips this
       whitespace and tries to read a key one more time.

       Regarding options,  the  Perl  parser  isn't  as  elaborate  with  semantic  peculiarities  as  openssh's
       auth_parse_options(), but this might be added in the future.

NOTES FOR SUBCLASS DEVELOPERS

       If  you're  just  using Net::SSH::AuthorizedKey to parse keys, the following section doesn't concern you.
       It's only relevant if you add new subclasses to this package, on top of what's already provided.

       Net::SSH::AuthorizedKey is a (semi-)virtual base class that implements options handling for its SSH1  and
       SSH2 subclasses.

       SSH  key  lines  can  contain  options  that carry values (like command="ls") and binary options that are
       either set or unset (like "no_agent_forwarding"). To distinguish the two, and to provide a set of allowed
       option names, the subclass has to implement the method option_type(), which takes  an  option  name,  and
       returns

       •   undef if the option is not supported

       •   "s" if the option is a "string" option that carries a value

       •   1 if the option is a binary option

       The subclasses Net::SSH::AuthorizedKey::SSH1 and Net::SSH::AuthorizedKey::SSH2 are doing this already.

LEGALESE

       Copyright  2005-2009  by  Mike  Schilli,  all  rights  reserved.   This program is free software, you can
       redistribute it and/or modify it under the same terms as Perl itself.

AUTHOR

       2005, Mike Schilli <m@perlmeister.com>

perl v5.36.0                                       2022-10-13                       Net::SSH::AuthorizedKey(3pm)