Net::SSH::Perl - Perl client interface to Secure Shell

Net::SSH::Perl is an all-Perl module implementing an SSH client. It is compatible with both the SSH1 and SSH2 protocols.

Net::SSH::Perl enables you to simply and securely execute commands on remote machines, and receive the STDOUT, STDERR, and exit status of that remote command. It contains built-in support for various methods of authenticating with the server (password authentication, RSA challenge-response authentication, etc.). It completely implements the I/O buffering, packet transport, and user authentication layers of the SSH protocol, and makes use of external Perl libraries (in the Crypt:: family of modules) to handle encryption of all data sent across the insecure network. It can also read your existing SSH configuration files (/etc/ssh_config, etc.), RSA identity files, DSA identity files, known hosts files, etc.

One advantage to using Net::SSH::Perl over wrapper-style implementations of ssh clients is that it saves on process overhead: you no longer need to fork and execute a separate process in order to connect to an sshd. Depending on the amount of time and memory needed to fork a process, this win can be quite substantial; particularly if you're running in a persistent Perl environment (mod_perl, for example), where forking a new process is a drain on process and memory resources.

It also simplifies the process of using password-based authentications; when writing a wrapper around ssh you probably need to use Expect to control the ssh client and give it your password. Net::SSH::Perl has built-in support for the authentication protocols, so there's no longer any hassle of communicating with any external processes.

The SSH2 protocol support (present in Net::SSH::Perl as of version 1.00) is compatible with the SSH2 implementation in OpenSSH, and should also be fully compatible with the ``official'' SSH implementation. If you find an SSH2 implementation that is not compatible with Net::SSH::Perl, please let me know (email address down in AUTHOR & COPYRIGHTS); it turns out that some SSH2 implementations have subtle differences from others. 3DES (3des-cbc), Blowfish (blowfish-cbc), and RC4 (arcfour) ciphers are currently supported for SSH2 encryption, and integrity checking is performed by either the hmac-sha1 or hmac-md5 algorithms. Compression, if requested, is limited to Zlib. Supported server host key algorithms are ssh-dss (the default) and ssh-rsa (requires Crypt::RSA); supported SSH2 public key authentication algorithms are the same.



10.4.2001: New release of Net::SSH::Perl--version 1.23. It looks like I skipped an announcement for 1.22; that was a very important release, with some major fixes for SSH-2 channel window sizes, and SSH-2 STDERR capturing.

This new version, 1.23, adds a couple of small things (--sdk option to Makefile.PL, select_class method in Net::SSH::Perl::SSH2, to be overridden).

7.24.2001: Version 1.21 of Net::SSH::Perl has been released. This version fixes some bugs with the open2 interface (particularly when using SSH-1), as well as some other various bug fixes and tweaks.

6.26.01: Net::SSH::Perl 1.17 has been released. It contains an experimental new open2 interface:

    use Net::SSH::Perl;
    my $ssh = Net::SSH::Perl->new($host);
    my($READ, $WRITE) = $ssh->open2($cmd);
    print $WRITE "foo\n";
    sysread $READ, my($data), 0, 8192;
    print "Got $data\n";

6.6.01: Net::SSH::Perl 1.16 has just been released. This is a maintenance release whose main "feature" is a bug fix in the packet layer.

6.3.01: Net::SSH::Perl 1.15 has just been released. It supports publickey authentication using an authentication agent, and fixes some bugs/issues with pssh-keygen, the packet layer, and the authentication management in SSH-2.


Latest release
Net::SFTP (SFTP support)