Perl“Net::SFTP”模块的 SFTP 连接失败

Posted

技术标签:

【中文标题】Perl“Net::SFTP”模块的 SFTP 连接失败【英文标题】:SFTP connection failure with Perl "Net::SFTP" module 【发布时间】:2019-09-23 03:21:45 【问题描述】:

我正在尝试使用 Perl 连接到 SFTP 服务器,但出现以下连接错误:Permission denied at /app/perl-5.24.3/lib/site_perl/5.24.3/Net/SFTP.pm line 63.

我的连接代码'sftp_test2.pl':

use strict;
use warnings;

use Net::SFTP;

my $server   = 'downloads-server';
my $user     = 'user';
my $port     = "10022";
my $password = '';

my %args = (
     user => "$user",
     port => "$port",
     ssh_args => 
         user => "$user",
         identity_files => [ 'path/sftp_download'],
         port => "$port",
         protocol=>'2,1',
         debug => 1,
     
);

my $sftp=Net::SFTP->new($server, %args) or die "could not open connection to $server\n";

执行:

$>perl sftp_test2.pl
Reading configuration data path/home/.ssh/config
Reading configuration data /etc/ssh_config
Connecting to downloads-server, port 10022.
Remote version string: SSH-2.0-CrushFTPSSHD
Remote protocol version 2.0, remote software version CrushFTPSSHD
Net::SSH::Perl Version 2.14, protocol version 2.0.
No compat match: CrushFTPSSHD.
Connection established.
Sent key-exchange init (KEXINIT), waiting for response.
Using diffie-hellman-group-exchange-sha256 for key exchange
Host key algorithm: ssh-rsa
Algorithms, c->s: aes256-ctr hmac-sha2-512-etm@openssh.com none
Algorithms, s->c: aes256-ctr hmac-sha2-512-etm@openssh.com none
Entering Diffie-Hellman Group Exchange.
SSH2_MSG_KEX_DH_GEX_REQUEST(2048<4096<8192) sent
Sent DH Group Exchange request, waiting for reply.
Received 4096 bit DH Group Exchange reply.
Generating new Diffie-Hellman keys.
Entering Diffie-Hellman key exchange.
Sent DH public key, waiting for reply.
Received host key, type 'ssh-rsa'.
Host 'downloads-server' is known and matches the host key.
Verifying server signature.
Send NEWKEYS.
Waiting for NEWKEYS message.
Enabling encryption/MAC/compression.
Sending request for user-authentication service.
Service accepted: ssh-userauth.
Trying empty user-authentication request.
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Trying password authentication.
Will not query passphrase in batch mode.
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Trying password authentication.
Will not query passphrase in batch mode.
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Trying password authentication.
Will not query passphrase in batch mode.
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Next method to try is publickey.
Publickey: testing agent key 'my-server'
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Next method to try is publickey.
Publickey: testing agent key 'path/home/.ssh/id_rsa'
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Next method to try is publickey.
Trying pubkey authentication with key file 'path/sftp_download'
Authentication methods that can continue: password,publickey,keyboard-interactive.
Next method to try is password.
Next method to try is publickey.
Permission denied at /app/perl-5.24.3/lib/site_perl/5.24.3/Net/SFTP.pm line 63.

我以为和我的私钥有关,但是我可以通过unix命令连接:

sftp -oPort=10022 -oIdentityFile=path/sftp_download user@downloads-server 正在连接到下载服务器... sftp>

我尝试在很多文章中找到解决方案,也尝试了一些代码变体,但没有成功。

我做错了吗? 这是一个已知的错误吗?任何解决方法? 我如何调试它才能找到原因(我对SSH/FTP不太熟悉)。

编辑: 我怀疑这可能与使用密码的多次连接失败尝试有关,因此我从文件“app/perl-5.24.3/lib/site_perl/5.24.3/x86_64-linux/Net”中的“%AUTH_MAP”中删除了密码身份验证/SSH/Perl/AuthMgr.pm" 并按预期连接! 有没有办法强制使用 only/first key 身份验证?

提前致谢! 迈克

【问题讨论】:

显示sftp -vvv -oPort=10022 -oIdentityFile=path/sftp_download user@downloads-server的输出 我正在与 IT 核实是否允许提供此信息。我怀疑这可能与使用密码尝试多次连接失败有关。有没有办法强制只使用密钥身份验证? 【参考方案1】:

禁用密码验证(仅验证密钥)的代码是:

ssh_args => 
  user    => $user,
  options => [ 'PasswordAuthentication no' ],
  identity_files => [ 'path/sftp_download'],
  port     => $port,
  protocol =>'2,1',
  debug    => 1,

【讨论】:

以上是关于Perl“Net::SFTP”模块的 SFTP 连接失败的主要内容,如果未能解决你的问题,请参考以下文章

在 Heroku 上存储 SSH 密钥以通过 SFTP 将 Rails 应用程序连接到远程

Net :: SFTP :: Session无法运行stat,显然有一个Nil通道

想要使用 c++ 或 perl 使用 OpenSSH 和 SFTP 通过 Internet 发送文件---Windows Vista 两者

如何从 Perl 连接到 MySQL?

在 Windows 10 上使用 Mail::Sendmail 模块连接到 localhost 失败

perl模块异常symbol lookup error的解决方式