Tuesday, January 20, 2009

Perl, SSH and Windows

I recently had the opportunity to do some development in perl to use SSH on a windows platform. When I took on the assignment I didn't realize what a lonely road I was about to head down.

Being someone who hates to reinvent the wheel I started off as often do by seeing how other people we solving similar problems. After a good deal of googling, reading in CPAN and writing a few test programs I determined that:

  • Net::SSH
  • Net::SSH::Perl
  • Net::SSH::W32Perl
  • Net::OpenSSH
  • Net::SSH2

all wouldn't work for me. There were a number of problems:

  • The modules didn't run reliably, or in some cases at all, on windows.
  • Support for deployment in a non-interactive environment was limited.
  • They didn't have support for non-password based authentication.

The solution I ended up going with was to create a simple patch for OpenSSH compiled under Cygwin and then run using Open3.

The hack to OpenSSH was made to the readpass.c routine and forces OpenSSH to read from stdin if an environment variable is set. Reading the code this behavior should happen based on the following comment:

If RP_ALLOW_STDIN is set, the passphrase will be read from stdin if no tty is available

but this wasn't happening under Cygwin.

With the environment variable set you can handle the server host key and password prompts from within a script.

At some point I hope to clean the code up and post it but for now if anyone is facing a similar problem please let me know and I will share what I have.