I am getting below error while running my script, I am on AIX
Reading configuration data /ecmsq1vg1/home1/aradmin/.ssh/config
Reading configuration data /etc/ssh_config
Connecting to www.mftcatapp.firstdataclients.com, port 22.
Remote version string: SSH-2.0-Sun_SSH_1.1.8
Remote protocol version 2.0, remote software version Sun_SSH_1.1.8
Net::SSH::Perl Version 2.14, protocol version 2.0.
No compat match: Sun_SSH_1.1.8.
Connection established.
Sent key-exchange init (KEXINIT), waiting for response.
No matching mac found: client hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512,hmac-sha2-256 server hmac-sha1 at /apps/perl/lib/site_perl/5.18.1/aix-thread-multi/Net/SSH/Perl/SSH2.pm line 273
Can anyone help me out why i am facing the above error?
perldoc Net::SSH::Perl:
Integrity checking is performed by the hmac-sha2-256, hmac-sha2-512, hmac-sha2-256-etm#openssh.com, or hmac-sha2-512-etm#openssh.com algorithms. The deprecated hmac-sha1 or hmac-md5 algorithms are available but not enabled by default. Many older SSH server installations still use hmac-sha1 as the main accepted MAC algorithm. To enable this, use the following options parameter:
options => [ "MACs +hmac-sha1" ]
So either configure your server not to use hmac-sha1 for integrity checking or tell your script to accept hmac-sha1.
I have a CGI script to load publications from BibBase:
#!/usr/bin/perl
use LWP::UserAgent;
my $url = 'https://bibbase.org/show?bib=http://www.example.com/pubs.bib';
my $ua = LWP::UserAgent->new;
my $can_accept = HTTP::Message::decodable;
my $response = $ua->get($url, 'Accept-Encoding' => $can_accept);
print "Content-type: text/html\n\n";
print $response->decoded_content;
(This is copied from BibBase with the exception that the URL is hard-coded.)
I have three webservers running RHEL7 and Apache 2.4 that are configured the same way by Puppet. On all three I can run the script on the command line and get the expected results:
[root#server1 cgi-bin]# ./bibbase_proxy2.cgi | head
Content-type: text/html
<img src="//bibbase.org/img/ajax-loader.gif" id="spinner" style="display: none;" alt="Loading.." />
<div id="bibbase">
<script type="text/javascript">
var bibbase = {
params: {"bib":"http://www.example.com/pubs.bib","host":"bibbase.org"},
When I try to run the script with CGI, I get three different results:
Server1
Unrecognised protocol tcp at /usr/share/perl5/LWP/Protocol/http.pm line 31.
Server2
Can't connect to bibbase.org:443 System error at /usr/share/perl5/LWP/Protocol/http.pm line 51.
Server3
No http output and the error log says AH01215: Out of memory!.
I can't find anything different between the three servers and I can't figure out why the script works fine on the command line and doesn't work when run as a CGI.
I have selinux in permissive mode and it is logging the outgoing request, so I know the script gets that far:
type=AVC msg=audit(1532465859.921:331235): avc: denied { name_connect } for pid=161178 comm="perl" dest=80 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:http_port_t:s0 tclass=tcp_socket
For testing, I have set selinux to disabled and restarted the server.
SE-Linux denied the TCP connection.
avc: denied { name_connect }
The default access controls for networking by SELinux are based on the labels assigned to TCP and UDP ports and sockets. For instance, the TCP port 80 is labeled with http_port_t (and class tcp_socket). Access towards this port is then governed through SELinux access controls, such as name_connect and name_bind.
When an application is connecting to a port, the name_connect permission is checked. However, when an application binds to the port, the name_bind permission is checked.
Permissive mode or not, Perl is acting like it was denied a TCP connection. Unrecognised protocol tcp means getprotobyname("tcp") failed inside IO::Socket::IP. That's very, very unusual. One of the ways that can happen is via exactly that SELinux denial.
I'm no SELinux expert, but according to RedHat and Gentoo some SELinux aware applications will ignore the global permissive setting and go it alone. RHEL 7 Apache appears to be one of them. It appears to have its own domain which must be set permissive.
On all three I can run the script on the command line and get the expected results:
There's two reasons for that, and they both have to do with users.
When you run the program you're running as your own user with your own configuration, permissions, and environment variables. In fact, you ran it as root which usually bypasses restrictions. When it runs on the server it runs as a different user, probably the web server user with severe restrictions.
In order to do a realistic test, you need to run it as the same user the web server will. You can use sudo -u for this. For example, if the user is apache...
sudo -u apache ./bibbase_proxy2.cgi
BTW Do not test software as root! Not only is it not going to give you sensible results, but if there's a bug in the software there are no safeguards preventing it from wrecking your system.
The second problem is #!/usr/bin/env perl. That means to run whatever perl is in your PATH. PATH will be different for different users. Running ./bibbase_proxy2.cgi may run with one Perl on the command line and a different one via the web server.
In a server environment, use a hard coded path to Perl like #!/usr/bin/perl.
We tested by rewriting the same script in Python and PHP. Both of them showed error which pointed us in the right direction.
Python urllib2 produced the error
<class 'urllib2.URLError'>: <urlopen error [Errno 16] Device or resource busy>
args = (error(16, 'Device or resource busy'),)
errno = None
filename = None
message = ''
reason = error(16, 'Device or resource busy')
strerror = None
PHP (run as CGI) wouldn't even start:
[Wed Jul 25 15:24:52.988582 2018] [cgi:error] [pid 10369] [client 172.28.6.200:44387] AH01215: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/curl.so' - libssh2.so.1: failed to map segment from shared object: Cannot allocate memory in Unknown on line 0
[Wed Jul 25 15:24:52.988980 2018] [cgi:error] [pid 10369] [client 172.28.6.200:44387] AH01215: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/dba.so' - libtokyocabinet.so.9: failed to map segment from shared object: Cannot allocate memory in Unknown on line 0
---- Similar lines for all extensions. ----
It appears that RLimitMEM blocks access to shared memory and that is required for opening sockets. I can't find any documentation, but removing that line makes it work.
I'm having a strange problem. I followed few guides from the net. My goal is to create a SMTP postfix that will use Cyrus SASL to authenticate users upon sending email with different imap server.
Making all more simple: have to transfer/replace current smtp server with new one as current is on public cloud and gets on black lists pretty often.
What I managed so far is:
Working Postfix
Authentication working when using :
testsaslauthd -u user#domain.com -p password
I'm getting Ok "Success" so I assume sasl itself work.
When I invoke saslfinger -s
I'm getting:
There is no smtpd.conf that defines what SASL should do for Postfix.
SMTP AUTH can't work!
but it seems that all is fine within the configuration files:
/etc/postfix/sasls/smtp.conf:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
/etc/postfix/main.cf:
smtpd_recipient_restrictions = reject_invalid_hostname,
permit permit_mynetworks,
permit_sasl_authenticated
disable_vrfy_command = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
/etc/default/saslauthd-postfix:
START=yes
MECHANISMS="rimap"
MECH_OPTIONS="domain.com -r"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
I'm running postfix chroot'ed so had to create a symlink but like I said. It all seems to work independently, just need to be linked somehow.
When I try to setup account in outlook, I got wrong name or password.
The log on Debian says:
May 11 23:35:43 smtp-test postfix/smtpd[741]: warning: unknown[192.168.108.1]: SASL NTLM authentication failed: authentication failure
May 11 23:35:43 smtp-test postfix/smtpd[741]: warning: SASL authentication failure: unable to canonify user and get auxprops
May 11 23:35:43 smtp-test postfix/smtpd[741]: warning: unknown[192.168.108.1]: SASL DIGEST-MD5 authentication failed: authentication failure
May 11 23:35:43 smtp-test postfix/smtpd[741]: warning: unknown[192.168.108.1]: SASL LOGIN authentication failed: authentication failure
May 11 23:35:43 smtp-test postfix/smtpd[741]: lost connection after AUTH from unknown[192.168.108.1]
May 11 23:35:43 smtp-test postfix/smtpd[741]: disconnect from unknown[192.168.108.1]
Strange thing is it tries NTLM(not mentioned anywhere) instead of RIMAP. And cannot make canonical name of user even after adding -r switch that should combine name and realm/domain name.
I guess that is related to first warning from saslfinger but cannot find the cause.
All updated to newest available versions.
Any help?
Summary:
This is a 2 part question. A simple Samba share on one ISP with router doesn't work while another ISP with a different router setup the same and a similar server with same Samba configuration works.
It seems to be either the router not forwarding the ports, although it successfully forwards SSH and others, or the ISP somehow blocking the standard Samba ports. It still bugs me that I can't figure out why it doesnt work and I'll still try to narrow down the cause.
The second question is I'm looking for a business use, simple, easy to use (for end users), secure share for a small number of people and files, hosted internally and accessible externally on the internet, between Windows 7, XP, Mac, and linux servers with simple clients for end users.
A new friend outside of stackoverflow helped with sshfs as a solution. On CentOS ssh already supports sshfs. The Windows client win-sshfs is working well and I'll be trying OSXFUSE with MACFusion described at UO.
Additionally, setup linux users for each person. To allow write by everyone in the linux group, change the umask in /etc/ssh/sshd_config described in this question at serverfault. People get to their home directory first, where I placed links to a shared folder with sticky bit set so they can't delete the folder. They can delete the links but that's easy enough to put back. The only issues I can see are lack of file locking and lack of auto-refresh.
Original Question:
I can't seem to get Samba working on a Centos 6.3 server over the internet. I have a similar test server on another internet connection working fine with the exact same setup. I've gone through http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html twice, made sure the ports are forwarded through to the internet (although not sure how to test they are really open), double checked samba configuration, its only sharing /tmp simply now. The user account is setup, it can ssh in and get to /tmp and the samba password is set the same. I can't ping the server but that is because the router or IP is set not pingable by the owner/work. SSH and HTTPS apache work well on the server with ports forwarded the same way. I haven't been able to test the share within the local network yet since I am not there, but I assume that it should work internally. When trying to connect from Windows 7 it just times out, no prompt and it has never connected, whereas my test server on my own internet connection is always working internally and externally.
Any help would be greatly appreciated.
The requirement is a easy to use internally hosted shared folder alternative to using "dropbox" for use between Windows 7, XP, mac, and linux servers that works over external internet connection. It won't see heavy usage but should be quick, easy to access/setup on the client side, and secure for business. If there are any alternatives to install on CentOS that would be great as well.
Thank you!
Andrew
Edit, details:
Ports are forwarded:
(I had an image but as new user I cant post) 137, 138, 139, 445 are forwarded all with both TCP and UDP for testing now.
smb.conf is setup simply and exactly the same as the working test server:
# cat /etc/samba/smb.conf
[global]
workgroup=WORKGROUP
log level = 3
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
[tmp]
comment = temporary files
path = /tmp
read only = yes
Samba restarted for good measure:
# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
Windows 7 times out when trying to access the share as \ which works fine with the test server:
(I had a screenshot but new users cant post)
A search for the error 0x80004005 results in http://answers.microsoft.com/en-us/windows/forum/windows_vista-networking/cannot-access-network-share-get-unspecified-error/9f840844-9d5b-e011-8dfc-68b599b31bf5
I've checked the workgroup, share settings, and restarted windows. Since the test share works I would think the Windows machine is working. I'll continue with the details.
Edit again:
Following the troubleshooting guide again:
Simplify the smb.conf to just:
# cat /etc/samba/smb.conf
[tmp]
comment = temporary files
path = /tmp
read only = yes
/etc/resolv.conf is using the ISPs servers and they work. They are different than the working server's DNS but that one is on a different ISP:
# nslookup google.com
Server: 71.242.0.12
Address: 71.242.0.12#53
Non-authoritative answer:
Name: google.com
Address: 74.125.228.2
I'm doing everything with IP addresses so I don't know that DNS would come into play.
I added dns proxy = no to smb.conf for fun but that didn't help.
/var/log/samba/log.smbd doesn't report anything different from the working server:
[2012/09/20 16:59:41, 0] smbd/server.c:1141(main)
smbd version 3.5.10-125.el6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2010
[2012/09/20 16:59:41.484699, 0] param/loadparm.c:7648(lp_do_parameter)
Global parameter dns proxy found in service section!
[2012/09/20 16:59:41.486645, 0] printing/print_cups.c:109(cups_connect)
Unable to connect to CUPS server localhost:631 - Connection refused
[2012/09/20 16:59:41.486809, 0] printing/print_cups.c:468(cups_async_callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2012/09/20 16:59:41.507198, 0] smbd/server.c:501(smbd_open_one_socket)
smbd_open_once_socket: open_socket_in: Address already in use
[2012/09/20 16:59:41.507407, 0] smbd/server.c:501(smbd_open_one_socket)
smbd_open_once_socket: open_socket_in: Address already in use
[2012/09/20 17:00:39, 0] smbd/server.c:1141(main)
smbd version 3.5.10-125.el6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2010
[2012/09/20 17:00:39.513793, 0] printing/print_cups.c:109(cups_connect)
Unable to connect to CUPS server localhost:631 - Connection refused
[2012/09/20 17:00:39.513955, 0] printing/print_cups.c:468(cups_async_callback)
failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
[2012/09/20 17:00:39.535458, 0] smbd/server.c:501(smbd_open_one_socket)
smbd_open_once_socket: open_socket_in: Address already in use
[2012/09/20 17:00:39.535689, 0] smbd/server.c:501(smbd_open_one_socket)
smbd_open_once_socket: open_socket_in: Address already in use
However the working server creates a log file in the directory named log. which the non working server does not.
testparm:
# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[tmp]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
[tmp]
comment = temporary files
path = /tmp
continuing...
Continued:
nmb is running as well:
# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
"Respond to Ping on Internet Port" is normally turned off on the routers. I turned it on, on both the Windows client and the server. Each can ping the other, sharing still doesn't work.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\xxxx>ping xxxx
Pinging xxxx with 32 bytes of data:
Reply from xxxx: bytes=32 time=25ms TTL=51
Reply from xxxx: bytes=32 time=23ms TTL=51
Reply from xxxx: bytes=32 time=26ms TTL=51
Reply from xxxx: bytes=32 time=24ms TTL=51
Ping statistics for xxxx:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 26ms, Average = 24ms
# ping xxxx -c 5
PING xxxx (xxxx) 56(84) bytes of data.
64 bytes from xxxx: icmp_seq=1 ttl=251 time=20.7 ms
64 bytes from xxxx: icmp_seq=2 ttl=251 time=24.6 ms
64 bytes from xxxx: icmp_seq=3 ttl=251 time=21.4 ms
64 bytes from xxxx: icmp_seq=4 ttl=251 time=25.3 ms
64 bytes from xxxx: icmp_seq=5 ttl=251 time=22.9 ms
--- xxxx ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4029ms
rtt min/avg/max/mdev = 20.776/23.022/25.319/1.764 ms
continuing...
Continued:
iptables are off:
# iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
SELinux is off:
# sestatus
SELinux status: disabled
smbclient using a user setup in samba works from the samba server to its local IP and to its external IP. The Windows client gets:
Connection to <ip addr> failed (Error NT_STATUS_UNSUCCESSFUL)
Samba is running as a daemon/service and netbios-ssn is in listen mode:
# netstat -a|grep netbios-ssn
tcp 0 0 *:netbios-ssn *:* LISTEN
Continuing...
Continued:
We're not restricting connections or using inetd.
log.nmbd does not report any problems.
nmblookup -B BIGSERVER SAMBA works using the server's name
nmblookup -B ACLIENT * fails on all log files using the windows client name OR the external IP address
nmblookup -d 2 `*'. fails
"If your PC and server aren't on the same subnet, then you will need to use the -B option to set the broadcast address to that of the PC's subnet.
This test will probably fail if your subnet mask and broadcast address are not correct. (Refer to test 3 notes above)."
Im not sure here, since we're going over the internet do we need these to match and work?
smbclient //BIGSERVER/TMP works
On the client:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\xxxx>net view \\xxxx (ip addr)
System error 53 has occurred.
The network path was not found.
C:\Users\xxxx>
net use has the same problem, even with providing user and passwd.
nmblookup -M WORKGROUP returns a local windows machine on the network there, whereas on my test server it returns the client which is local to the test machine. Perhaps there is an issue here with workgroup being on another machine, but how would others connect from other networks if this was the issue?
I tried preferred master = yes as well.
Page 2 of samba howto next.
Update: A new friend said to try nmap to see check the ports:
# nmap -sS -P0 -sV -O xxxx
Starting Nmap 5.51 ( ) at 2012-09-21 11:09 EDT
Nmap scan report for xxxx (xxxx)
Host is up (0.024s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
25/tcp open smtp Postfix smtpd
110/tcp open pop3 Dovecot pop3d
443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS))
9100/tcp open jetdirect?
Warning: OSScan results may be unreliable because we could not find at
least 1 open and 1 closed port
OS fingerprint not ideal because: Missing a closed TCP port so results
incomplete
No OS matches for host
Service Info: Host: xxxx
Since the Samba ports do not show up, I'm thinking the router or ISP is not forwarding/blocking the ports at this point.
As for a solution to sharing, I'm trying sshfs with a windows and mac client.
Answering your original question, the good way to test if your ISP is not blocking listed ports is this:
# yum -y install tcpdump
# tcpdump -i eth0 "port 137 or port 138 or port 139 or port 445"
(substitute eth0 with the name of the interface connected to the Internet).
Then you should try accessing the share (net view / net use / Windows Shell). If ports are forwarded correctly you should see something like that:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
01:25:48.631173 IP 192.168.0.10.54032 > 192.168.0.1.microsoft-ds: Flags [S], seq 4008761512, win 5840, options [mss 1460,sackOK,TS val 136010468 ecr 0,nop,wscale 7], length 0
01:25:48.631198 IP 192.168.0.1.microsoft-ds > 192.168.0.10.54032: Flags [S.], seq 2220435566, ack 4008761513, win 14480, options [mss 1460,sackOK,TS val 15507714 ecr 136010468,nop,wscale 7], length 0
01:25:48.631397 IP 192.168.0.10.54032 > 192.168.0.1.microsoft-ds: Flags [.], ack 1, win 46, options [nop,nop,TS val 136010468 ecr 15507714], length 0
01:25:48.642171 IP 192.168.0.10.54032 > 192.168.0.1.microsoft-ds: Flags [P.], seq 1:184, ack 1, win 46, options [nop,nop,TS val 136010479 ecr 15507714], length 183SMB PACKET: SMBnegprot (REQUEST)
...
If you see nothing at all it means that your ISP (or intermediate router) is blocking packets to those ports and it's most likely the case — SMB protocol proved to be quite insecure for open Internet deployments.
In the file /etc/samba/smb.conf, under the section [global], below the workgroup line add this two lines :
client min protocol = NT1
client max protocol = SMB3
I have the following code (of course I replaced myremoteserver.com):
use Modern::Perl;
use Net::SSH::Perl;
use Data::Dumper;
my $ssh = Net::SSH::Perl->new('myremoteserver.com', debug => 1, port => 2999);
$ssh->login('root');
print Dumper $ssh->cmd('uptime');
On a keyless environment, I'm running it both on perl 5.12 and 5.14.
On perl 5.12 it seems to work:
$ perl5.12 /tmp/sshtest.pl
ko.local: Reading configuration data /Users/david/.ssh/config
ko.local: Reading configuration data /etc/ssh_config
ko.local: Connecting to myremoteserver.com, port 2999.
ko.local: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
Math::BigInt: couldn't load specified math lib(s), fallback to Math::BigInt::Calc at /opt/local/lib/perl5/site_perl/5.12.3/Crypt/DH.pm line 6
ko.local: Net::SSH::Perl Version 1.34, protocol version 2.0.
.o.local: No compat match: OpenSSH_5.8p1 Debian-1ubuntu3
ko.local: Connection established.
ko.local: Sent key-exchange init (KEXINIT), wait response.
ko.local: Algorithms, c->s: 3des-cbc hmac-sha1 none
ko.local: Algorithms, s->c: 3des-cbc hmac-sha1 none
ko.local: Entering Diffie-Hellman Group 1 key exchange.
ko.local: Sent DH public key, waiting for reply.
ko.local: Received host key, type 'ssh-dss'.
ko.local: Host 'myremoteserver.com' is known and matches the host key.
ko.local: Computing shared secret key.
ko.local: Verifying server signature.
ko.local: Waiting for NEWKEYS message.
ko.local: Send NEWKEYS.
ko.local: Enabling encryption/MAC/compression.
ko.local: Sending request for user-authentication service.
ko.local: Service accepted: ssh-userauth.
ko.local: Trying empty user-authentication request.
ko.local: Authentication methods that can continue: publickey.
ko.local: Next method to try is publickey.
ko.local: Publickey: testing agent key '/Users/david/.ssh/github_rsa'
ko.local: Authentication methods that can continue: publickey.
ko.local: Next method to try is publickey.
Permission denied at /tmp/sshtest.pl line 9
But on perl 5.14:
$ perl5.14 /tmp/sshtest.pl
ko.local: Reading configuration data /Users/david/.ssh/config
ko.local: Reading configuration data /etc/ssh_config
ko.local: Connecting to myremoteserver.com, port 2999.
ko.local: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
ko.local: Net::SSH::Perl Version 1.34, protocol version 2.0.
.o.local: No compat match: OpenSSH_5.8p1 Debian-1ubuntu3
ko.local: Connection established.
ko.local: Sent key-exchange init (KEXINIT), wait response.
ko.local: Algorithms, c->s: 3des-cbc hmac-sha1 none
ko.local: Algorithms, s->c: 3des-cbc hmac-sha1 none
ko.local: Entering Diffie-Hellman Group 1 key exchange.
ko.local: Sent DH public key, waiting for reply.
ko.local: Received host key, type 'ssh-dss'.
ko.local: Host 'myremoteserver.com' is known and matches the host key.
ko.local: Computing shared secret key.
ko.local: Verifying server signature.
Key verification failed for server host key at /opt/local/lib/perl5/site_perl/5.14.1/Net/SSH/Perl/SSH2.pm line 92
The only difference I see is Math::BigInt returns a warning on perl 5.12.
Some debugging info:
~ $ perl5.12 -MNet::SSH::Perl -e 'print $Net::SSH::Perl::VERSION, "\n";'
1.34
~ $ perl5.14 -MNet::SSH::Perl -e 'print $Net::SSH::Perl::VERSION, "\n";'
1.34
~ $ perl5.12 -MMath::BigInt -e 'print $Math::BigInt::VERSION, "\n";'
1.997
~ $ perl5.14 -MMath::BigInt -e 'print $Math::BigInt::VERSION, "\n";'
1.997
Any idea what the problem here is?
There was a change to the default value for a configuration option that controlled how https validation was performed (specifically, the PERL_LWP_SSL_VERIFY_HOSTNAMES environment variable), when LWP::Protocol::https was pulled out of the main LWP library - now hostname checking is on by default, where it was off previously. It is possible that your perl 5.14 library picked up these new changes, and 5.12 is using the old versions.
There is also more information in "Now you need LWP::Protocol::https".