What I would change about Test::SFTP

I've been noticing more and more attention being given to environment testing. That is, part of your testing would be to check the environment you're on. Many Perl developers would probably hear this and say "yeah, well, that makes sense" - that is because many Perl developers already do it. Apparently the other developers are starting to catch on. :)

Test::SFTP was written to make sure my environment is okay. By "okay", I mean "consistent." Also, I really wanted to write a test module.

Originally I wrote Test::SFTP when Net::SFTP::Foreign either didn't exist or was in its very very early days. Point is, I didn't know it. I used Net::SFTP which uses in turn Net::SSH::Perl which - for those that do not know it - is a pure-Perl implementation of the SSH protocol. It's actually a pretty cool thing, except that the dependency is a complete nightmare (including GMP and half of Crypt::* namespace) and it's rather slow.

Net::SFTP::Foreign (as the case with Net::OpenSSH), on the other hand, is simply a wrapper (albeit sophisticated one) for the SSH client binaries. This might have compatibility issues, I'll admit, but it works - and it works much better. It's fast, it's (surprisingly) more reliable and the author (Salvador Fandiño García) is extremely responsive!

After getting a few versions out, being very frustrated with the performance and [dis]comfort of Net::SSH::Perl, I've decided to call it quits and put this module to rest. I've also never really understood the asterisks I got in the module name. I suppose it's incorrect usage of the building toolkit specs or bad POD. I suppose it makes sense since it's one of my earlier modules and first distribution.

If I could change Test::SFTP, I would rewrite it to use Net::SFTP::Foreign and perhaps improve the tests. Then I would recreate the Module::Build configuration and fix the POD.

After doing what I wanted with App::Genpass (finally having an actual CLI program for it), I might just do it with Test::SFTP. Be warned though, after I finish going over my modules, I'll start criticizing others'! :)

3 Comments

I think it would be good if some one wrote a wrapper around the putty scp client, pcsp. seems to me it is a more robust but maybe less secure client than openssh. I say that as it allows you to specify a password on the command line and override key mismatches. Handy when using these things for connecting to many items automatically like network devices for backup.


Well, actually, Net::SFTP::Foreign is not a wrapper but a full implementation of the SFTP protocol!


It just happens to require an external SSH client for the transport layer, but this is how most SFTP clients work (i.e. sftp in OpenSSH, psftp in Putty, lftp, etc.). The only really ugly thing is using Expect to handle password authentication... even uglier because it doesn't work under ActiveState or Strawberry Perl in Windows.


Later versions of Net::SFTP::Foreign also support pluggable back ends for the transport layer. One is available for Net::SSH2, and another could be written for Net::SSH::Perl... so far, I have resisted the idea of doing so as Net::SSH::Perl is mostly a dead project with lots of known unresolved bugs and I don't want to promote its usage.

Leave a comment

About Sawyer X

user-pic Gots to do the bloggingz