Lianja
Lianja
SSH HSM Public Key Authentication
See more uncategorized Examples
Demonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).Chilkat Lianja Downloads
llSuccess = .F.
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems.
loPkcs11 = createobject("CkPkcs11")
// This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux.
loPkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"
lcPin = "0000"
lnUserType = 1
// Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above.
llSuccess = loPkcs11.QuickSession(lnUserType,lcPin)
if (llSuccess = .F.) then
? loPkcs11.LastErrorText
release loPkcs11
return
endif
// Set PKCS11 attributes to find our desired private key object.
loJson = createobject("CkJsonObject")
loJson.UpdateString("class","private_key")
loJson.UpdateString("label","MySshKey")
// Get the PKCS11 handle to the private key located on the HSM.
lnPriv_handle = loPkcs11.FindObject(loJson)
// Get the PKCS11 handle to the corresponding public key located on the HSM.
loJson.UpdateString("class","public_key")
lnPub_handle = loPkcs11.FindObject(loJson)
loKey = createobject("CkSshKey")
// The key type can be "rsa" or "ec"
lcKeyType = "rsa"
llSuccess = loKey.UsePkcs11(loPkcs11,lnPriv_handle,lnPub_handle,lcKeyType)
if (llSuccess = .F.) then
? loKey.LastErrorText
release loPkcs11
release loJson
release loKey
return
endif
loSsh = createobject("CkSsh")
llSuccess = loSsh.Connect("example.com",22)
if (llSuccess <> .T.) then
? loSsh.LastErrorText
release loPkcs11
release loJson
release loKey
release loSsh
return
endif
// Authenticate with the SSH server using the login and
// HSM private key. (The corresponding public key should've
// been installed on the SSH server beforehand.)
llSuccess = loSsh.AuthenticatePk("myLogin",loKey)
if (llSuccess <> .T.) then
? loSsh.LastErrorText
release loPkcs11
release loJson
release loKey
release loSsh
return
endif
? "Public-Key Authentication Successful!"
release loPkcs11
release loJson
release loKey
release loSsh