Chilkat2-Python
Chilkat2-Python
SSH HSM Public Key Authentication
See more uncategorized Examples
Demonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems.
pkcs11 = chilkat2.Pkcs11()
# This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux.
pkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"
pin = "0000"
userType = 1
# Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above.
success = pkcs11.QuickSession(userType,pin)
if (success == False):
print(pkcs11.LastErrorText)
sys.exit()
# Set PKCS11 attributes to find our desired private key object.
json = chilkat2.JsonObject()
json.UpdateString("class","private_key")
json.UpdateString("label","MySshKey")
# Get the PKCS11 handle to the private key located on the HSM.
priv_handle = pkcs11.FindObject(json)
# Get the PKCS11 handle to the corresponding public key located on the HSM.
json.UpdateString("class","public_key")
pub_handle = pkcs11.FindObject(json)
key = chilkat2.SshKey()
# The key type can be "rsa" or "ec"
keyType = "rsa"
success = key.UsePkcs11(pkcs11,priv_handle,pub_handle,keyType)
if (success == False):
print(key.LastErrorText)
sys.exit()
ssh = chilkat2.Ssh()
success = ssh.Connect("example.com",22)
if (success != True):
print(ssh.LastErrorText)
sys.exit()
# Authenticate with the SSH server using the login and
# HSM private key. (The corresponding public key should've
# been installed on the SSH server beforehand.)
success = ssh.AuthenticatePk("myLogin",key)
if (success != True):
print(ssh.LastErrorText)
sys.exit()
print("Public-Key Authentication Successful!")