Sample code for 30+ languages & platforms
DataFlex

SSH Auth Failure Reason (AuthenticatePwPk)

See more SSH Examples

This example demonstrates how to determine the failure reason for the case where both a password and private key are required for authentication. If authentication fails, was it because of an invalid private key, or an invalid password?

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Variant vKey
    Handle hoKey
    Handle hoSsh
    Variant vJson
    Handle hoJson
    String sTemp1

    Move False To iSuccess

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Load a private key to be used for SSH authentication.
    Get Create (RefClass(cComChilkatSshKey)) To hoKey
    If (Not(IsComObjectCreated(hoKey))) Begin
        Send CreateComObject of hoKey
    End
    Set ComPassword Of hoKey To "key_password"

    Get ComLoadText Of hoKey "qa_data/my_private_key_file" To sTemp1
    Get ComFromOpenSshPrivateKey Of hoKey sTemp1 To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoKey To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatSsh)) To hoSsh
    If (Not(IsComObjectCreated(hoSsh))) Begin
        Send CreateComObject of hoSsh
    End

    Get ComConnect Of hoSsh "ssh.example.com" 22 To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoSsh To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Authenticate using both a password and private key.
    Get pvComObject of hoKey to vKey
    Get ComAuthenticatePwPk Of hoSsh "myLogin" "myPassword" vKey To iSuccess
    If (iSuccess = True) Begin
        Showln "Authentication is successful!"
        Procedure_Return
    End

    // If we get here, it means the authentication failed.
    // Examine the last JSON data to get information..

    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Get pvComObject of hoJson to vJson
    Send ComGetLastJsonData To hoSsh vJson

    Set ComEmitCompact Of hoJson To False

    // This is the JSON if the key is correct, but the password is incorrect:

    // {
    //   "public_key_type": "rsa",
    //   "partialAuthResult": "publickey success. continue to authenticate with password...",
    //   "authResult": "failed",
    //   "authFailReason": "Password is incorrect"
    // }

    // This is the JSON if the key is incorrect.  We won't know if the password is also incorrect until
    // the key is made correct so that authentication proceeds to check the password.

    // {
    //   "public_key_type": "rsa",
    //   "authResult": "failed",
    //   "authFailReason": "Key is incorrect"
    // }

    // To get the authResult anbd authFailReason:
    Get ComStringOf Of hoJson "authResult" To sTemp1
    Showln "authResult: " sTemp1
    Get ComStringOf Of hoJson "authFailReason" To sTemp1
    Showln "authFailReason: " sTemp1


End_Procedure