(Lianja) SSH Authentication using X.509 Certificates

See more SSH Examples

Demonstrates how to authenticate with an SSH/SFTP server using an certificate's private key.

Note: See X.509v3 Certificates for SSH Authentication for more information.

Chilkat Lianja Extension Download Chilkat Lianja Extension

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loSsh = createobject("CkSsh")

lcHostname = "ssh.example.com"
lnPort = 22
llSuccess = loSsh.Connect(lcHostname,lnPort)
if (llSuccess <> .T.) then
    ? loSsh.LastErrorText
    release loSsh
    return
endif

// Load the cert + private key from a .pfx.
// Note: Chilkat provides methods for loading certs and private keys from many sources, including smart cards and USB tokens (HSM's)
loCert = createobject("CkCert")
llSuccess = loCert.LoadPfxFile("qa_data/pfx/example.pfx","pfx_password")
if (llSuccess <> .T.) then
    ? loCert.LastErrorText
    release loSsh
    release loCert
    return
endif

// Get the cert's private key (as PEM) to be used for SSH authentication.
// (The public key is installed on the server.)
lcPrivKeyPem = loCert.GetPrivateKeyPem()
if (loCert.LastMethodSuccess = .F.) then
    ? loCert.LastErrorText
    release loSsh
    release loCert
    return
endif

loKey = createobject("CkSshKey")

// Load a private key from a PEM string:
llSuccess = loKey.FromOpenSshPrivateKey(lcPrivKeyPem)
if (llSuccess <> .T.) then
    ? loKey.LastErrorText
    release loSsh
    release loCert
    release loKey
    return
endif

// Authenticate with the SSH server.
llSuccess = loSsh.AuthenticatePk("myLogin",loKey)
if (llSuccess <> .T.) then
    ? loSsh.LastErrorText
    release loSsh
    release loCert
    release loKey
    return
endif

? "Public-Key Authentication Successful!"


release loSsh
release loCert
release loKey