Sample code for 30+ languages & platforms
Tcl

SSH Authentication using an SSH Certificate

See more SSH Examples

Demonstrates how to authenticate using an SSH certificate.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set sbSshCert [new_CkStringBuilder]

set success [CkStringBuilder_LoadFile $sbSshCert "qa_data/sshCert/user_ecdsa_key-cert.pub" "utf-8"]
if {$success == 0} then {
    puts "Failed to load user_ecdsa_key-cert.pub"
    delete_CkStringBuilder $sbSshCert
    exit
}

set sbPrivKey [new_CkStringBuilder]

set success [CkStringBuilder_LoadFile $sbPrivKey "qa_data/sshKeys/user_ecdsa_key" "utf-8"]
if {$success == 0} then {
    puts "Failed to load user_ecdsa_key"
    delete_CkStringBuilder $sbSshCert
    delete_CkStringBuilder $sbPrivKey
    exit
}

set key [new_CkSshKey]

# Provide the password if the user_ecdsa_key is stored in an encrypted format.
CkSshKey_put_Password $key "secret"
set success [CkSshKey_FromOpenSshPrivateKey $key [CkStringBuilder_getAsString $sbPrivKey]]
if {$success == 0} then {
    puts [CkSshKey_lastErrorText $key]
    delete_CkStringBuilder $sbSshCert
    delete_CkStringBuilder $sbPrivKey
    delete_CkSshKey $key
    exit
}

# Indicate that the SSH certificate is to be used for authentication.
# The UseSshCertificate method was added in Chilkat v11.0.0
CkSshKey_UseSshCertificate $key [CkStringBuilder_getAsString $sbSshCert]

set ssh [new_CkSsh]

set hostname "ssh.example.com"
set port 22
set success [CkSsh_Connect $ssh $hostname $port]
if {$success != 1} then {
    puts [CkSsh_lastErrorText $ssh]
    delete_CkStringBuilder $sbSshCert
    delete_CkStringBuilder $sbPrivKey
    delete_CkSshKey $key
    delete_CkSsh $ssh
    exit
}

set success [CkSsh_AuthenticatePk $ssh "myLogin" $key]
if {$success != 1} then {
    puts [CkSsh_lastErrorText $ssh]
    delete_CkStringBuilder $sbSshCert
    delete_CkStringBuilder $sbPrivKey
    delete_CkSshKey $key
    delete_CkSsh $ssh
    exit
}

puts "Public-Key Authentication using an SSH Certificate was Successful!"

delete_CkStringBuilder $sbSshCert
delete_CkStringBuilder $sbPrivKey
delete_CkSshKey $key
delete_CkSsh $ssh