Sample code for 30+ languages & platforms
Unicode C++

SFTP Authentication using X.509 Certificates

See more SFTP Examples

Demonstrates how to authenticate with an SSH/SFTP server using an certificate's private key.

Note: See X.509v3 Certificates for SSH Authentication for more information.

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkSFtpW.h>
#include <CkCertW.h>
#include <CkSshKeyW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkSFtpW sftp;

    const wchar_t *hostname = L"sftp.example.com";
    int port = 22;
    success = sftp.Connect(hostname,port);
    if (success != true) {
        wprintf(L"%s\n",sftp.lastErrorText());
        return;
    }

    // Load the cert + private key from a .pfx.
    // Note: Chilkat provides methods for loading certs and private keys from many sources, including smart cards and USB tokens (HSM's)
    CkCertW cert;
    success = cert.LoadPfxFile(L"qa_data/pfx/example.pfx",L"pfx_password");
    if (success != true) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    // Get the cert's private key (as PEM) to be used for SSH authentication.
    // (The public key is installed on the server.)
    const wchar_t *privKeyPem = cert.getPrivateKeyPem();
    if (cert.get_LastMethodSuccess() == false) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    CkSshKeyW key;

    // Load a private key from a PEM string:
    success = key.FromOpenSshPrivateKey(privKeyPem);
    if (success != true) {
        wprintf(L"%s\n",key.lastErrorText());
        return;
    }

    // Authenticate with the SSH server.
    success = sftp.AuthenticatePk(L"myLogin",key);
    if (success != true) {
        wprintf(L"%s\n",sftp.lastErrorText());
        return;
    }

    wprintf(L"Public-Key Authentication Successful!\n");
    }