The PrivateKey property is used when you want to
authenticate with the server using your private/public key
pair, instead of using a Password.
This is a feature that should be supported by all SSH
servers. It is available only for the SSH2
protocol!
The idea of using keys is this: you own a private key (which no one else knows). You supply
the server with the public key that
corresponds to your private key.
Once you initiate a connection, wodSSHTunnel will request PublicKey
authentication. The server will check its internal list of
public keys (usually stored in -/.ssh/authorized_keys2 or -/.ssh2/authorized files) and if a match is found,
it will send a request to wodSFTP to prove that you own the
private key. Internally, wodSSHTunnel
will sign some data using the key that you provided and the server will
check the signature. If they match, it will allow you to
log in. Some servers will also require you to enter
a password, in which case this makes the server even more
secure.
To generate a PrivateKey that you can use with the server, use the
Keys object (included in the setup package)
like this (VB sample):
Dim key As New
WODSSHKeyLib.Keys
key.Generate RSAkey ' 1024 bits is
default
key.Save RSAkey, "C:\my_rsa_key.txt", "My secret password"
The above sample will generate your private key and store it
to file on disk, protected with a password. You
can continue your code like this:
Tunnel1.Login = "johndoe"
Tunnel1.PrivateKey = key ' or also
key.PrivateKey(RSAkey)
Tunnel1.Authentication = authPubkey
'.......
Tunnel1.Connect
As generation of keys may be lengthy process (for
keys with a large number of bits it can take few seconds), you
should not generate it every time you need to use it.
Instead, as you have saved it, you should try to reload it from
disk. A typical example might look like this:
Dim key As New
WODSSHKeyLib.Keys
On Error
Resume Next
' try to load previously saved
key
key.Load "C:\my_rsa_key.txt", "My secret password"
If Err <> 0 Then 'key was not saved
yet
key.Generate
RSAkey ' 1024 bits is
default
key.Save
RSAkey, "C:\my_rsa_key.txt", "My secret password"
' next time you run this code it will be able to load
it from the disk,
' so expensive Generate will not be called
anymore.
End If
Now that you have created your PrivateKey, you should
let the server know about it. You should do this by pasting your
public key to the appropriate files on the server. For SSH
servers (version 2), these are:
-/.ssh2/authorization which
should have some text like Key
somefile.pub on a separate line of the file or
-/.ssh2/somefile.pub which should
contain your public key, as returned by the Keys.PublicKeySSH
property.
For an OpenSSH server, you should paste the contents of the
Keys.PublicKeyOpenSSH property to:
-/.ssh/authorized_keys2 as a new
line in the file.
For VC users, you can prepare a returned key (loaded from
file, for example) by converting it to a SAFEARRAY like
this:
(Buffer holds key data and Bufsize holds key len)
SAFEARRAY *psa;
SAFEARRAYBOUND rgsabound[1];
char HUGEP *data;
rgsabound[0].lLbound=0;
rgsabound[0].cElements=Bufsize;
psa =
SafeArrayCreate(VT_UI1,1,rgsabound);
if (!psa)
return WSA_NOTOUGH_MEMORY;
SafeArrayAccessData(psa, (void HUGEP*
FAR*)&data);
memcpy(data,Buffer, Bufsize);
SafeArrayUnaccessData(psa);
VARIANT var;
var.vt =VT_ARRAY | VT_UI1;
var.parray=psa;
Now you can pass this VARIANT to the PrivateKey
property. You can also pass LPDISPATCH from the IKeys object
directly in the same manner:
VARIANT var;
var.vt = VT_DISPATCH;
var.pdispVal = (LPDISPATCH)your_keys_object_instance
and it will work too.
PrivateKey
Property
