Remarks
The PrivateKey property is used when you want to authenticate with the server using a private/public key pair, instead of using a
Password. This is a feature that should be supported by all SFTP servers.
The principal behind the use of private keys is this: you own a
private key (which no one else knows). You supply the server with the public key that corresponds to your
private key. When you initiate a connection, wodSFTP will request
publickey authentication. The server will check its internal list of public keys (usually stored in
-/.ssh/authorized_keys2 or
-/.ssh2/authorized files) and, if a match is found, it will send a request to wodSFTP to prove that you own the private key. Internally, wodSFTP will sign some data using the key you provided, and the server will check the signatures. If they match, you will be allowed to login. Some servers will also require you to enter a password, in which case the server is even more secure.
To generate a PrivateKey that you can use with the server, use the Keys object (included in setup package) like this (VB sample):
Dim key As New wodSFTPKeyLib.Keys
key.Generate RSAkey ' 1024 bits is default
key.Save RSAkey, "C:\my_rsa_key.txt", "My secret password"
The above sample will generate your private key and store it to file on disk, protected with a password. You can then immediately continue your code like this:
Sftp.Login = "johndoe"
Sftp.PrivateKey = key.PrivateKey(RSAkey)
Sftp.Authentication = authPubkey
.......
Sftp.Connect
As generation of keys can be a lengthy process (for keys with a large number of bits it can take few seconds), you shouldn't generate it every time you need to use it. Instead, as you have saved it, you should try to load it from the disk. The following code illustrates this type of usage:
Dim key As New wodSFTPKeyLib.Keys
On Error Resume Next
' try to load previously saved key
key.Load "C:\my_rsa_key.txt", "My secret password"
If Err <> 0 Then 'key was not saved yet
key.Generate RSAkey ' 1024 bits is default
key.Save RSAkey, "C:\my_rsa_key.txt", "My secret password"
' next time you run this code it will be able to load it from the disk,
' so expensive Generate will not be called anymore.
End If
Now that you have created your PrivateKey, you should let the server know about it. You should do this by pasting the
public key into the appropriate files on the server. For SFTP servers (version 2), these are
-/.ssh2/authorization which should have the line of text
Key somefile.pub on a separate line in the file,
-/.ssh2/somefile.pub which should contain your public key, as returned by the
Keys.PublicKeySSH property.
For OpenSSH server, you should paste the contents of Keys.PublicKeyOpenSSH property into
-/.ssh/authorized_keys2 as a new line in the file.
For VC users, you can prepare a returned key (loaded from file, for example) by converting it to SAFEARRAY like this:
(Buffer holds key data, and Bufsize holds key len)
SAFEARRAY
*psa
;SAFEARRAYBOUND rgsabound
[1];char HUGEP
*data
; rgsabound
[0].
lLbound=0;rgsabound
[0].
cElements=Bufsize
; psa
= SafeArrayCreate
(VT_UI1
,1,rgsabound
);if (!psa
)return WSA_NOT_ENOUGH_MEMORY
; SafeArrayAccessData
(psa
, (void HUGEP
* FAR
*)&data
); memcpy(data
,Buffer
, Bufsize
);SafeArrayUnaccessData
(psa
); VARIANT var
;var.
vt =VT_ARRAY
| VT_UI1
;var.
parray=psa
;
and now you can pass this VARIANT into the PrivateKey property or you can pass LPDISPATCH from the IKeys object directly in the same manner:
VARIANT var;
var.vt = VT_DISPATCH;
var.pdispVal = (LPDISPATCH)your_keys_object_instance
and it will work too.
The Bufsize variable should contain the maximum data length that can be stored in the Buffer variable. If you set Bufsize = 0, then the function will return with error ERROR_INSUFFICIENT_BUFFER and Bufsize will contain the required buffer size.
Back to product page