Back to product page

First steps with wodSSHServer

For setting up wodSSHServer you should follow below steps. Before each step we will try to explain why are we doing it.

Before we can use wodSSHServer, we must add it to our program, or at least add reference to it. In Visual Basic, you should click on 'Project' and then on 'Component' and find 'WeOnlyDo! wodSSHServer Suite ActiveX Control' and add it to the list of all referenced components. If you plan to use DLL version of the component, then click on 'Project' and then on 'References', find 'WeOnlyDo! wodSSHServer Suite COM Object' and include it into the project.

1. Put wodSSHServer ActiveX on the form

    - if you are using wodSSHServer.DLL, then you should declare wodSSHServer like this:

    Dim WithEvents wodSSHServer1 as wodSSHDCom

    and then in Form_Load you should do

    Set wodSSHServer1 = new wodSSHDCom

2. Add code to generate private keys needed for SSH protocol (only applies if you plan to use SSH protocol!)

Now we will generate private keys (and derive public ones from them) which will be needed to represent ourselves to the clients. wodSSHServer DOES NOT work if keys are not generated, because they are important part of SSH protocol specification. You should, usually, generate two keys: DSA and RSA keys. Different clients support different key types, so we will support both of them. Now, when client connects he may choose which one he will use to determine if server is not fake one. Best place to do this is Form_Load event.

    Private Sub Form_Load()
    Dim Filename As String
    ' first we need to load or generate key we will use
    ' in productional systems, generate both keys (RSA/DSA)
    ' here, just for the sample, one is enough.

    On Error Resume Next
    Filename = App.Path + "\mykey.rsa"
    ' try to load the key
    wodSSHServer1.Keys.Load Filename
    If Err <> 0 Then
    ' load failed - we will generate new one
    wodSSHServer1.Keys.Generate RSAkey
    wodSSHServer1.Keys.Save RSAkey, Filename
    End If
    ' now start the server
    End Sub

3. Add code to handle user authentication

By default, wodSSHServer will reject all logins, so we need to add some code that will handle authentication of users. We will do this in LoginPassword event. Simply, we will allow only user 'joe' with password 'joe' to gain access to the system. All other users will be rejected. We could, also, check User.Hostname property to determine where is he coming from - and if it's not from some trusted IP address, we could also deny access.

    Private Sub SSHD1_LoginPassword(ByVal User As wodSSHDComLIB.ISSHUser, ByVal Login As String, ByVal Password As String, Action As wodSSHDComLIB.SSHActions)
        If Login = "joe" And Password = "joe" Then
           Action = Allow
           Action = Deny
        End If
    End Sub

If Authentication property is set to accept publickey authentication, then it's possible that LoginPubkey event will be fired as well. wodSSHServer will fire this event only if it has already checked that remote signature provided by the client and his key matches. All you have to do in that case is to check if Publickey argument provided with LoginPublickey event matches with one you have in local database. If it matches (wodSSHServer already proved that it's correct), then you can allow user to login. So, you can use code like this:

    Private Sub wodSSHD1_LoginPubkey(ByVal User As wodSSHDComLIB.ISSHUser, ByVal Login As String, ByVal PublicKey As String, Action As wodSSHDComLIB.SSHActions)
       If Login = "joe" And PublicKey = "ssh-rsa AAAAB3NzaC1.....A5dxuzFobhu+m1xgv8=" Then
           Action = Allow
       End If
    End Sub

4. Determine which service user requests

Once user is authenticated with the server, he will request to run certain service on wodSSHServer. Most commonly, this is execution of shell (command prompt), but can also be execution of some file on your system, running SFTP server to transfer files, open port forwarding etc.. When user requests to start new service (and this can happen at any time), ServiceRequest event is fired with information about service type. You should here decide whether you will allow user to run specific service, or change service type. For example, you can 'fool' the user and instead of spawning a shell, you can return some custom data to the user - he will not know the difference. This is what we will do in this sample:

    Private Sub wodSSHServer1_ServiceRequest(ByVal User As wodSSHDComLIB.ISSHUser, ByVal ServiceIndex As Long, ServiceType As wodSSHDComLIB.SSHServiceTypes, ServicePath As String, Action As wodSSHDComLIB.SSHActions)
        ' don't execute anything - we'll have a small chat
        ServiceType = stNone
    End Sub

Forcing change of service like we did in above sample sometimes is not such a good idea. For example, user could have requested to run SFTP server. Since we changed it to stNone (and didn't report failure to the user), once he starts sending data we will receive binary packets. If we try to send some message to the user - he will probably disconnect because he was not prepared to run anything else than SFTP he requested. So, use with care!

5. Be notified when service has started

If you accepted selected service in step 4, at this point wodSSHServer will fire ServiceStart event so you know he actually started using the server the way he requested. In SSH2 protocol, he may start more than one service - on each such request ServiceRequest event will be fired.