Subject: Re: libssh2_userauth_publickey functionning

Re: libssh2_userauth_publickey functionning

From: Alexander Lamaison <swish_at_lammy.co.uk>
Date: Thu, 25 Oct 2012 12:55:23 +0100

On 23 October 2012 16:26, <scout_game_at_hushmail.me> wrote:
> Good morning;
> I want to use libssh2_userauth_publickey for my apps, I have seen a usage of this function from agent.c source file, but here I don't understand what is going on.

The easiest way to use public key authentication with libssh2 is to
use the key agent API. These are the API functions that start with
'libssh2_agent_'. This way the user loads their keys into the
appropriate keychain for their platform (for instance Pageant on
Windows) and you call the agent api functions to authenticate using
those keys.

> Normally libssh2_userauth_publickey_fromfile() requires both public and private keys to authenticate.

If you are using the OpenSSL crypto backend, you only need to provide
the private key. The public key is extracted from it.

> This is usual but I haven't seen libssh2_userauth_publickey uses any private key but only a public key in its argument as unsigned char* variable. So should I setup my ssh to authenticate without providing a private key before using libssh2_userauth_publickey ?

I believe that libssh2_userauth_publickey expects you to sign the data
manually yourself using a private key in the function you pass as a
callback to the sign_callback argument. But I'm not 100% sure. Noone
seems to remember quite how this API call works and it isn't
documented. Notice that libssh2_userauth_publickey_from_file_ex is
implemented in terms of libssh2_userauth_publickey and includes and
example of a sign_callback function.

> maybe should I generate the pub/priv keys from the remote server and copy the public key to my local computer but I haven't tried that trick before so don't know if this is the solution or there is something else hidden.

How you distribute and install the public keys depends on your SSH
server. For OpenSSH you copy and paste the public key line into the
~/.ssh/authorized_keys file.

Alex

-- 
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-10-25