Subject: Re: Key-based authentication with libssh2_userauth_publickey_fromfile()

Re: Key-based authentication with libssh2_userauth_publickey_fromfile()

From: Ted Lemon <>
Date: Sat, 11 Sep 2010 01:09:38 -0400

On Sep 11, 2010, at 12:58 AM, Paresh Thakor wrote:
> Yes, right they are path to the files where our public/private keys are being stored. But I think i generate key-pair using Security.framework, SecKeyGeneratePair(). But i don't think this function returns me proper key-pair, because i have generated keypair using other programs which gives me different pair than what i get from the above function. So, i can't authenticate using keypair. Do i need to do any encoding, decoding for the keypair? Anything more can you suggest me so i can implement public/private keys?

Hm, I thought I sent you a pretty detailed suggestion for how to do this a while back. My suggestion involved using the in-memory version of userauth_publickey instead of the one that loads the key from a file. That would probably work with the key you generate with SecKeyGeneratePair(). However, you would still need to get the public key into the authorized keys file on the host you're trying to connect to.

For that, as you say, you need to write the public key in the right format. I don't actually know what that is, but looking at my own file, it looks like if you output a line that starts with the letters "ssh-dss " (don't include the quotes), and is followed by the base-64 representation of the public key, and ends with a key name (usually username_at_hostname), followed by a newline, that ought to work. But I haven't tried it, so I could easily be wrong.

Received on 2010-09-11