Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
Hello, I am testing the SSH library works.
Now I am trying to see if I can use public ssh keys to connect to a Linux box. Will the ssh library be able to use the sshpublickey.pub file from a Linux box to connect.
Can I use the following format:
const char * pubKey;
pubKey = key.loadText("sshpublickey.pub");
Thanks
You cannot use the public-key with ANY library, nor with PuTTY, nor anything else that implements the SSH protocol. The reason is that "public key authentication" is defined by the SSH protocol in this way: The public key is provided to the SSH server administrator and it is stored on the SSH server. You, the client, are the only one in possession of the private key (which is the equivalent of your password). The client-side of the SSH public-key authentication protocol uses the private key to authenticate.
It's this way because you might give your public key to many different SSH server administrators. You (the client-side) should be the only one in possession of your private key -- nobody else. Therefore, it is only you who has the information necessary to authenticate.
you set the public key to the ftp id on the Linux box, You can use only key auth, or key and password auth.
Then use the private key on the client with AuthenticatePk. There is another method to pass both the ssh key and password for the other option.
Ok, Back from trying the sample for the private key which works, but when I try the "public key" instead it does not work.
What I want to do is use this library to access the Linux account with "only" the "public key" and not have use the private key.
Is there an available example showing this? Perhaps, I'm just not understanding how the library is supposed to work.
For instance, between Linux machines A and B I can have a user account with generated ssh private and public keys on system A, and then I can copy the authorized file from system A to system B. Next time I ssh to system B,I do not have to enter a password(assuming that when I generated the keys, I chose not to have the password set -- all security issues aside)
Can I do this with this library?
Thanks