On 5/5/21 7:53 PM, John Dunn wrote:
> Hi John... I've hit this before myself.
You need to call ssh_pki_copy_cert_to_privkey(pubKey, privateKey) after
ssh_pki_import_privkey_base64() and before ssh_userauth_publickey() to
add the public key certificate to the private key before authenticating.
Hope that helps!
Jeremy.
That did! Thanks!
It's odd that requirement isn't documented as far as I can tell. It's also not
used in the authentication example here (
https://gitlab.com/libssh/libssh-mirror/-/blob/master/examples/authentication.c
) either. I wonder if that's only required in some cases, and if that's the
case how one would know that it needed to be done.
Interesting. In the original message, there was no mention of the
certificates, just public and private keys, which should work as described.
If the certificate is needed for authentication, it indeed, requires
loading it beforehand and separately. I do not think we have a lot of
documentation about these, but contributing examples for this or updates
for documentation, would be welcomed.
Thanks,
--
Jakub Jelen
Senior Software Engineer
Crypto Team, Security Engineering
Red Hat, Inc.
