(Go) SSH Authentication using X.509 Certificates

See more SSH Examples

Note: See X.509v3 Certificates for SSH Authentication for more information.

Chilkat Go Downloads Go Package for Windows, MacOS, Linux, Alpine Linux, Solaris

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    ssh := chilkat.NewSsh()

    hostname := "ssh.example.com"
    port := 22
    success := ssh.Connect(hostname,port)
    if success != true {
        fmt.Println(ssh.LastErrorText())
        ssh.DisposeSsh()
        return
    }

    // Load the cert + private key from a .pfx.
    // Note: Chilkat provides methods for loading certs and private keys from many sources, including smart cards and USB tokens (HSM's)
    cert := chilkat.NewCert()
    success = cert.LoadPfxFile("qa_data/pfx/example.pfx","pfx_password")
    if success != true {
        fmt.Println(cert.LastErrorText())
        ssh.DisposeSsh()
        cert.DisposeCert()
        return
    }

    // Get the cert's private key (as PEM) to be used for SSH authentication.
    // (The public key is installed on the server.)
    privKeyPem := cert.GetPrivateKeyPem()
    if cert.LastMethodSuccess() == false {
        fmt.Println(cert.LastErrorText())
        ssh.DisposeSsh()
        cert.DisposeCert()
        return
    }

    key := chilkat.NewSshKey()

    // Load a private key from a PEM string:
    success = key.FromOpenSshPrivateKey(*privKeyPem)
    if success != true {
        fmt.Println(key.LastErrorText())
        ssh.DisposeSsh()
        cert.DisposeCert()
        key.DisposeSshKey()
        return
    }

    // Authenticate with the SSH server.
    success = ssh.AuthenticatePk("myLogin",key)
    if success != true {
        fmt.Println(ssh.LastErrorText())
        ssh.DisposeSsh()
        cert.DisposeCert()
        key.DisposeSshKey()
        return
    }

    fmt.Println("Public-Key Authentication Successful!")

    ssh.DisposeSsh()
    cert.DisposeCert()
    key.DisposeSshKey()