Sample code for 30+ languages & platforms
PHP Extension

SFTP Authentication using X.509 Certificates

See more SFTP Examples

Demonstrates how to authenticate with an SSH/SFTP server using an certificate's private key.

Note: See X.509v3 Certificates for SSH Authentication for more information.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$sftp = new CkSFtp();

$hostname = 'sftp.example.com';
$port = 22;
$success = $sftp->Connect($hostname,$port);
if ($success != true) {
    print $sftp->lastErrorText() . "\n";
    exit;
}

// Load the cert + private key from a .pfx.
// Note: Chilkat provides methods for loading certs and private keys from many sources, including smart cards and USB tokens (HSM's)
$cert = new CkCert();
$success = $cert->LoadPfxFile('qa_data/pfx/example.pfx','pfx_password');
if ($success != true) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Get the cert's private key (as PEM) to be used for SSH authentication.
// (The public key is installed on the server.)
$privKeyPem = $cert->getPrivateKeyPem();
if ($cert->get_LastMethodSuccess() == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

$key = new CkSshKey();

// Load a private key from a PEM string:
$success = $key->FromOpenSshPrivateKey($privKeyPem);
if ($success != true) {
    print $key->lastErrorText() . "\n";
    exit;
}

// Authenticate with the SSH server.
$success = $sftp->AuthenticatePk('myLogin',$key);
if ($success != true) {
    print $sftp->lastErrorText() . "\n";
    exit;
}

print 'Public-Key Authentication Successful!' . "\n";

?>