jaimeiniesta

jaimeiniesta

How to authenticate on an sFTP server using a custom SSH key?

I’m using sftp_ex to connect to an sFTP server, authenticating with my SSH key, and it works out of the box - provided the key is at .ssh/id_rsa and that .ssh/id_rsa.pub has been set up on the remote server.

But, I don’t know how to specify a different SSH key. For example if my key is at .ssh/custom_key how can I use this one?

Also, in my app I’m going to have the private key as an ENV variable, how can I use that instead of having the file at .ssh?

Most Liked

OvermindDL1

OvermindDL1

For note, if you don’t want it to generate a known_hosts file then if you pass in the hosts public keys in the proper option (silently_accept_hosts or something like that) then it will only use those, but it will not accept any others either, which can be quite good for security.

easco

easco

The first thing that strikes my eye is that the documentation for SftpEx.connect says

Other available options can be found at ssh — OTP 29.0.2 (ssh 6.0.1)

If you look at that documentation then you can pass the type client_options(). client_options() in turn includes the type common_option() and common_option() include key_cb_common_option()

That is the “key callback” options and seems to let you specify a module that follows the ssh_client_key_api. As near as I can tell that means you have to create a module that has a method called user_key that accepts an algorithm specification (like RSA, DSA, etc) and returns the private key that corresponds to that.

You could create such a module. In the implementation of user_key you could take the value of the key in the environment variable and put it into the format recognized by Erlang’s :public_key module. In a recent case I had the key in pem format and I had to combine :public_key.pem_decode and :public_key.pem_entry_decode to extract a key from pem data. user_key would return that key.

Then you pass the name of that module to the SftpEx.connect function as [key_cb: YourModule]

Now… having said all that, I just got that by reading the docs… I haven’t actually tried it.

jaimeiniesta

jaimeiniesta

Thanks for your help @easco - for the record we found an easier solution, by using the user_dir option to specify an alternative directory where the id_rsa private key is stored in the server where we connect from.

We also found that when connecting it tried to write the known_hosts file in that directory, so you can either give this directory write permissions, or pre-populate it with this file so it doesn’t need to be updated.

Where Next?

Popular in Questions Top

skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
Patoshizzle
After calling mix ecto.create I get this error: 17:00:32.162 [error] GenServer #PID<0.412.0> terminating ** (Postgrex.Error) FATAL...
New
ycv005
I have followed this StackOverflow post to install the specific version of Erlang. And When I am running mix ecto.setup then getting fol...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
SoCreat
i’m a new one to elixir which editor can i use vs code? or atom? Thanks! :smiley:
New
aalberti333
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this: ...
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
ashish173
I am using Ecto timestamps with postgres, I can see the timestamps() use the :naive_dateime but for my use case I wanted to store the ti...
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
yawaramin
In the Dialyzer docs ( dialyzer — OTP 29.0.2 (dialyzer 6.0.1) ), there is a way to turn off a specific warning for a function: -dialyzer...
New

Other popular topics Top

danschultzer
None of the current solutions worked well for me, so I went ahead and built a user management system from scratch. This project took far...
548 29377 241
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
TunkShif
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
274 41539 114
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New
gausby
I asked this very same question on twitter and got some interesting feedback, but I thought it would be a good question to ask here as we...
1207 39297 209
New
Qqwy
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum. ...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New

We're in Beta

About us Mission Statement