SSH.NET Authenticate via private key only (public key authentication)

Question

Attempting to authenticate via username and privatekey only using the current SSH.NET library. I cannot get the password from the user so this is out of the question.

here is what i am doing now.

Renci.SshNet.ConnectionInfo conn = 
    new ConnectionInfo(hostName, port, username, new AuthenticationMethod[]
        {
            new PasswordAuthenticationMethod(username, ""), 
            new PrivateKeyAuthenticationMethod(username, new PrivateKeyFile[] 
                   { new PrivateKeyFile(privateKeyLocation, "") }),
        });

using (var sshClient = new SshClient(conn))
{
    sshClient.Connect();
} 

Now, if I remove the PasswordAuthenticationMethod from the AuthenticationMethod[] array I get an exception for for no suitable authentication method found. If i attempt to pass in the (hostname, port, username, keyfile2) as such

var keyFile = new PrivateKeyFile(privateKeyLocation);
var keyFile2 = new[] {keyFile};

again, no suitable method found.

It seems I have to use the ConnectionInfo object as I outlined above, but it seems that it evaluates the PasswordAuthenticationMethod and cant log in (since i don't provide a password) and never evaluates the PrivateKeyAuthMethod ... is this the case? Is there some other way to authenticate with only a username or hostname and private key using SSH.NET lib?

Answer 1

Your problem here is that you're still using a password, even though it is blank. Remove this line:

new PasswordAuthenticationMethod(username, ""), 

This works perfectly for me:

var pk = new PrivateKeyFile(yourkey);
var keyFiles = new[] { pk };

var methods = new List<AuthenticationMethod>();
methods.Add(new PrivateKeyAuthenticationMethod(UserName, keyFiles));

var con = new ConnectionInfo(HostName, Port, UserName, methods.ToArray());

Answer 2

You need some thing like this, it works fine for me. Pay attention while creating new ConnectionInfo object I'm passing only host, port, user and auth method (No password is required); Second difference is that I'm passing single PrivateKeyFile, without empty quotes for 'Phrase' parameter;

public ConnectionInfo GetCertificateBasedConnection()
    {
        ConnectionInfo connection;
        Debug.WriteLine("Trying to create certification based connection...");
        using (var stream = new FileStream(ConfigurationHelper.PrivateKeyFilePath, FileMode.Open, FileAccess.Read))
        {
            var file = new PrivateKeyFile(stream);
            var authMethod = new PrivateKeyAuthenticationMethod(ConfigurationHelper.User, file);

            connection = new ConnectionInfo(ConfigurationHelper.HostName, ConfigurationHelper.Port, ConfigurationHelper.User, authMethod);
        }
        Debug.WriteLine("Certification based connection created successfully");
        return connection;
    }

Answer 3

to perform private key authentication, you will also need the passphrase, which together with the private key, will allow authentication.
What is really needed is for RenciSSH to get with the times and write a publickeyauthentication method.