Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to connect with a key signed by a certificate authority? #858

Open
noamshalev opened this issue Dec 5, 2019 · 1 comment
Open

How to connect with a key signed by a certificate authority? #858

noamshalev opened this issue Dec 5, 2019 · 1 comment

Comments

@noamshalev
Copy link

noamshalev commented Dec 5, 2019
edited
Loading

I need my node.js app to connect to a target machine using a key signed by a certificate authority.

When connecting from a terminal, the following 3 commands work:
eval "$(ssh-agent -s)"
ssh-add
ssh -i <path to signed key> [email protected]

In order to do it from my node.js app, I first start the ssh-agent and add the identity:
eval "$(ssh-agent -s)"
ssh-add
and launch the following node.js app with the environment variables of the ssh agent:
SSH_AUTH_SOCK=<socket> SSH_AGENT_PID=<pid> node app.js

This is the code I'm using to connect:

    conn = new SSHClient();
    conn.on('ready', function() {
        socket.emit('data', 'Connection to ' + asset.ip + ' established\n');
        conn.shell(function(err, stream) {
            if (err)
                return socket.emit('data', 'Connection to ' + asset.ip + ' shell error: ' + err.message + ' \n');  
            socket.on('data', function(data) {  
                stream.write(data);  
            });  
            stream.on('data', function(d) {  
                socket.emit('data', d.toString('binary'));  
            }).on('close', function() {  
                conn.end();  
            });  
        });
    }).on('close', function() {
        socket.emit('data', 'Connection to ' + asset.ip + ' closed.\n');
    }).on('error', function(err) {
        socket.emit('data', 'Connection to ' + asset.ip + ' ERROR: ' + err.message + '\n');
    }).connect({
        host: asset.ip,
        port: 22,
        username: asset.login,
        privateKey: require('fs').readFileSync('<path to signed key>'),
        agent: process.env.SSH_AUTH_SOCK
    });

When trying to connect I get the error:

privateKey value does not contain a (valid) private key

I struggled with the code, tried it with few configurations and couldn't find the right way to make it work.
Any idea how I should start this connection?
@noamshalev noamshalev changed the title Connect with a key signed by certificate authority How to connect with a key signed by a certificate authority Dec 6, 2019
@noamshalev noamshalev changed the title How to connect with a key signed by a certificate authority How to connect with a key signed by a certificate authority? Dec 6, 2019
@TimWolla
Copy link

TimWolla commented Jan 7, 2020

See my pull request #808, adding support for SSH certificates and #551 for a duplicate of this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TimWolla @noamshalev