Subject: RE: Using libssh2_userauth_publickey_fromfile() when I don't haveapublic key

RE: Using libssh2_userauth_publickey_fromfile() when I don't haveapublic key

From: Mark Smith <>
Date: Fri, 5 Nov 2010 10:14:55 -0000

Alex wrote:
> Just skimming it, it looks pretty good. What work does it still need?

I seem to remember from the discussion last time I posted a version of this
patch was that it was deemed untidy; what it should do instead is move the
function calls out of user.c so that they can be implemented in the crypto
library interface: put variants of these functions in openssl.c and stubs in
gcrypt.c (at least until someone who knows gcrypt well enough can implement

This would of course leave gcrypt support lagging even further behind
openssl support - last I checked gcrypt couldn't support password-encrypted
private keys either - so finding someone with gcrypt knowledge who could at
least advise would be a definite plus.

I haven't been able to do any of this yet since my requirement at the time
was to Just-Make-It-Work [tm] and I haven't had any time to work on the
project since; all I did do was make the patch apply cleanly against 1.2
and then 1.2.6 but haven't done anything newer. I'm expecting to be able to
update to 1.2.8 "sometime soon" and might be able to clean it up at the same
time but I don't have any crypto knowledge and can't provide any kind of

Of course, if the value of not needing the public key appeals to some other
kind developer with a bit more time to finish it off, please feel free!
Otherwise I certainly plan to post the cleaned patch when I've done it with
the hope that it'll get committed, perhaps prompting further additions and

On a sidenote, since I didn't post this as part of 2WoO: I use SFTP upload
both from Win32 and linux for log backup purposes as part of a PCI solution,
including realtime extraction of data from IIS, EventLog and MSSQL trace on
Win32, although the latter still needs some work.


Mark Smith
Received on 2010-11-05