SSHAuthMode Property
The authentication method to be used the component when calling SSHLogon .
Syntax
scp.getSSHAuthMode([callback]) scp.setSSHAuthMode( SSHAuthMode, [callback])
Possible Values
0 (amNone), 1 (amMultiFactor), 2 (amPassword), 3 (amPublicKey), 4 (amKeyboardInteractive), 5 (amGSSAPIWithMic), 6 (amCustom)
Default Value
2
Callback
The 'callback' parameter specifies a function which will be called when the operation completes (or an error is encountered). If the 'callback' parameter is not specified, then the method will block and will not return until the operation completes (or an error is encountered).
The callback for the getSSHAuthMode([callback]) method is defined as:
function(err, data){ }
'err' is the error that occurred. If there was no error, then 'err' is 'null'.
'data' is the value returned by the method.
The callback for the setSSHAuthMode([callback]) method is defined as:
function(err){ }
'err' is the error that occurred. If there was no error, then 'err' is 'null'.
'err' has 2 properties which hold detailed information:
err.code err.message
Remarks
The SSH Authentication specification (RFC 4252) specifies multiple methods by which a user can be authenticated by an SSH server. When a call is made to SSHLogon, the class will connect to the SSH server and establish the security layer. After the connection has been secured, the client will send an authentication request to the SSHHost containing the SSHUser. The server will respond containing a list of methods by which that user may be authenticated.
The class will attempt to authenticate the user by one of those methods based on the value of SSHAuthMode and other property values supplied by the user. Currently, the class supports the following authentication methods:
amNone (0) | No authentication will be performed. The current SSHUser value is ignored, and the connection will be logged in as anonymous. |
amMultiFactor (1) | This allows the class to attempt a multi-step authentication process. The class will send authentication data to the server based on the list of methods allowed for the current user and the authentication property values supplied. The class will continue to send authentication data until the server acknowledges authentication success. If the server rejects an authentication step, the class fails with an error. |
amPassword (2) | The class will use the values of SSHUser and SSHPassword to authenticate the user. |
amPublicKey (3) | The class will use the values of SSHUser and the SSHCert* properties to authenticate the user. the SSHCert* properties must have a private key available for this authentication method to succeed. |
amKeyboardInteractive (4) | At the time of authentication, the class will fire the SSHKeyboardInteractive event containing instructions on how to complete the authentication step. (NOTE: amKeyboardInteractive is not supported in SSHTunnel). |
amGSSAPIWithMic (5) | This allows the class to attempt Kerberos authentication using the GSSAPI-WITH-MIC scheme. The client will try Kerberos authentication using the value of SSHUser (single sign-on), or if SSHPassword is specified as well, it will try Kerberos authentication with alternate credentials. This is currently supported only in the .NET client. |
amCustom (6) | This allows the class caller to take over the authentication process completely. When amCustom is set, the class will fire the SSHCustomAuth event as necessary to complete the authentication process. |
Example (User/Password Auth):
Control.SSHAuthMode = SftpSSHAuthModes.amPassword Control.SSHUser = "username" Control.SSHPassword = "password" Control.SSHLogon("server", 22)Example (Public Key Auth):
Control.SSHAuthMode = SftpSSHAuthModes.amPublicKey Control.SSHUser = "username" Control.SSHCertStoreType = SSHCertStoreTypes.cstPFXFile; Control.SSHCertStore = "cert.pfx"; Control.SSHCertStorePassword = "certpassword"; Control.SSHCertSubject = "*"; Control.SSHLogon("server", 22)
Data Type
Integer