Search code examples
pythonsshparamikoprivate-keypageant

How to connect to SFTP through Paramiko with SSH key and Pageant


I am trying to connect to an SFTP through Paramiko with a passphrase protected SSH key. I have loaded the key into Pageant (which I understand is supported by Paramiko) but I can't get it to decrypt my private key.

I have found this example here that references allow_agent=True but this does not appear to be a parameter that can be used with the SFTPClient.

Can anyone advise if it is possible to work with Paramiko and Pageant in this way?

This is my code at the moment - which raises PasswordRequiredException

privatekeyfile = 'path to key'
mykey = paramiko.RSAKey.from_private_key_file(privatekeyfile)
transport = paramiko.Transport(('host', 'port'))
transport.connect('username',pkey = mykey)
sftp = paramiko.SFTPClient.from_transport(transport)

Solution

  • You have to provide a passphrase, when loading an encrypted key using the RSAKey.from_private_key_file.

    Though note that you do not have to load the key at all, when using the Pageant. That's the point of using an authentication agent. But only the SSHClient class supports the Pageant. The Transport class does not, on its own.

    You can follow the code in How to use Pageant with Paramiko on Windows?
    Though as the allow_agent is True by default, there is actually nothing special about the code.

    Once connected and authenticated, use the SSHClient.open_sftp method to get your instance of the SFTPClient.

    ssh = paramiko.SSHClient()
    ssh.connect(host, username='user', allow_agent=True)
    sftp = ssh.open_sftp()
    

    You will also need to verify the host key:
    Paramiko "Unknown Server"