1

I am using WinSCP .NET assembly to upload files over SFTP, and one of the SessionOptions properties is SshPrivateKeyPath which is the location of the private key file that I created with PuTTYgen. The file is on the C: drive on my PC:

SessionOptions sessionOptions = new SessionOptions
{
    SshPrivateKeyPath = "C:\Users\blah\Documents\MyPrivateKey.ppk";
}

note: I actually have the filepath as a config setting, but you get the idea.

Doing this makes sense to me as when deployed to a test/live environment, the key and its location will be different. Also as it's not part of the project it keeps it out of source control.

However I can't seem to find a standard approach to this and I worry that what I'm doing is not the right thing to do. Any suggestions?

Community
  • 1
  • 1
markpsmith
  • 4,860
  • 2
  • 33
  • 62
  • Try `App_Data`, it is a secure folder. See e.g. [this answer](https://stackoverflow.com/a/1519800/1220550). – Peter B Apr 12 '18 at 14:18
  • Your question is not clear. On one hand it seems that the file will already be somehow present on the machine and you only need to configure the application accordingly. On the other hand, you are asking where to deploy the key. Why do you even want the key to be separate from the application? – Martin Prikryl Apr 12 '18 at 19:38
  • @MartinPrikryl Sorry if I'm being unclear, this is all new to me so inevitably I will make some incorrect assumptions. I have assumed that the private key will be different in each environment ie dev/test/live and that the key may be shared between multiple applications. This is why I have kept the key separate. I can tell from your response that I should include it as part of the application, and therefore the key is application-specific in which case keeping in the application makes perfect sense. – markpsmith Apr 13 '18 at 08:49

1 Answers1

0

There's no definitive answer to your question. It's basically something that should be part of your software specification.

But to give some answer:

If the application uses the key for its internal use, i.e. the end user is not aware that the application uses SSH/SFTP to send some data somewhere, the key should be part of the application.

In that case, either deploy the key to your application installation folder or embed it into your binary.

Note that this is obviously a security issue. As long as your application need to contain credentials (be it private key or password) of your server, the end user can get hold of the credentials and abuse them. No matter how hard you try to hide them.

So the credentials must have as little privileges as possible. For example, if the application uploads files to the server, the account for which the private key (or password) is for, should allow only the upload and nothing else. It should not allow modification of existing files. It should not even allow listing of exiting files. It should have a limit on file size. Etc, etc. If you are not experienced with this, you really need to get this set up by someone experienced.

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992