Is it possible to Integrate HSM device using Rebex?

0 votes
asked Jun 18 by shighil K (140 points)

1 Answer

0 votes
answered Jun 18 by Lukas Pokorny (100,670 points)

In general, if you are able to access an HSM device via .NET's RSACryptoServiceProvider, Rebex SFTP and SSH classes will be able to use them. Pass the appropriate instance to the relevant SshPrivateKey constructor (see here for details) and chances are it would work.

However, in practice, things can sometimes get more complicated (PIN codes, different vendors, CSP provider bugs, etc.), so we strongly advice our customers to make sure we are compatible with their HSM devices of your choice before making any decisions related to this.

commented Jun 19 by shighil K (140 points)
Thanks for your answer, could you please provide a sample C# code to authenticate SFTP server using Keys in Smart card
commented Jun 19 by Lukas Pokorny (100,670 points)
Sample code for accessing a smart card key via RSACryptoServiceProvider is available here: https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cspparameters?view=netframework-4.8 (the second sample is what you are looking for)
Once the sample code works with your HSM devices, simply pass the RSACryptoServiceProvider instance to SshPrivateKey constructor and use that in Sftp/Ssh's Login method.
...