Support key-based auth outside of filesystem

[fastjames]

I'm building a service where I would like to accept input via SFTP, so it's not quite the traditional setup where users are expected to drop files into a filesystem. Consequently, I'd like to store public keys somewhere other than on the filesystem. I figure out how to implement username/password authentication against a database table, but I'm having a slower time figuring out how to do so if a key is provided. I looked at the authenticate option, but that function appears to receive only the username, password, and an options map that contains the source IP.

I see that the underlying erlang library provides :ssh.is_auth_key for checking keys, and a behavior to allow for customization of the key store. I think I would need to write my own replacement that consulted a different source for those authorized keys. Do you know of anyone else who has set up exsftpd in this manner?

[jalpedersen]

I'm not aware of anybody using the library in this manner, but it would be a great addition. I'm quite swamped with work currently, but I would be more than happy to accept a pull request if you're up for it :-)

[jalpedersen]

I've made a quick addition based on your suggestion, so that users can bring their own module for key handling. Perhaps this is something you can adapt to your needs.