How to authenticate on an sFTP server using a custom SSH key?

The first thing that strikes my eye is that the documentation for SftpEx.connect says

Other available options can be found at ssh — OTP 29.0.2 (ssh 6.0.1)

If you look at that documentation then you can pass the type client_options(). client_options() in turn includes the type common_option() and common_option() include key_cb_common_option()

That is the “key callback” options and seems to let you specify a module that follows the ssh_client_key_api. As near as I can tell that means you have to create a module that has a method called user_key that accepts an algorithm specification (like RSA, DSA, etc) and returns the private key that corresponds to that.

You could create such a module. In the implementation of user_key you could take the value of the key in the environment variable and put it into the format recognized by Erlang’s :public_key module. In a recent case I had the key in pem format and I had to combine :public_key.pem_decode and :public_key.pem_entry_decode to extract a key from pem data. user_key would return that key.

Then you pass the name of that module to the SftpEx.connect function as [key_cb: YourModule]

Now… having said all that, I just got that by reading the docs… I haven’t actually tried it.