All geek questions in one place

API Authentication Using Private and Public Keys

I would like to authorize the user in the CLI using the web API in the same way as SSH does (loading the public key on the server and then using the private key for authorization). Is it possible?

I do not want to generate a public / private key, but rather reuse existing id_rsa and id_rsa.pub.

Do you know any software packages that make it easier to use (preferably Ruby on Rails?)

@edit:

In particular, I want to enter the site, download and connect my public key to the online account, and then use the website API (authentication) through the CLI.

+4
source share
1 answer

You can use openssl library. As for the more complete solution you want, I don't think it is available. Do not work too much with the library.

http://ruby-doc.org/stdlib-1.9.2/libdoc/openssl/rdoc/OpenSSL/PKey/RSA.html

Basically do something like:

# private_key_str can be in PEM or DER format OpenSSL::PKey::RSA.new(private_key_str, 'passphrase').public_key

And compare it with the public key. You can get a string representation of the C # to_pem or #to_der key, depending on the format you use (play a bit with it). You can also use the rsa library.

I think you can use

 ssh-keygen -e -f id_rsa.pub > pemkey.pub

Convert from default ssh-keygen format to PEM. You can run this command on the server to do the conversion, if necessary - you will have to try and see to match the formats correctly, since I'm not sure that OpenSSL :: PKey :: RSA accepts the default ssh format -keygen. You can also make ssh-keygen read from STDIN and write to STDOUT, so you do not need to use files for conversion.

+1
source

Source: https://habr.com/ru/post/1444574/

More articles:


All Articles