sshkeyproof 0.1 → 0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +1 -0
- data/Manifest +1 -1
- data/README.md +3 -3
- data/lib/{sshkeyauth.rb → sshkeyproof.rb} +12 -5
- data/sshkeyproof.gemspec +3 -3
- metadata +3 -3
data/CHANGELOG
CHANGED
data/Manifest
CHANGED
data/README.md
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
|
|
2
|
-
|
|
2
|
+
### gem install 'sshkeyproof'
|
|
3
3
|
|
|
4
4
|
If you have a user's public key, you can verify they are who they say they are (ie. they hold the correspending private key):
|
|
5
5
|
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
### Client
|
|
8
8
|
|
|
9
9
|
The client takes their private key (defaults to ~/.ssh/id_rsa) and encrypts a random string as proof of work.
|
|
10
10
|
|
|
11
11
|
request = Sshkeyproof::Client.new key_file: "./id_rsa"
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
|
|
14
|
+
### Server
|
|
15
15
|
|
|
16
16
|
The server takes the request string and verifies it
|
|
17
17
|
|
|
@@ -13,14 +13,17 @@ module Sshkeyproof
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def random
|
|
16
|
-
@random ||= OpenSSL::Random.random_bytes(10)
|
|
16
|
+
@random ||= OpenSSL::Random.random_bytes(10)
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def request
|
|
20
|
-
ciphertext = @privkey.private_encrypt(random)
|
|
21
|
-
|
|
20
|
+
ciphertext = to_hex @privkey.private_encrypt(random)
|
|
21
|
+
[SSHKey.sha1_fingerprint(@pubkey.to_s),to_hex(random),ciphertext].join('|')
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def to_hex(str)
|
|
25
|
+
str.unpack('H*').first
|
|
22
26
|
end
|
|
23
|
-
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
class Server
|
|
@@ -31,7 +34,11 @@ module Sshkeyproof
|
|
|
31
34
|
|
|
32
35
|
def correct?(key)
|
|
33
36
|
openssl_key = String===key ? OpenSSL::PKey::RSA.new(key) : key
|
|
34
|
-
@fingerprint && @random && @ciphertext && openssl_key.public_key.public_decrypt(
|
|
37
|
+
@fingerprint && @random && @ciphertext && openssl_key.public_key.public_decrypt(from_hex(@ciphertext)) == from_hex(@random) rescue nil
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def from_hex(str)
|
|
41
|
+
[str].pack('H*')
|
|
35
42
|
end
|
|
36
43
|
end
|
|
37
44
|
|
data/sshkeyproof.gemspec
CHANGED
|
@@ -2,15 +2,15 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = "sshkeyproof"
|
|
5
|
-
s.version = "0.
|
|
5
|
+
s.version = "0.2"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Andrew Snow"]
|
|
9
9
|
s.date = "2013-01-24"
|
|
10
10
|
s.description = "Ruby gem to prove client has the other half of a keypair"
|
|
11
11
|
s.email = "andrew@modulus.org"
|
|
12
|
-
s.extra_rdoc_files = ["CHANGELOG", "README.md", "lib/
|
|
13
|
-
s.files = ["CHANGELOG", "Manifest", "README.md", "Rakefile", "lib/
|
|
12
|
+
s.extra_rdoc_files = ["CHANGELOG", "README.md", "lib/sshkeyproof.rb"]
|
|
13
|
+
s.files = ["CHANGELOG", "Manifest", "README.md", "Rakefile", "lib/sshkeyproof.rb", "test/test_all.rb", "sshkeyproof.gemspec"]
|
|
14
14
|
s.homepage = "https://github.com/andys/sshkeyproof"
|
|
15
15
|
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Sshkeyproof", "--main", "README.md"]
|
|
16
16
|
s.require_paths = ["lib"]
|
metadata
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: sshkeyproof
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease:
|
|
5
|
-
version: '0.
|
|
5
|
+
version: '0.2'
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- Andrew Snow
|
|
@@ -34,13 +34,13 @@ extensions: []
|
|
|
34
34
|
extra_rdoc_files:
|
|
35
35
|
- CHANGELOG
|
|
36
36
|
- README.md
|
|
37
|
-
- lib/
|
|
37
|
+
- lib/sshkeyproof.rb
|
|
38
38
|
files:
|
|
39
39
|
- CHANGELOG
|
|
40
40
|
- Manifest
|
|
41
41
|
- README.md
|
|
42
42
|
- Rakefile
|
|
43
|
-
- lib/
|
|
43
|
+
- lib/sshkeyproof.rb
|
|
44
44
|
- test/test_all.rb
|
|
45
45
|
- sshkeyproof.gemspec
|
|
46
46
|
homepage: https://github.com/andys/sshkeyproof
|