Announcing sshign

Today, I'm annoucing the initial release of sshign, 0.1.0.

sshign uses your private SSH key to sign arbitrary chunks of data. The resulting signature can then be verified using your public SSH key.

Drew from SourceHut writes:

I often need to use secondary methods to verify the authenticity of support requests on Sourcehut, for example when someone loses access to their 2FA device. Since almost every user has uploaded their SSH key, this is a really helpful tool for handling support in a secure way. I've already started using it for this purpose. Thanks minus!

Check it out over at https://git.sr.ht/~minus/sshign. Patches welcome.

% cat testkey.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILY7i5KoxsiIAfxFUxcS7sw2GCpAtQopRqruBhdiylOv
% echo hi | ./sshign testkey | tee sig.txt
ssh-ed25519 XpeGU7KG0pMrzas8th3LP/QqJtBH/SrKcTvdV+BjQr1RN4X9w9BhaRzmcEuXAMGsNwFr6Y8b3VkAsy6LO4I2Dw==
% echo hi | ./sshign testkey.pub sig.txt
verify: ok

Last posts

  1. These aren't the packets I asked for

    tags: linux, networking

  2. VPN-in-a-box

    tags: linux, namespaces, networking, vpn

  3. Bencoding in Python

    tags: bencode, bencoding, code, python

  4. Compositing on Xfce: VSync issues

    tags: annoying, graphics, opengl, vsync, xfce, xrender

  5. OpenVPN as IPv6 Tunnel Broker

    tags: ipv6, linux, openvpn, vpn