Today, I'm annoucing the initial release of sshign, 0.1.0.
sshign uses your private SSH key to sign arbitrary chunks of data. The resulting signature can then be verified using your public SSH key.
I often need to use secondary methods to verify the authenticity of support requests on Sourcehut, for example when someone loses access to their 2FA device. Since almost every user has uploaded their SSH key, this is a really helpful tool for handling support in a secure way. I've already started using it for this purpose. Thanks minus!
% cat testkey.pub
% echo hi | ./sshign testkey | tee sig.txt
% echo hi | ./sshign testkey.pub sig.txt