As some of you know, I am working on a server-side git management system called Gitano which currently only allows incoming authenticated connections via SSH. It then uses the presented SSH public key to identify the incoming user and grant permissions appropriately. A very good friend of mine has asked if I might be persuaded to support HTTPS access to Gitano. To do this, I need a way to identify incoming users. I was hoping to be able to use their SSH public keys to that end.

I know it’s possible to get an appropriately formatted (i.e. then openssl tool can read it) RSA public key out of an SSH public key (assuming it’s an RSA one) by the simple expedient of ssh-keygen -e -m PKCS8 -f > however I am now stuck as to how to allow the user to use that public key to engage in establishing an SSL connection (for HTTPS).

If any of you have any ideas how I can get further than I have without relying on the users’ private key except for when they try and initiate the SSL connection then I would be very appreciative of emails. (Note, no way to comment on this blog)

Comments on this page are closed.