Skip to main content

Identify with challenge messsage and SSH key.

Project description

Ident

pip install ident

Simple syntax sugar for logging on users to your website without using password, just with their ~/.ssh keypair, that they use to sign-in to servers.

https://wiki.mindey.com/shared/shots/4ea36c57ab5361af7e0576ab5.png

Signing

Sign a message with your own ~/.ssh/id_rsa key, and providing your public key ~/.ssh/id_rsa.pub after : symbol

from ident import sign

result = sign('MyChallengeMessage')

Note. There is a colon (:) in the string produced, which separates the base64-encoded signature (left) from the public key (right).

Verifying

Verify the signed message, with public key included after the : sign:

from ident import verify

verify('cpvVd42+ugHiw/7FThW3qzywUEweRNGM9ISzGWgU0R5OajQ0dAZmkxDJeTf3Cxr8f3cQZN5t9KP9ONIEYjjmqTP90GJaUuwjB/OgDa++Gr6VtCg7KVV0hZUP+bhbxCeo9QV/SOJWI3KBOWfvhrySTC3ehxVK+ZaS+2WIhY9+bX1UbFLwMFhVo42JKs+DuhzU39NRC72ria5Phm8fzoYh13j5gr5g4zr22jlWwshzoGLKI2DCz1EYEOuTLZlZ1gSN3L4yHxKUAi9Y+U1BtgbV7Qz63q3by5zI5SatSdh/shdPrTVGzZQ1og/PBuvIv7A41VV2LVAfRIvYV8Cuy+RJl4+hvntlOeNlGyViE1+4EBsP6cMK4KsM4iktgaXrn1dA1kDyrv2an01b1lRzUbZXcJlum9hTZwB3RrJ1pmTxXhgDCiV9ZxYfvmj8sTflXuBai9u73EyeH3fR1pCARJP9a3lDAn/DvMTGy2pCayAqzXfrYvlNTE/JxQnPWZd2ozF2iH9I1Y5DElgwo0feKr2UIk/bBY3VKXFT5TvhAzatn2iDcUm4kxE+ydYuGTE+PunZBD//AqhwUc1bdDa0tPSRtdhdAw75mBJrATxJOHuDzQimW9ba3Vs2Xbas0v1Dj1O1Vc1XVl44XUFNalEQpJSM77mmKua02yXJt4ovTwwhI10=:c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFDQVFDclRsaksxb08rL3RlVnl0cTBqcmdpQ2ZxTmhRQ3h5OTcwZEY4TmVQL3NBZ2xicDFVaGxiOURhY0pBK1hGblFzOHJJOFFFQTloSmJ3YWVnUlE4YVVKR1FiekhCV1lYclJYWFZrUDJ1RmJwMHZRL1pLUXlwSG4zV25tM3J6UlBrMytMUFQwWHZvamNlaVdZekMrckNWNWpiR2IrcnlKMGRVUVo5S0lNVlczdVR6YVJlRWYvbTBuSlB4M0FCTmcvL1VQUGhRRGJNSVdsZHhZazZadmhmV3VKUVhVSWlzK3VOdzVwd2hTY0Ixd0NwYit1QUFiSG5Ib3RWdTJtR2dHQk9MRERDbTN4dVFtSHJhRUx3WWFmWUdZTmp3NUozNmNIN3puZnVTTC8xWk5Fb0YvaWFNMCtKNW9yaU54VndNY2gvWjdnVTRHMEh6TkZCM0xqaFJEVGN2cDlaRGRha0E3aHVoaWYxWms4am81VjR3YjJVNkJZR1d6NVVHZitCRVdWNlRzZGlLK0pvMDF4MDQ3T1pKTUR6REVYNFFaMGdQLzZ6YmNWd1p5Y1RvWWhTUmJGS3BadWY1RDBJMmFta2RxUWV2dHkzc290MWlIekRhWnJ4anpOclp3b0l0ZE05R2tTUmhadmRZQ28vRm9wZGNUcnJOeUNhT3diU2QzTjE5d25YYXFPWWhZL01jL2VBaEVUenVxc3VwTERHZVlqVG9pSHF0aUtJRnpMOWwrYlRWNEVmMUxaOUpJNm1tR0U0TUlQakFxbnB1cjlNbXF3ZkY1bHhPR3BRV1NaVUZWU3VNQXhVNUJuY0Q5Rnp5cHpNUlM0Q0V1aFQ4dERnWGI3S1VPT0dTdy9udG8xaVlsVy9FMVo0L01GbkZLdlJqRFFnaEFoRlJjU2UrYWRVdVVDMlE9PSBtaW5kZXlAYXJjaHBjLTIwMTUtMDctMjUK')

Usage

Flow

  1. Server generates MyRandomChallengeMessage, and displays it in a box, asking user to copy it, and provide digest of the $ solve command, which they can install by adding the below function to ~/.bashrc or ~/.zshrc:

solve(){
    if [ -z "$1" ]
      then
        echo "No arguments supplied"
    fi
    echo "$1" | openssl rsautl -sign -inkey ~/.ssh/id_rsa | base64 -w 0 && echo -n ":" && cat ~/.ssh/id_rsa.pub | base64 -w 0
}
  1. User runs locally, and produces signed message with their public key included after :, and pastes to server textarea box:

$ solve MyRandomChallengeMessage
  1. Server uses ident.verify() to recognize that the random message was signed with the public key provided, and save that public key as a user.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ident-1.0.3.tar.gz (5.8 kB view details)

Uploaded Source

File details

Details for the file ident-1.0.3.tar.gz.

File metadata

  • Download URL: ident-1.0.3.tar.gz
  • Upload date:
  • Size: 5.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: Python-urllib/3.7

File hashes

Hashes for ident-1.0.3.tar.gz
Algorithm Hash digest
SHA256 7e4c0bcf0b9e0473f0382411948feb122ff1e9bbb7db51af354f2c9ac32487d8
MD5 81bf83248117f37777599a1f3c6425cc
BLAKE2b-256 d34f12c29f85ec83f87ac593f5bc8fb9e5380b026b200cda381eb6083a08af07

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page