Project

magic_key_auth

0.0
No commit activity in last 3 years
No release in over 3 years
magic_key_authterrbear/magic-key-authHomepageDocumentationSource CodeBug TrackerWiki
authentication mechanism based on SSH keys
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
16,551
Stars
7
Forks
0
Watchers
1
 Releases
Current version
0.1.3
Total releases
4
First release
2010-02-18
Latest release
2010-02-22
 Development
Primary Language
Ruby
Average date of last 50 commits
2010-02-20
Reverse Dependencies
0

 Dependencies

Runtime

ezcrypto
>= 0.7.2
 Project Readme
Magic Key Auth lets you sign requests with a private key and validate them on another machine.

There are two parts to this process. The first requires that you sign a request. You can do this
with the MagicKeyAuth::Message class, looking something like this:

message = MagicKeyAuth::Message.new(:keyfile => "~/.ssh/id_rsa", :message => "whatever you want to sign")
digest = message.digest

If you don't provide a message to the Message class, it defaults to a Unix-style timestamp.

Then, say you do some POST to your awesome app or something, and include your digest. On the server,
you can do something like:

MagicKeyAuth::SSL.authenticate(:message => the_message_you_signed,
																:digest => the_digest_you_posted)

And it will return either the name of the public key that verifies the signature, or nil if it isn't 
found. Note that keys must be in PEM (SSL) format, not the SSH format (which your ssh-keygen provides
by default). To generate a PEM from your private key, type:

openssl rsa -pubout -in ~/.ssh/id_rsa > yourname.pem

Of course, you'll need to set your key location before doing any of that fun stuff on the server
side, which you can do with: 

MagicKeyAuth::SSL.key_location = "location/where/you/store/public/keys"