API authentication using private and public keys

Question

I'd like to authorize user in CLI using web API in similar way the SSH does it (uploading public key on server, and then using private key to authorize). Is it possible?

I don't mean to generate public / private key par, but rather re-use existing id_rsa and id_rsa.pub.

Do you know any software packages that make it easier (preferably Ruby on Rails gems?)

@edit:

Specifically, I want to log in on website, upload and connect my public key with online account, and then be able to use website's API (authentication) through CLI interface.

Answer 1

You can use the openssl library. As far as a more complete solution for what you want, I don't think it's available. Should not be too much work to implement with the library though.

http://ruby-doc.org/stdlib-1.9.2/libdoc/openssl/rdoc/OpenSSL/PKey/RSA.html

Basically do something like:

# private_key_str can be in PEM or DER format
OpenSSL::PKey::RSA.new(private_key_str, 'passphrase').public_key

And compare it to the public key. You can get a string representation of the key with #to_pem or #to_der depending on the format you use (play around with it a little). You can alternatively use the rsa library also.

I think you can use

ssh-keygen -e -f id_rsa.pub > pemkey.pub

To convert from the default format of ssh-keygen to PEM. You can run this command on the server to make the conversion, if necessary - you'll have to try and see to match the formats properly, since I'm not sure if OpenSSL::PKey::RSA accepts the default format of ssh-keygen. You can also make ssh-keygen read from STDIN and write to STDOUT so you don't need to use files to do the conversion.