W3C home > Mailing lists > Public > public-rww@w3.org > August 2015

script to convert existing openssh keys to allow passwordless login to the web

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sun, 2 Aug 2015 01:55:32 +0200
Message-ID: <CAKaEYhLj9xbdbzU8vhsHyqvYvXJ0OXZy9ndPQzJSXEPxs_rHyA@mail.gmail.com>
To: public-rww <public-rww@w3.org>, public-webid <public-webid@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Dave Longley <dlongley@digitalbazaar.com>
A large number of developers these days have ssh keys that they use to log
in to github securely

These same keys can now be used to log in to the web using x.509

The following script will convert your keys for you from openssh to pem,
either as a module or run from the command line:


Usage:  nodejs opensshToX509.js <github login> [public key file] [private
key file] [output file pem]

(if you call from $HOME/.ssh/ directory it should pick up your default key)

I am running for convenience an identity provider that coverts your keys
for you to turtle in realtime so that you can claim an identity such as:


If your browser doesnt import pem, you can convert to a similar format p12

    openssl pkcs12 -export -out id_rsa.p12 -inkey id_rsa.pem -in id_rsa.pem
-certfile id_rsa.pem

You can test the login at :


The script can be run as a library or directly from the command line

Huge thanks for Nicola Greco for help with packaging and general feedback.
Received on Saturday, 1 August 2015 23:56:08 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 1 August 2015 23:56:08 UTC