💾 Archived View for rawtext.club › ~sloum › geminilist › 006872.gmi captured on 2023-12-28 at 16:14:50. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

<-- back to the mailing list

[tech] Can I use existing ssh keys for gemini identity?

Gary Johnson lambdatronic at disroot.org

Fri Jul 9 16:46:29 BST 2021

- - - - - - - - - - - - - - - - - - - 

Chris McGee <newton688 at gmail.com> writes:

Does anyone know of a way to use my ssh RSA key-pairs as my identity for
Gemini?

Hi Chris,

Any Gemini capsule may choose to prompt your browser for a clientcertificate. These can often be provided as either temporary orpermanent certs if your browser supports this feature. While manybrowsers will auto-generate certs for you on the fly if requested, youcan also usually provide your own on a capsule by capsule basis.

If you want to use an existing certificate on your machine for one ormore Gemini capsules, you are free to do so. Just add them to yourbrowser's certificate collection.

Unfortunately, an SSH RSA key-pair isn't an X.509 SSL certificate, whichis what you need to give your Gemini browser. SSH produces/uses a publickey file and a private key file. For Gemini, you'll need a certificatefile (which contains the public key plus some ownership and signingmetadata) as well as a private key file.

I hope that helps.

Happy hacking, Gary

-- GPG Key ID: 7BC158EDUse `gpg --search-keys lambdatronic' to find meProtect yourself from surveillance: https://emailselfdefense.fsf.org=======================================================================() ascii ribbon campaign - against html e-mail/\ www.asciiribbon.org - against proprietary attachments

Why is HTML email a security nightmare? See https://useplaintext.email/

Please avoid sending me MS-Office attachments.See http://www.gnu.org/philosophy/no-word-attachments.html