trevj
commented
8 years ago Wild proposal: use WebCrypto to generate a keypair and then convert it to SSH format. Unfortunately, WebCrypto is EC-only and ssh2's support for EC is still in its infancy.
Open trevj opened 8 years ago
trevj
commented
8 years ago Wild proposal: use WebCrypto to generate a keypair and then convert it to SSH format. Unfortunately, WebCrypto is EC-only and ssh2's support for EC is still in its infancy.
trevj
commented
8 years ago via @bemasc:
Chrome's list of supported ciphers: https://www.chromium.org/blink/webcrypto
A page that tests your current browser: https://diafygi.github.io/webcrypto-examples/
It looks like Chrome and Firefox both support "RSA-OAEP" and "RSASSA-PKCS1-v1_5", but only Chrome supports "RSA-PSS".
The DigitalOcean module uses node-forge (via forge-min) to generate SSH keys for newly created droplets. node-forge is not amenable to browserification (https://github.com/uProxy/uproxy/issues/2220) which means every repo that depends on the digitalocean module needs to include forge-min...a real maintenance pain.
We should find another library capable of generating SSH keys.