Using SSH Keys for http user verification

Question

This is most likely not possible, but I'm just asking this to check... I'm just thinking out loud here...

So, SSH keys are very useful for logging into a server. Use SSH, and your SSH keys increase security to the server while also making it easier to manage several servers or other programs with one SSH key. Also, by unlocking the key when you login, there is even less need to type the password over and over again. So, I was wondering... is there a way to use SSH keys for website user verification? I am not talking about large, public websites, but about small, controlled systems that are used by specific users whose OS/browser can be controlled. Is there a way to integrate this? For this to work I assume the private key would need to be transferred over the web, so let's say we have SSL running to make this not insecure. Is such a thing possible? In an ideal situation, I log in to a website and it will see that my private key matches the public key that is installed, and voilá, I'm in!

Answer 1

It's called a client certificate, and you import it into your browser.

Answer 2

From technical point of view SSH keys represent public key cryptography scheme, and this is what X.509 certificates do in SSL. So what you need is certificates (client-side one if you want to authenticate the client on the server).

And no, private keys are never transferred across the net. They are used in certain operations for exchange of session key.

Answer 3

AuthUserFile /home/hafizni/.htpasswd
AuthGroupFile /home/hafizin/.htgroup
AuthName hafizin page
AuthType Basic
require group my-users