use ssh user certificates
parent
de1d2e2d1a
commit
db2b0ac2d3
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
home.file.".ssh/id_rsa_yubikey.pub".source = ./id_rsa_yubikey.pub;
|
home.file.".ssh/id_rsa_yubikey.pub".source = ./id_rsa_yubikey.pub;
|
||||||
|
home.file.".ssh/id_rsa_yubikey-cert.pub".source = ./id_rsa_yubikey-cert.pub;
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
matchBlocks = {
|
matchBlocks = {
|
||||||
|
@ -21,6 +22,7 @@
|
||||||
"narwhal" = {
|
"narwhal" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
||||||
|
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
};
|
};
|
||||||
|
@ -28,6 +30,7 @@
|
||||||
"trantor" = {
|
"trantor" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
||||||
|
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
};
|
};
|
||||||
|
@ -35,6 +38,7 @@
|
||||||
"axolotl" = {
|
"axolotl" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
||||||
|
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
};
|
};
|
||||||
|
@ -42,6 +46,7 @@
|
||||||
"caladan" = {
|
"caladan" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
||||||
|
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
};
|
};
|
||||||
|
@ -49,6 +54,7 @@
|
||||||
"fugu" = {
|
"fugu" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
identityFile = "~/.ssh/id_rsa_yubikey.pub";
|
||||||
|
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue