use ssh user certificates

feat/kile-v2
Ricard Illa 2022-09-02 17:59:18 +02:00
parent de1d2e2d1a
commit db2b0ac2d3
No known key found for this signature in database
GPG Key ID: F69A672B72E54902
1 changed files with 6 additions and 0 deletions

View File

@ -2,6 +2,7 @@
{ {
home.file.".ssh/id_rsa_yubikey.pub".source = ./id_rsa_yubikey.pub; home.file.".ssh/id_rsa_yubikey.pub".source = ./id_rsa_yubikey.pub;
home.file.".ssh/id_rsa_yubikey-cert.pub".source = ./id_rsa_yubikey-cert.pub;
programs.ssh = { programs.ssh = {
enable = true; enable = true;
matchBlocks = { matchBlocks = {
@ -21,6 +22,7 @@
"narwhal" = { "narwhal" = {
identitiesOnly = true; identitiesOnly = true;
identityFile = "~/.ssh/id_rsa_yubikey.pub"; identityFile = "~/.ssh/id_rsa_yubikey.pub";
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
forwardAgent = true; forwardAgent = true;
port = 22; port = 22;
}; };
@ -28,6 +30,7 @@
"trantor" = { "trantor" = {
identitiesOnly = true; identitiesOnly = true;
identityFile = "~/.ssh/id_rsa_yubikey.pub"; identityFile = "~/.ssh/id_rsa_yubikey.pub";
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
forwardAgent = true; forwardAgent = true;
port = 22; port = 22;
}; };
@ -35,6 +38,7 @@
"axolotl" = { "axolotl" = {
identitiesOnly = true; identitiesOnly = true;
identityFile = "~/.ssh/id_rsa_yubikey.pub"; identityFile = "~/.ssh/id_rsa_yubikey.pub";
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
forwardAgent = true; forwardAgent = true;
port = 22; port = 22;
}; };
@ -42,6 +46,7 @@
"caladan" = { "caladan" = {
identitiesOnly = true; identitiesOnly = true;
identityFile = "~/.ssh/id_rsa_yubikey.pub"; identityFile = "~/.ssh/id_rsa_yubikey.pub";
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
forwardAgent = true; forwardAgent = true;
port = 22; port = 22;
}; };
@ -49,6 +54,7 @@
"fugu" = { "fugu" = {
identitiesOnly = true; identitiesOnly = true;
identityFile = "~/.ssh/id_rsa_yubikey.pub"; identityFile = "~/.ssh/id_rsa_yubikey.pub";
certificateFile = "~/.ssh/id_rsa_yubikey-cert.pub";
forwardAgent = true; forwardAgent = true;
port = 22; port = 22;
}; };