b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

ssh: put gpg identity first, use pubkeys

Browse source
This commit is contained in:
Benjamin Yule Bädorf 2024-03-19 21:08:43 +01:00
parent 6fb030837f
commit 429a6bf3e5
Signed by: b12f
GPG key ID: 729956E1124F8F26
1 changed files with 7 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
users/b12f/ssh.nix
View file

@ -31,17 +31,14 @@ in {
programs.ssh = { programs.ssh = {
enable = true; enable = true;
extraConfig = ''
IdentitiesOnly yes
IdentityFile /home/${psCfg.user.name}/.ssh/id_yubi_gpg.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-464.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-485.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_nistp256-748.pub
'';
matchBlocks = { matchBlocks = {
"*" = {
identitiesOnly = true;
identityFile = [
"/home/${psCfg.user.name}/.ssh/id_yubi_gpg.pub"
"/home/${psCfg.user.name}/.ssh/id_ed25519_sk-464"
"/home/${psCfg.user.name}/.ssh/id_ed25519_sk-485"
"/home/${psCfg.user.name}/.ssh/id_nistp256-748.pub"
];
};
"git.pub.solar" = { "git.pub.solar" = {
user = "gitea"; user = "gitea";
}; };