fiddle with yubikey and ssh

2024-05-27 18:50:31 +02:00 · 2024-05-27 18:50:31 +02:00 · 7f8659d8af
parent e840ff3b3d
commit 7f8659d8af
2 changed files with 16 additions and 17 deletions
--- a/nixos/components/yubikey.nix
+++ b/nixos/components/yubikey.nix
@ -38,24 +38,23 @@ with lib;


    ## managed by home-manager now
-    environment.shellInit = ''
-      export GPG_TTY="$(tty)"
-      gpg-connect-agent /bye
-      export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
-    '';
-
-    programs = {
-      ssh.startAgent = false;
-      gnupg.agent = {
-        enable = true;
-        enableSSHSupport = true;
-      };
-    };
+    #environment.shellInit = ''
+    #  export GPG_TTY="$(tty)"
+    #  gpg-connect-agent /bye
+    #  export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
+    #'';
+    #programs = {
+    #  ssh.startAgent = false;
+    #  gnupg.agent = {
+    #    enable = true;
+    #    enableSSHSupport = true;
+    #  };
+    #};

    ## managed by home-manager now
-    security.pam.u2f.enable = true;
-    security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path;
-    sops.secrets.yubikey_u2fAuthFile = { };
+    #security.pam.u2f.enable = true;
+    #security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path;
+    #sops.secrets.yubikey_u2fAuthFile = { };

  };
 }
--- a/nixos/homes/palo/gpg.nix
+++ b/nixos/homes/palo/gpg.nix
@ -26,6 +26,6 @@
    # sshKeys = [];
    defaultCacheTtl = 30;
    defaultCacheTtlSsh = 30;
-
+    pinentryPackage = pkgs.pinentry-gtk2;
  };
 }