From 7f8659d8af9840f7772dc6cde7476653fac7abe8 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Mon, 27 May 2024 18:50:31 +0200
Subject: [PATCH] fiddle with yubikey and ssh

---
 nixos/components/yubikey.nix | 31 +++++++++++++++----------------
 nixos/homes/palo/gpg.nix     |  2 +-
 2 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/nixos/components/yubikey.nix b/nixos/components/yubikey.nix
index b91c46f..b498852 100644
--- a/nixos/components/yubikey.nix
+++ b/nixos/components/yubikey.nix
@@ -38,24 +38,23 @@ with lib;
 
 
     ## managed by home-manager now
-    environment.shellInit = ''
-      export GPG_TTY="$(tty)"
-      gpg-connect-agent /bye
-      export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
-    '';
-
-    programs = {
-      ssh.startAgent = false;
-      gnupg.agent = {
-        enable = true;
-        enableSSHSupport = true;
-      };
-    };
+    #environment.shellInit = ''
+    #  export GPG_TTY="$(tty)"
+    #  gpg-connect-agent /bye
+    #  export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
+    #'';
+    #programs = {
+    #  ssh.startAgent = false;
+    #  gnupg.agent = {
+    #    enable = true;
+    #    enableSSHSupport = true;
+    #  };
+    #};
 
     ## managed by home-manager now
-    security.pam.u2f.enable = true;
-    security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path;
-    sops.secrets.yubikey_u2fAuthFile = { };
+    #security.pam.u2f.enable = true;
+    #security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path;
+    #sops.secrets.yubikey_u2fAuthFile = { };
 
   };
 }
diff --git a/nixos/homes/palo/gpg.nix b/nixos/homes/palo/gpg.nix
index e9e9b02..31e8b39 100644
--- a/nixos/homes/palo/gpg.nix
+++ b/nixos/homes/palo/gpg.nix
@@ -26,6 +26,6 @@
     # sshKeys = [];
     defaultCacheTtl = 30;
     defaultCacheTtlSsh = 30;
-
+    pinentryPackage = pkgs.pinentry-gtk2;
   };
 }