fiddle with yubikey and ssh

This commit is contained in:
Ingolf Wagner 2024-05-27 18:50:31 +02:00
parent e840ff3b3d
commit 7f8659d8af
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
2 changed files with 16 additions and 17 deletions

View file

@ -38,24 +38,23 @@ with lib;
## managed by home-manager now ## managed by home-manager now
environment.shellInit = '' #environment.shellInit = ''
export GPG_TTY="$(tty)" # export GPG_TTY="$(tty)"
gpg-connect-agent /bye # gpg-connect-agent /bye
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh" # export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
''; #'';
#programs = {
programs = { # ssh.startAgent = false;
ssh.startAgent = false; # gnupg.agent = {
gnupg.agent = { # enable = true;
enable = true; # enableSSHSupport = true;
enableSSHSupport = true; # };
}; #};
};
## managed by home-manager now ## managed by home-manager now
security.pam.u2f.enable = true; #security.pam.u2f.enable = true;
security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path; #security.pam.u2f.authFile = toString config.sops.secrets.yubikey_u2fAuthFile.path;
sops.secrets.yubikey_u2fAuthFile = { }; #sops.secrets.yubikey_u2fAuthFile = { };
}; };
} }

View file

@ -26,6 +26,6 @@
# sshKeys = []; # sshKeys = [];
defaultCacheTtl = 30; defaultCacheTtl = 30;
defaultCacheTtlSsh = 30; defaultCacheTtlSsh = 30;
pinentryPackage = pkgs.pinentry-gtk2;
}; };
} }