[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27388: offloading: Add support for keyfile-less keys as used by GnuP
From: |
ng0 |
Subject: |
bug#27388: offloading: Add support for keyfile-less keys as used by GnuPG |
Date: |
Thu, 15 Jun 2017 19:13:59 +0000 |
ng0 transcribed 2.3K bytes:
> At the moment the field (private-key) in /etc/guix/machines.scm expects
> to be a file.
> When you use GnuPG authentication keys for ssh logins, you have no
> pubkey file, but you have a very long pubkey which can be used with
> ~/.ssh/authorized_keys and similar mechanisms.
>
> Example:
>
> address@hidden ~/src/guix/guix$ cat /etc/guix/machines.scm
> (list (build-machine
> …
> (privat-key "ssh-rsa
> AAAAB3NzaC1yc2EAAAADAQABAAACAQDgRM0G+Dnl/wlrHNb9sr3/yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dmVCo57O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFWy8nDSw4RR1d+OU5/Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++i4PaiWyrQDm1FAYtMGW5MBKH3ohO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0+r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9XR2wf3rVGR6KRcLWPEXLkGfAPCs+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK0EUrVHdFc1q8tcCeq0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dLeVSXJrUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6Q5opbehdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73RWj3bFcMnPHHlJgxXB1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoXg4TIPz6gv6Bg1OiGpfseGw==
> (none)")
> …
Actually this might be the wrong approach.
The key you see above is the public key equivalent to the ssh pubkey.
The private key is only in the GnuPG keyring.
Solution for this kind of situations are welcome. For now I'll use
ssh pubkeys.
--
ng0
OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://krosos.org/~/ng0/ https://www.infotropique.org
signature.asc
Description: PGP signature