[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
07/07: machine: ssh: <machine-ssh-configuration> can include the host ke
From: |
guix-commits |
Subject: |
07/07: machine: ssh: <machine-ssh-configuration> can include the host key. |
Date: |
Wed, 4 Dec 2019 12:16:21 -0500 (EST) |
civodul pushed a commit to branch master
in repository guix.
commit ed15dfcf31ec35c58f5a44d1d8adf5048da67ea6
Author: Ludovic Courtès <address@hidden>
Date: Tue Dec 3 21:59:09 2019 +0100
machine: ssh: <machine-ssh-configuration> can include the host key.
* gnu/machine/ssh.scm (<machine-ssh-configuration>)[host-key]: New field.
(machine-ssh-session): Pass #:host-key to 'open-ssh-session'.
* doc/guix.texi (Invoking guix deploy): Document it.
---
doc/guix.texi | 12 ++++++++++++
gnu/machine/ssh.scm | 9 +++++++--
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c1ce5bc..7d50f31 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -26447,6 +26447,18 @@ keyring.
@item @code{identity} (default: @code{#f})
If specified, the path to the SSH private key to use to authenticate with the
remote host.
+
+@item @code{host-key} (default: @code{#f})
+This should be the SSH host key of the machine, which looks like this:
+
+@example
+ssh-ed25519 AAAAC3Nz@dots{} root@@example.org
+@end example
+
+When @code{host-key} is @code{#f}, the server is authenticated against
+the @file{~/.ssh/known_hosts} file, just like the OpenSSH @command{ssh}
+client does.
+
@end table
@end deftp
diff --git a/gnu/machine/ssh.scm b/gnu/machine/ssh.scm
index 6e3ed0e..23ae917 100644
--- a/gnu/machine/ssh.scm
+++ b/gnu/machine/ssh.scm
@@ -54,6 +54,7 @@
machine-ssh-configuration-authorize?
machine-ssh-configuration-port
machine-ssh-configuration-user
+ machine-ssh-configuration-host-key
machine-ssh-configuration-session))
;;; Commentary:
@@ -87,6 +88,8 @@
(identity machine-ssh-configuration-identity ; path to a private
key
(default #f))
(session machine-ssh-configuration-session ; session
+ (default #f))
+ (host-key machine-ssh-configuration-host-key ; #f | string
(default #f)))
(define (machine-ssh-session machine)
@@ -98,11 +101,13 @@ one from the configuration's parameters if one was not
provided."
(let ((host-name (machine-ssh-configuration-host-name config))
(user (machine-ssh-configuration-user config))
(port (machine-ssh-configuration-port config))
- (identity (machine-ssh-configuration-identity config)))
+ (identity (machine-ssh-configuration-identity config))
+ (host-key (machine-ssh-configuration-host-key config)))
(open-ssh-session host-name
#:user user
#:port port
- #:identity identity)))))
+ #:identity identity
+ #:host-key host-key)))))
;;;
- branch master updated (8548b3d -> ed15dfc), guix-commits, 2019/12/04
- 01/07: substitute: Remove unused procedure., guix-commits, 2019/12/04
- 05/07: ssh: Always authenticate the server [security fix]., guix-commits, 2019/12/04
- 04/07: ssh: Add 'authenticate-server*' and use it for offloading., guix-commits, 2019/12/04
- 06/07: ssh: 'open-ssh-session' can be passed the expected host key., guix-commits, 2019/12/04
- 02/07: services: Add GNOME Keyring service., guix-commits, 2019/12/04
- 07/07: machine: ssh: <machine-ssh-configuration> can include the host key.,
guix-commits <=
- 03/07: gnu: bitlbee: Use Python 3., guix-commits, 2019/12/04