diff options
| author | Timo Wilken | 2024-06-04 14:13:26 +0200 |
|---|---|---|
| committer | Timo Wilken | 2024-06-04 14:17:32 +0200 |
| commit | 3ef917bec25342730c8f3e15406e1fca8175ec4d (patch) | |
| tree | e3967f9fee06795935bcaecabaf9ac5701c9b5dd | |
| parent | 0481ec677da957e9e5f11087c375e371f0195051 (diff) | |
Allow configuring SSH key for CERN laptop
Replace old, now-unused CERN config parameter with the new parameters.
| -rw-r--r-- | tw/home.scm | 13 | ||||
| -rw-r--r-- | tw/home/cern.scm | 4 |
2 files changed, 10 insertions, 7 deletions
diff --git a/tw/home.scm b/tw/home.scm index fc969164..c5f2934f 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -199,7 +199,10 @@ (openssh-host (name host) (port port) (user "timo"))) (export tw-openssh-configuration) -(define* (tw-openssh-configuration #:key (proxy-to-cern? #t)) +(define* (tw-openssh-configuration + #:key + (default-ssh-key "~/.local/share/ssh-keys/id_ed25519") + (cern-ssh-key "~/.local/share/ssh-keys/cern_id_rsa")) (let ((no-proxy (list (proxy-jump (host-name "none"))))) (home-openssh-configuration (hosts @@ -258,10 +261,8 @@ ,(openssh-host (name "*.cern.ch") (user "twilken") - (identity-file "~/.local/share/ssh-keys/cern_id_rsa") - (proxy (if proxy-to-cern? - (list (proxy-jump (host-name "lxtunnel.cern.ch"))) - no-proxy)) + (identity-file cern-ssh-key) + (proxy (list (proxy-jump (host-name "lxtunnel.cern.ch")))) (extra-content "\ # Kerberos authentication GSSAPIAuthentication yes @@ -272,6 +273,6 @@ ;; manages that and might delete keys there. ,(openssh-host (name "*") - (identity-file "~/.local/share/ssh-keys/id_ed25519") + (identity-file default-ssh-key) ;; Remote servers probably don't know about xterm-kitty. (extra-content "SetEnv TERM=xterm-256color"))))))) diff --git a/tw/home/cern.scm b/tw/home/cern.scm index e7d669c0..a653bde7 100644 --- a/tw/home/cern.scm +++ b/tw/home/cern.scm @@ -75,7 +75,9 @@ (default-signing-key "C2249BBE5E8761C943A0CFA1B7B3914BF63ACD7C"))) (service home-openssh-service-type - (tw-openssh-configuration)) + (tw-openssh-configuration + ;; There is no separate "private" SSH key. + #:default-ssh-key "~/.local/share/ssh-keys/cern_id_rsa")) (service home-gnupg-service-type (home-gnupg-configuration |