From 30ef3074bac2c3279f0bcaede36c39d1edfa375e Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 5 Jan 2026 09:02:01 -0800 Subject: add ssh keys from the yubikeys --- home/profiles/darwin.nix | 1 + home/programs/ssh.nix | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) (limited to 'home') diff --git a/home/profiles/darwin.nix b/home/profiles/darwin.nix index 53c6ff8..b7d7ae6 100644 --- a/home/profiles/darwin.nix +++ b/home/profiles/darwin.nix @@ -37,6 +37,7 @@ tree wget wireshark + openssh # the version of ssh shipped on MacOS does not support yubikey yubikey-manager ]; diff --git a/home/programs/ssh.nix b/home/programs/ssh.nix index 004b082..77c4897 100644 --- a/home/programs/ssh.nix +++ b/home/programs/ssh.nix @@ -13,25 +13,50 @@ }; "rivendell" = { hostname = "192.168.1.114"; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; }; "riv-unlock" = { hostname = "192.168.1.114"; user = "root"; port = 911; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; }; "nas" = { hostname = "192.168.1.68"; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; + }; + "nnas" = { + hostname = "192.168.1.68"; + user = "nas"; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; }; "bree" = { hostname = "192.168.1.50"; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; }; "argonath" = { hostname = "fcuny.net"; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; }; "github.com" = { hostname = "github.com"; user = "git"; forwardAgent = false; + identityAgent = "none"; + identitiesOnly = true; + identityFile = "~/.ssh/id_ed25519_sk_rk"; extraOptions = { preferredAuthentications = "publickey"; controlMaster = "no"; -- cgit v1.2.3