From 2212deaacc171b7a238012eb2b635cc1b0baa5f4 Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Thu, 31 Aug 2023 13:15:22 +0200 Subject: [PATCH] WIP: ssh unlock --- yodaTab/configuration.nix | 1 + yodaTab/ssh-unlock.nix | 44 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 yodaTab/ssh-unlock.nix diff --git a/yodaTab/configuration.nix b/yodaTab/configuration.nix index 4465ad6..5702095 100644 --- a/yodaTab/configuration.nix +++ b/yodaTab/configuration.nix @@ -10,6 +10,7 @@ ./hardware-configuration.nix ./home-manager.nix ./print-and-scan.nix + ./ssh-unlock.nix ]; # Bootloader. diff --git a/yodaTab/ssh-unlock.nix b/yodaTab/ssh-unlock.nix new file mode 100644 index 0000000..0de6fe1 --- /dev/null +++ b/yodaTab/ssh-unlock.nix @@ -0,0 +1,44 @@ +{ config, pkgs, ... }: + +{ + # # Kernel + # # boot.kernelPackages = pkgs.linuxPackages_latest; + # # boot.kernelPackages = pkgs.linuxPackages_hardened; + # + # # SSH early boot setup + # boot.initrd.network.enable = true; + # boot.initrd.network.ssh = { + # enable = true; + # port = 22; + # shell = "/bin/cryptsetup-askpass"; + # authorizedKeys = [ + # "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpgihAg8Qzu5q+AGXHLR7p+rrS1yB0KlZb/Y/EwZT15EhEtsUMqBMRiY0TdjKQU0broyygZnymccLmCXvihEgk3zk/hP8VEDmN5wmE2tRBPR4lSjo8E1R8N79G+gaFkwi93QYh57MsGfa9k4tvGrJy0yaD7GrPqtQf+IIuvV14WJQAqnikTdbFqRjk5JGearYLU7jSKa+9NmR7JQ9NExoyIPgmQ/pd0Xc2qt8k5UGfz3HM9MAmIVQ30whK6m1iYZ8nxEidHrfreQx8NOa7ujo4zQnV1NYvRUjObr/qyIhPU6DYLT2mVRNupQFKx6LI38O4U13heugUFqJ3zvog3aDsriFiv8jzJAJvWXx7Q3TqKhqiG9VTkwBw1NDbCAOXKiEdMfiCYbdCfpNgdepU75bMloJcSQQVUqoH2tQhSbwKLuRFgOnyaHpvWbieXBRcUnfG8gg4p4jqiwx5laweEeOIOD/i7G1Mjx7Dj2ctnT/ILat/xsf+Y0W4eJr3bc5L9ghgw6wsKbNSqwjFUCFcHcARK3gvSH+hO2/BpgMVoyvZjO5PNuUqfsZ7bIIs5cDdyB/ly3irKuaRz1+3x1x4gPgSiOcji7HxPwogzhPsyfoRLHNt9tJ5X4nF2Iz1M5RTJpbZCi6yEj+9Q85FVjD76BEWuZe18kRrwhuLf/XgKdF9tQ== openpgp:0xA8B75370" + # ]; + # hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ]; + # }; + # # Find out which module is used for network card: + # # lspci -v | grep -iA8 'network\|ethernet' + # # Or check the "Network" part of: + # # inxi -F + # # + ## boot.initrd.availableKernelModules = [ "r8152" ]; + ## boot.extraModulePackages = with config.boot.kernelPackages; [ + ## r8152 + ## ]; + # boot.initrd.kernelModules = [ + # # Arch wiki: Mkinitcpio MODULES: USB 3 hub + # "usbhid" + # "xhci_hcd" + # + # # Realtek RTL8152/RTL8153 Based USB Ethernet Adapters + # "r8152" + # + # #"usbcore" + # # MII hardware support library + # #"mii" + # # USB HID core driver + # #"usbhid" + # ]; + # # dmesg -> enp0s20f0u1u2: renamed from eth0 + # boot.kernelParams = [ "ip=:::::eth0:dhcp" ]; +}