From 2d63f4990a895d56884fbecaa5a3d6c221460abc Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Fri, 1 Sep 2023 17:43:25 +0200 Subject: [PATCH] docs: Nitrokey ssh workaround --- yodaTab/nitrokey-ssh-gpg.nix | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/yodaTab/nitrokey-ssh-gpg.nix b/yodaTab/nitrokey-ssh-gpg.nix index 4ddbf50..293bf66 100644 --- a/yodaTab/nitrokey-ssh-gpg.nix +++ b/yodaTab/nitrokey-ssh-gpg.nix @@ -40,12 +40,17 @@ #=> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND #=> yoda 2752 0.0 0.0 444812 3040 ? SLsl 16:09 0:00 /nix/store/lvsbmqy4dmlri22145hbr6799hgbnpnf-gnupg-2.4.0/bin/gpg-agent --supervised --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry - # TESTING: Do all of this in one shell! + # NITROKEY SSH WORKAROUND (I): Do all of this in one shell! # CREDITS: https://unix.stackexchange.com/a/250045/315162 # + # BEFORE: SSH_AUTH_SOCK=/run/user/1000/keyring/ssh + # AFTER: SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh + # # systemctl --user stop gpg-agent # systemctl --user stop gpg-agent.socket # systemctl --user stop gpg-agent-ssh.socket + # ps -aux | grep -v grep | grep gpg-agent + # => NONE # eval $(gpg-agent --daemon --pinentry-program /nix/store/8cvidvpwnwyxixlhqfaa5jlfndh2vir5-pinentry-1.2.1-curses/bin/pinentry --enable-ssh-support --sh) # echo $SSH_AUTH_SOCK #=> /run/user/1000/gnupg/S.gpg-agent.ssh @@ -54,6 +59,12 @@ # ssh nas #=> Works! + # NITROKEY SSH WORKAROUND (II) + # + # export SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh + # ssh nas + #=> Works! + services.udev.packages = [ pkgs.nitrokey-udev-rules ]; programs = { ssh.startAgent = false;