simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

shell/unlock: Make unlock work if agent is locked

Browse source
This commit is contained in:
Simon Bruder 2021-02-16 15:54:22 +01:00
parent 27285a098f
commit 16c710d4a5
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
shell.nix
View file

@ -34,6 +34,8 @@ let
set -eo pipefail set -eo pipefail
machine="$1" machine="$1"
hostname="$(nix-instantiate --eval --json machines -A "$1".target | ${pkgs.jq}/bin/jq -r . | cut -d@ -f2)" hostname="$(nix-instantiate --eval --json machines -A "$1".target | ${pkgs.jq}/bin/jq -r . | cut -d@ -f2)"
# opening luks fails if gpg-agent is not unlocked yet
pass "devices/$machine/luks" >/dev/null
ssh \ ssh \
-oStrictHostKeyChecking=no \ -oStrictHostKeyChecking=no \
-oGlobalKnownHostsFile=<(echo "[$hostname]:2222 ssh-ed25519 $(ssh-keygen -l -f <(ssh-keygen -y -f<(pass "nixos/machines/$machine/initrd-ssh-host-key")) | cut -d' ' -f2)") \ -oGlobalKnownHostsFile=<(echo "[$hostname]:2222 ssh-ed25519 $(ssh-keygen -l -f <(ssh-keygen -y -f<(pass "nixos/machines/$machine/initrd-ssh-host-key")) | cut -d' ' -f2)") \