machine: ssh: <machine-ssh-configuration> can include the host key.

* gnu/machine/ssh.scm (<machine-ssh-configuration>)[host-key]: New field.
(machine-ssh-session): Pass #:host-key to 'open-ssh-session'.
* doc/guix.texi (Invoking guix deploy): Document it.
This commit is contained in:
Ludovic Courtès 2019-12-03 21:59:09 +01:00
parent 2b8682841d
commit ed15dfcf31
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 19 additions and 2 deletions

View file

@ -26447,6 +26447,18 @@ keyring.
@item @code{identity} (default: @code{#f})
If specified, the path to the SSH private key to use to authenticate with the
remote host.
@item @code{host-key} (default: @code{#f})
This should be the SSH host key of the machine, which looks like this:
@example
ssh-ed25519 AAAAC3Nz@dots{} root@@example.org
@end example
When @code{host-key} is @code{#f}, the server is authenticated against
the @file{~/.ssh/known_hosts} file, just like the OpenSSH @command{ssh}
client does.
@end table
@end deftp

View file

@ -54,6 +54,7 @@ (define-module (gnu machine ssh)
machine-ssh-configuration-authorize?
machine-ssh-configuration-port
machine-ssh-configuration-user
machine-ssh-configuration-host-key
machine-ssh-configuration-session))
;;; Commentary:
@ -87,6 +88,8 @@ (define-record-type* <machine-ssh-configuration> machine-ssh-configuration
(identity machine-ssh-configuration-identity ; path to a private key
(default #f))
(session machine-ssh-configuration-session ; session
(default #f))
(host-key machine-ssh-configuration-host-key ; #f | string
(default #f)))
(define (machine-ssh-session machine)
@ -98,11 +101,13 @@ (define (machine-ssh-session machine)
(let ((host-name (machine-ssh-configuration-host-name config))
(user (machine-ssh-configuration-user config))
(port (machine-ssh-configuration-port config))
(identity (machine-ssh-configuration-identity config)))
(identity (machine-ssh-configuration-identity config))
(host-key (machine-ssh-configuration-host-key config)))
(open-ssh-session host-name
#:user user
#:port port
#:identity identity)))))
#:identity identity
#:host-key host-key)))))
;;;