From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: bug#27388: offloading: Add support for keyfile-less keys as used by GnuPG Date: Thu, 15 Jun 2017 19:13:59 +0000 Message-ID: <20170615191359.ysym3dv4c7f5lwek@abyayala> References: <20170615185615.2mvxprvn6bn523gn@abyayala> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qd5jktfpeysnw2w3" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:34286) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dLaEV-0005VZ-QO for bug-guix@gnu.org; Thu, 15 Jun 2017 15:15:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dLaEQ-0002OF-PG for bug-guix@gnu.org; Thu, 15 Jun 2017 15:15:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:47236) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dLaEQ-0002OB-LF for bug-guix@gnu.org; Thu, 15 Jun 2017 15:15:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dLaEQ-0007XF-GK for bug-guix@gnu.org; Thu, 15 Jun 2017 15:15:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <20170615185615.2mvxprvn6bn523gn@abyayala> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 27388@debbugs.gnu.org --qd5jktfpeysnw2w3 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ng0 transcribed 2.3K bytes: > At the moment the field (private-key) in /etc/guix/machines.scm expects > to be a file. > When you use GnuPG authentication keys for ssh logins, you have no > pubkey file, but you have a very long pubkey which can be used with > ~/.ssh/authorized_keys and similar mechanisms. >=20 > Example: >=20 > user@abyayala ~/src/guix/guix$ cat /etc/guix/machines.scm > (list (build-machine > =E2=80=A6 > (privat-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgRM0G+Dnl/wlrH= Nb9sr3/yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dmVCo5= 7O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFWy8nDSw4RR1d+OU5= /Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++i4PaiWyrQDm1FAYtMGW5MBKH3o= hO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0+r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9X= R2wf3rVGR6KRcLWPEXLkGfAPCs+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK= 0EUrVHdFc1q8tcCeq0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dL= eVSXJrUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6Q5opbe= hdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73RWj3bFcMnPHHlJgxXB= 1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoXg4TIPz6gv6Bg1OiGpfseGw=3D=3D= (none)") > =E2=80=A6 Actually this might be the wrong approach. The key you see above is the public key equivalent to the ssh pubkey. The private key is only in the GnuPG keyring. Solution for this kind of situations are welcome. For now I'll use ssh pubkeys. --=20 ng0 OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588 https://krosos.org/~/ng0/ https://www.infotropique.org --qd5jktfpeysnw2w3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAllC3HcACgkQ4i+bv+40 hYg4VRAAkxOaJaKoJJzkNugBwakU1ICjWECbydQBDbrMgIrAirJhZ0HYS/zD5l0i o+iwkKQERBgoVIG/aPjkv4Kah4S0aXilWXTdZLQ/F42U+xOfY7361JL0pDGpIw70 /NbZ4gUC+LNSnn5JwGzg7lbM3WWdnBfZMYwwmAORQ23p1hhyd3bDGvOmtl2i7YPQ vwoDbHAqZ78nmHI04wqLoKSyjAHMI9HMlMfS+NT4k2Cvj7tuk8vWDLhN33f0m/at mlDzPDKczgPNFqHAVW6ruu6uvuDw0cBJ79P6BrVfTMt2UGmmK6fu/zkpfOzBMVdI TLILtp9mqrHNM4WMLUWdF+tUH7Cu4vZkU6yjV0qS0JVDn3zZTNe7/zoyadVeWJx4 4IQTFiKvcWvfPWz4jYiKuB8gVxGR/etT18SBE6Z9UvV25sCPc8s0WWBcDfXwqoL0 48hKiuLP/aQYUbHR4gtsIpFSPAm17rHyD1mHrTbj0L7IquBnJp+u04QXn/BjlgIT CLWtNpw4evuO0bKsepk7EvilPudEpgEsMYxTBua4z7tKVfQcUtfl8RNsSnbH2tsh ay04SYtnkhhvsnM4ItVpFAs2qyCdYq4cnAM/Q/OM84z4fBFgiBa9CxqL7HUx15JJ TfsD1LmVIRzspEevAn+VnGZjcvwe142EHSWhbhynbAgC5vLRYp0= =lrXm -----END PGP SIGNATURE----- --qd5jktfpeysnw2w3--