From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id aE1MNdbTPWYzZgAAe85BDQ:P1 (envelope-from ) for ; Fri, 10 May 2024 09:59:19 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id aE1MNdbTPWYzZgAAe85BDQ (envelope-from ) for ; Fri, 10 May 2024 09:59:19 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="N/Jp3Peh"; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1715327958; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=7Kt5wXxCOsu9fZRVs1bD/XPBb9gGo3F4cdbMYBa+iTQ=; b=Wt0mASuKkRMJuA9X57Q71Mp7dqVnhfcphqYr+Dh6d3DWeEfr+9oNz/Qr3J5OnGmQY17fux 91+oqcA4CmozgGynz4f7zOc0okQKXnEBqs/jd0Hy5nV8+hNqOW4U7f4SdX3UoBC9RE5DjU H5XnMkvjyqFU0wnAL9b/CcIpzzMNTwuZyPuMKpy1Ia9jhGltdjTC8FRCRyXq8107er0jKi fGiIxNihCwqkD4cy9pW5P+/r95oGGnwoAZPHvlAx45rrcvzpHfAumP3V1UNs6q9SnBim6d 8U4+/xc3Y70I46yoayrwJ2oeywEaeK3pmtk1qrhiCZYEsmuB6xw7XwtsJQF2MQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="N/Jp3Peh"; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1715327958; a=rsa-sha256; cv=none; b=AuWifuLM4v8/YNncQMKSgzddllsQW99gOFVFJszmKoeSQ/QoPTIWRhVj3Th/A+mQCyRXwm iItJMO52/PEwvmTEmYem7GkC3XEJxrjzN4drYkImuz9uIsGAudBrDRXOYZ8Sq8JDXFd24/ +lNWYTVxTETVMPz5F7kdbeY2etJeNocoga9KLAB819h5TH/lEvnOpnhnWleUsJ0T641QM8 ikVKqpyt6BGLUt5GB1cxYB14IXy0a8k6g6A8UrZDpfC935mpdIrYnO6yiMD3Br4zugG+p2 pGhWAF3z7ksC4Qf6f8W1zPHvmcnMYSBsLT+LiN+URVXxh/a9sOCaVIAwEJXURw== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B91C1739C6 for ; Fri, 10 May 2024 09:59:18 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s5L9L-0002ne-1P; Fri, 10 May 2024 03:58:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s5L8Y-0002BN-II for guix-devel@gnu.org; Fri, 10 May 2024 03:57:51 -0400 Received: from mail-lf1-x130.google.com ([2a00:1450:4864:20::130]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1s5L8V-0005an-2G for guix-devel@gnu.org; Fri, 10 May 2024 03:57:50 -0400 Received: by mail-lf1-x130.google.com with SMTP id 2adb3069b0e04-51f0f6b613dso1984598e87.1 for ; Fri, 10 May 2024 00:57:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715327865; x=1715932665; darn=gnu.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=7Kt5wXxCOsu9fZRVs1bD/XPBb9gGo3F4cdbMYBa+iTQ=; b=N/Jp3PehPNDkOlzYy0E2mEQ1KFmtikoHPlDkrIpnQN713EelVc1H8aNrfVI8pXIOsb Mz4GVDI2ERWlKKpntmGh/RE6jXOB0nfqh9VCHNuDQzcFu5C14T4+4QtJoEIBJOUiWNGh BMuVCgWCnV5IKprlz2wBeETTp7i4CcQWw1OQRQ2oMMgcuJVtLRLfRb6Li8V6BbWXe77Z 2vkfY95MtWx09Prmd2v2DaFygsSix+ou2BR9sH4a5oROn2UMUGpK3rrNEgvE0/UIklEB b3fkL0hIPfwvv08njlbKhS1wBjwWDVvF7TIG1NJKX8eQVF7/TSpIu1mJ2IqKDNCzSS4e JEAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715327865; x=1715932665; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=7Kt5wXxCOsu9fZRVs1bD/XPBb9gGo3F4cdbMYBa+iTQ=; b=p2yR5J/5TP6DkU4aHtPStzl56B7nbmWHGLGx0H64jVlbUWG9HV+HBC+JA+esYyHy9e qfqczZn3W3xHBVEl4RUkfYesDTAVApi1Lfzo1YdV6wQ3t1hc+vX+iyj2l9K/NUBvvnh6 IWZBuagE1ovaiNFo8k6wMExI4SbudVIqqExXb/qNF++02S81ZOU4NxKjraKCk3LpM63Y 0YnQeek7hsApek3GMk+hqp/L8VBsW/W1OOyApMM7Ffxh56Gjw7fAuVwt1wGu1wcv/X/C xK2bKioaZALeAyDz1n5vZqOBIekN1Z+y68+biXMalAt9WRsUI33DnIVoLiBjyznHGZmw NUKw== X-Gm-Message-State: AOJu0YxfAI26miz8cjoQE7q6Bt2XyhuxAjMHOiTHoLPNlqoFb37zsW5u 8IQ7AHqmFxY5QGzux4AAcPI7MD1wdJf0Kxb8LgMLNfIUjB4BWIqLyuLP5DnTy5jNnRRTVz0QeWJ RapctIFWTFscFU4gBsn27YrqVbqLkDAYfBls= X-Google-Smtp-Source: AGHT+IEfgd5en27bckTaV53+Rn6T3HnqgrKRwVQhj8cps1DYT9jOJJ57lNXlULrEtWm6iEtZP9dcKE8uCKM9Eq1Gw9o= X-Received: by 2002:a05:6512:281c:b0:51d:27c8:27e6 with SMTP id 2adb3069b0e04-5220fd7d325mr1320588e87.30.1715327864540; Fri, 10 May 2024 00:57:44 -0700 (PDT) MIME-Version: 1.0 From: Ashvith Shetty Date: Fri, 10 May 2024 07:57:33 +0000 Message-ID: Subject: Demystifying SSH configuration for remote software forges on Guix System To: guix-devel@gnu.org Content-Type: multipart/alternative; boundary="0000000000000a1551061814e41f" Received-SPF: pass client-ip=2a00:1450:4864:20::130; envelope-from=ashvithshetty10@gmail.com; helo=mail-lf1-x130.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Spam-Score: -7.74 X-Migadu-Queue-Id: B91C1739C6 X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -7.74 X-TUID: M5NvZoLAGD4E --0000000000000a1551061814e41f Content-Type: text/plain; charset="UTF-8" I would like to understand the process for configuring SSH for software forges, like Forgejo, GitLab or GitHub. So far, what I've noticed is that by itself, SSH does not work properly, and that after opening a new terminal session (window or tab, it does not matter), I am forced to repeat the following step every time, before any pull or push: ```console $ eval $(ssh-agent -s) $ ssh-add ``` Before I continue any further, I wanted to let you folks know that presently, I am on XFCE4. I don't remember clearly if GNOME Desktop did some magic behind the back, or if I had to repeat similar steps over there, because I've not touched Git for some time. I've tried adding GNOME Keyring as a service in the latest system configuration (of course, with XFCE4), assuming that this missing service was what I should have probably added, but that does not seem to be the case. What am I missing over here? And finally, I've come across `home-openssh-service-type` - which I've yet to try, but reading from the docs, am I supposed to put my private and public keys in the repository? How do I go about this? Isn't that a security risk? Thanks, Ashvith --0000000000000a1551061814e41f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I would like to understand the process= for configuring SSH for software forges, like Forgejo, GitLab or GitHub. S= o far, what I've noticed is that by itself, SSH does not work properly,= and that after opening a new terminal session (window or tab, it does not = matter), I am forced to repeat the following step every time, before any pu= ll or push:

```console
$ eval $(ssh-agent -s)
$ ssh-add <pa= th-to-private-key>
```

Before I continue any further, I = wanted to let you folks know that presently, I am on XFCE4. I don't rem= ember clearly if GNOME Desktop did some magic behind the back, or if I had = to repeat similar steps over there, because I've not touched Git for so= me time.

I've tried adding GNOME Keyring as a = service in the latest system configuration (of course, with XFCE4), assumin= g that this missing service was what I should have probably added, but that= does not seem to be the case. What am I missing over here?

An= d finally, I've come across `home-openssh-service-type` - which I'v= e yet to try, but reading from the docs, am I supposed to put my private an= d public keys in the repository? How do I go about this? Isn't that a s= ecurity risk?

Thanks,
Ashvith
--0000000000000a1551061814e41f--