Please add certificates support to openssh service

Open

Details

2 participants

david larsson
Nathan Dehnel

Owner: unassigned

Submitted by: Nathan Dehnel

Severity: normal

Nathan Dehnel wrote on 2 Dec 2021 02:02

Recipients:(name . Tobias Geerinckx-Rice via Bug reports for GNU Guix)(address . bug-guix@gnu.org)

Message-ID:CAEEhgEs2MJ-3qznO6Rcq+L+8KdX-+_SSX8i3Xv9zufSciosoNg@mail.gmail.com

Please add support in config.scm for these two fields from sshd_config:

HostCertificate

TrustedUserCAKeys

Thanks in advance.

david larsson wrote on 2 Dec 2021 08:19

Recipients:(name . Nathan Dehnel)(address . ncdehnel@gmail.com)

Message-ID:ab7dc53357d2c2d9a9e201a9b8061d7c@selfhosted.xyz

On 2021-12-02 02:02, Nathan Dehnel wrote:

Toggle quote (7 lines)

> Please add support in config.scm for these two fields from sshd_config:

> HostCertificate

> TrustedUserCAKeys

> Thanks in advance.

Hi Nathan,

This should be fairly easy. You do have an "extra-content" field also,

to use in the meantime:

https://github.com/guix-mirror/guix/blob/master/gnu/services/ssh.scm#L344

Best regards,

David

Nathan Dehnel wrote on 2 Dec 2021 20:50

Recipients:(name . david larsson)(address . david.larsson@selfhosted.xyz)

Message-ID:CAEEhgEu=tY-aMZtsQvk+DOunuO6x9qVitaoDV+scEdjr3DB_5g@mail.gmail.com

Oh, thank you.

On Thu, Dec 2, 2021 at 1:19 AM david larsson

<david.larsson@selfhosted.xyz> wrote:

Toggle quote (17 lines)>
> On 2021-12-02 02:02, Nathan Dehnel wrote:
> > Please add support in config.scm for these two fields from sshd_config:
> >
> > HostCertificate
> > TrustedUserCAKeys
> >
> > Thanks in advance.
>
> Hi Nathan,
>
> This should be fairly easy. You do have an "extra-content" field also,
> to use in the meantime:
> https://github.com/guix-mirror/guix/blob/master/gnu/services/ssh.scm#L344
>
> Best regards,
> David

Nathan Dehnel wrote on 2 Dec 2021 23:27

Recipients:(name . david larsson)(address . david.larsson@selfhosted.xyz)

Message-ID:CAEEhgEsngkPmxc31-d0B_uBj2bTS8DHHt5dDU=q-PzvKWJExRQ@mail.gmail.com

Oh, also the HostKey field is needed.

On Thu, Dec 2, 2021 at 1:50 PM Nathan Dehnel <ncdehnel@gmail.com> wrote:

Toggle quote (22 lines)>
> Oh, thank you.
>
> On Thu, Dec 2, 2021 at 1:19 AM david larsson
> <david.larsson@selfhosted.xyz> wrote:
> >
> > On 2021-12-02 02:02, Nathan Dehnel wrote:
> > > Please add support in config.scm for these two fields from sshd_config:
> > >
> > > HostCertificate
> > > TrustedUserCAKeys
> > >
> > > Thanks in advance.
> >
> > Hi Nathan,
> >
> > This should be fairly easy. You do have an "extra-content" field also,
> > to use in the meantime:
> > https://github.com/guix-mirror/guix/blob/master/gnu/services/ssh.scm#L344
> >
> > Best regards,
> > David

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 52234@debbugs.gnu.org

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date