From 7a69b3e738a587915a374994e05e8e10f1216721 Mon Sep 17 00:00:00 2001 From: Jan Schmitt Date: Thu, 15 Dec 2022 21:46:07 +0100 Subject: [PATCH] ssh: add addKeysToAgent option --- modules/programs/ssh.nix | 12 ++++++++++++ .../programs/ssh/default-config-expected.conf | 1 + ...wards-dynamic-valid-bind-no-asserts-expected.conf | 1 + .../programs/ssh/match-blocks-attrs-expected.conf | 1 + .../ssh/match-blocks-match-and-hosts-expected.conf | 1 + 5 files changed, 16 insertions(+) diff --git a/modules/programs/ssh.nix b/modules/programs/ssh.nix index e510fe8a..5d038075 100644 --- a/modules/programs/ssh.nix +++ b/modules/programs/ssh.nix @@ -361,6 +361,17 @@ in ''; }; + addKeysToAgent = mkOption { + type = types.str; + default = "no"; + description = '' + When enabled, a private key that is used during authentication will be + added to ssh-agent if it is running (with confirmation enabled if + set to 'confirm'). The argument must be 'no' (the default), 'yes', 'confirm' + (optionally followed by a time interval), 'ask' or a time interval (e.g. '1h'). + ''; + }; + compression = mkOption { default = false; type = types.bool; @@ -528,6 +539,7 @@ in Host * ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent} + AddKeysToAgent ${cfg.addKeysToAgent} Compression ${lib.hm.booleans.yesNo cfg.compression} ServerAliveInterval ${toString cfg.serverAliveInterval} ServerAliveCountMax ${toString cfg.serverAliveCountMax} diff --git a/tests/modules/programs/ssh/default-config-expected.conf b/tests/modules/programs/ssh/default-config-expected.conf index d205cab1..d387017b 100644 --- a/tests/modules/programs/ssh/default-config-expected.conf +++ b/tests/modules/programs/ssh/default-config-expected.conf @@ -2,6 +2,7 @@ Host * ForwardAgent no + AddKeysToAgent no Compression no ServerAliveInterval 0 ServerAliveCountMax 3 diff --git a/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf b/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf index a67a96ca..06720d4f 100644 --- a/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf +++ b/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf @@ -5,6 +5,7 @@ Host dynamicBindPathNoPort Host * ForwardAgent no + AddKeysToAgent no Compression no ServerAliveInterval 0 ServerAliveCountMax 3 diff --git a/tests/modules/programs/ssh/match-blocks-attrs-expected.conf b/tests/modules/programs/ssh/match-blocks-attrs-expected.conf index b6b760ce..903dc571 100644 --- a/tests/modules/programs/ssh/match-blocks-attrs-expected.conf +++ b/tests/modules/programs/ssh/match-blocks-attrs-expected.conf @@ -18,6 +18,7 @@ Host ordered Host * ForwardAgent no + AddKeysToAgent no Compression no ServerAliveInterval 0 ServerAliveCountMax 3 diff --git a/tests/modules/programs/ssh/match-blocks-match-and-hosts-expected.conf b/tests/modules/programs/ssh/match-blocks-match-and-hosts-expected.conf index d50343b9..6e618318 100644 --- a/tests/modules/programs/ssh/match-blocks-match-and-hosts-expected.conf +++ b/tests/modules/programs/ssh/match-blocks-match-and-hosts-expected.conf @@ -7,6 +7,7 @@ Match host xyz canonical Host * ForwardAgent no + AddKeysToAgent no Compression no ServerAliveInterval 0 ServerAliveCountMax 3