diff options
| author | Oleg Pykhalov <go.wigust@gmail.com> | 2026-01-31 18:35:02 +0300 |
|---|---|---|
| committer | Oleg Pykhalov <go.wigust@gmail.com> | 2026-02-02 15:43:22 +0300 |
| commit | f86f25377a77e91a6c2734aa61d007559c8451f9 (patch) | |
| tree | fb752a275bd74226915d4ee662c1e058b08f9957 /gnu | |
| parent | 76b220ee30dc7a82ced23151cd4002c67bfb5905 (diff) | |
home: services: ssh: Add support for known_hosts2 file.
This commit adds a new 'known-hosts2' field to the OpenSSH home service
configuration, enabling a hybrid approach to SSH host key management.
* gnu/home/services/ssh.scm (<home-openssh-configuration>)[known-hosts2]: New field.
(openssh-configuration-files): Generate ~/.ssh/known_hosts2 when specified.
* doc/guix.texi (Secure Shell): Document new 'known-hosts2' field.
Change-Id: I1d314706eaf6af9547833020abe857f4d8c44b86
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/home/services/ssh.scm | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/gnu/home/services/ssh.scm b/gnu/home/services/ssh.scm index 295707d59fb..3f9d3cd3388 100644 --- a/gnu/home/services/ssh.scm +++ b/gnu/home/services/ssh.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke@gnu.org> ;;; Copyright © 2023 Nicolas Graves <ngraves@ngraves.fr> ;;; Copyright © 2023 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2026 Oleg Pykhalov <go.wigust@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -311,6 +312,8 @@ through before connecting to the server.") (default #f)) (known-hosts home-openssh-configuration-known-hosts ;unspec | list of file-like (default *unspecified*)) + (known-hosts2 home-openssh-configuration-known-hosts2 ;unspec | list of file-like + (default *unspecified*)) (hosts home-openssh-configuration-hosts ;list of <openssh-host> (default '())) (add-keys-to-agent home-openssh-configuration-add-keys-to-agent ;string with limited values @@ -376,6 +379,7 @@ inserted after each of them." (let* ((ssh-config (plain-file "ssh.conf" (openssh-configuration->string config))) (known-hosts (home-openssh-configuration-known-hosts config)) + (known-hosts2 (home-openssh-configuration-known-hosts2 config)) (authorized-keys (home-openssh-configuration-authorized-keys config)) (authorized-keys (and authorized-keys @@ -387,6 +391,10 @@ inserted after each of them." '() `((".ssh/known_hosts" ,(file-join "known_hosts" known-hosts "\n")))) + ,@(if (unspecified? known-hosts2) + '() + `((".ssh/known_hosts2" + ,(file-join "known_hosts2" known-hosts2 "\n")))) (".ssh/config" ,ssh-config)))) (define openssh-activation |