test: try sudo.sshagentauth
This commit is contained in:
parent
a8237efb4d
commit
c40d7d5b6d
3 changed files with 10 additions and 8 deletions
|
@ -8,6 +8,7 @@ let
|
|||
hosts = outputs.nixosConfigurations;
|
||||
in
|
||||
{
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
@ -18,9 +19,11 @@ in
|
|||
StreamLocalBindUnlink = "yes";
|
||||
# Allow forwarding ports to everywhere
|
||||
GatewayPorts = "clientspecified";
|
||||
# Don't allow home-directory authorized_keys
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
# Passwordless sudo when SSH'ing with keys
|
||||
security.pam.enableSSHAgentAuth = true;
|
||||
|
||||
}
|
||||
|
|
|
@ -77,13 +77,9 @@
|
|||
];
|
||||
};
|
||||
|
||||
security.pam.sshAgentAuth = {
|
||||
# Passwordless sudo when SSH'ing with keys
|
||||
enable = true;
|
||||
authorizedKeysFiles = [
|
||||
"/etc/ssh/authorized_keys.d/%u"
|
||||
];
|
||||
};
|
||||
# Passwordless sudo when SSH'ing with keys
|
||||
security.pam.enableSSHAgentAuth = true;
|
||||
security.pam.services.sudo.sshAgentAuth = true;
|
||||
|
||||
# Free up to 1GiB whenever there is less than 100MiB left.
|
||||
nix.extraOptions = ''
|
||||
|
|
|
@ -29,6 +29,9 @@
|
|||
|
||||
networking.hostName = "nixosvm"; # Define your hostname.
|
||||
|
||||
# Passwordless sudo when SSH'ing with keys
|
||||
security.pam.enableSSHAgentAuth = true;
|
||||
security.pam.services.sudo.sshAgentAuth = true;
|
||||
|
||||
|
||||
# Pick only one of the below networking options.
|
||||
|
|
Reference in a new issue