diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-10 13:43:44 +0100 | 
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-10 13:43:44 +0100 | 
| commit | 8fc222167803e951a819f4e7c67c367a8cb4169d (patch) | |
| tree | 14336da49a9596b0d1c493f444dee6fd910829df /accounts/gkleen@sif | |
| parent | 7bc537b401436edff868777f36c45661183c9115 (diff) | |
| download | nixos-8fc222167803e951a819f4e7c67c367a8cb4169d.tar nixos-8fc222167803e951a819f4e7c67c367a8cb4169d.tar.gz nixos-8fc222167803e951a819f4e7c67c367a8cb4169d.tar.bz2 nixos-8fc222167803e951a819f4e7c67c367a8cb4169d.tar.xz nixos-8fc222167803e951a819f4e7c67c367a8cb4169d.zip | |
...
Diffstat (limited to 'accounts/gkleen@sif')
| -rw-r--r-- | accounts/gkleen@sif/default.nix | 2 | ||||
| -rw-r--r-- | accounts/gkleen@sif/ssh-hosts.nix | 12 | ||||
| -rw-r--r-- | accounts/gkleen@sif/ssh/uniworx.de-ca.pub | 1 | 
3 files changed, 14 insertions, 1 deletions
| diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index 39e17828..de315ede 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix | |||
| @@ -91,7 +91,7 @@ in { | |||
| 91 | Match host mathw0g.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 91 | Match host mathw0g.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 
| 92 | HostName mathw0g.math.lmu.de | 92 | HostName mathw0g.math.lmu.de | 
| 93 | 93 | ||
| 94 | Match host *.cipmath.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 94 | Match host *.cipmath.loc !host cip04.cipmath.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 
| 95 | ProxyJump cip04 | 95 | ProxyJump cip04 | 
| 96 | 96 | ||
| 97 | Match host *.ifi.lmu.de,*.math.lmu.de | 97 | Match host *.ifi.lmu.de,*.math.lmu.de | 
| diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix index 0021c75e..d6f7c1dc 100644 --- a/accounts/gkleen@sif/ssh-hosts.nix +++ b/accounts/gkleen@sif/ssh-hosts.nix | |||
| @@ -423,6 +423,7 @@ | |||
| 423 | }; | 423 | }; | 
| 424 | "cip04" = | 424 | "cip04" = | 
| 425 | { hostname = "cip04.cipmath.loc"; | 425 | { hostname = "cip04.cipmath.loc"; | 
| 426 | proxyJump = "mathw0h"; | ||
| 426 | }; | 427 | }; | 
| 427 | "mgmt01" = | 428 | "mgmt01" = | 
| 428 | { hostname = "mgmt01.mathinst.loc"; | 429 | { hostname = "mgmt01.mathinst.loc"; | 
| @@ -468,4 +469,15 @@ | |||
| 468 | user = "git"; | 469 | user = "git"; | 
| 469 | identityFile = "~/.ssh/gitlab.com"; | 470 | identityFile = "~/.ssh/gitlab.com"; | 
| 470 | }; | 471 | }; | 
| 472 | "*.uniworx.de" = | ||
| 473 | { user = "gkleen"; | ||
| 474 | identityFile = "~/.ssh/gkleen@uniworx.de"; | ||
| 475 | certificateFile = "~/.ssh/gkleen@uniworx.de-cert.pub"; | ||
| 476 | extraOptions = { | ||
| 477 | UpdateHostKeys = "no"; | ||
| 478 | UserKnownHostsFile = toString (pkgs.writeText "ssh_known_hosts" '' | ||
| 479 | @cert-authority *.uniworx.de ${builtins.readFile ./ssh/uniworx.de-ca.pub} | ||
| 480 | ''); | ||
| 481 | }; | ||
| 482 | }; | ||
| 471 | } | 483 | } | 
| diff --git a/accounts/gkleen@sif/ssh/uniworx.de-ca.pub b/accounts/gkleen@sif/ssh/uniworx.de-ca.pub new file mode 100644 index 00000000..bfc6de25 --- /dev/null +++ b/accounts/gkleen@sif/ssh/uniworx.de-ca.pub | |||
| @@ -0,0 +1 @@ | |||
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFAQPbCJTfCUizidvy2KZymO5xJcmXC8DE3xeky7b8XZ Certificate Authority for *.uniworx.de | |||
