machine: ssh: <machine-ssh-configuration> can include the host key.

* gnu/machine/ssh.scm (<machine-ssh-configuration>)[host-key]: New field. (machine-ssh-session): Pass #:host-key to 'open-ssh-session'. * doc/guix.texi (Invoking guix deploy): Document it.
2019-12-03 21:59:09 +01:00 · 2019-12-03 21:59:09 +01:00 · ed15dfcf31
parent 2b8682841d
commit ed15dfcf31
2 changed files with 19 additions and 2 deletions
--- a/doc/guix.texi
+++ b/doc/guix.texi
@ -26447,6 +26447,18 @@ keyring.
@item @code{identity} (default: @code{#f})
 If specified, the path to the SSH private key to use to authenticate with the
 remote host.
+
+@item @code{host-key} (default: @code{#f})
+This should be the SSH host key of the machine, which looks like this:
+
+@example
+ssh-ed25519 AAAAC3Nz@dots{} root@@example.org
+@end example
+
+When @code{host-key} is @code{#f}, the server is authenticated against
+the @file{~/.ssh/known_hosts} file, just like the OpenSSH @command{ssh}
+client does.
+
@end table
@end deftp

--- a/gnu/machine/ssh.scm
+++ b/gnu/machine/ssh.scm
@ -54,6 +54,7 @@
            machine-ssh-configuration-authorize?
            machine-ssh-configuration-port
            machine-ssh-configuration-user
+            machine-ssh-configuration-host-key
            machine-ssh-configuration-session))

 ;;; Commentary:
@ -87,6 +88,8 @@
  (identity       machine-ssh-configuration-identity       ; path to a private key
                  (default #f))
  (session        machine-ssh-configuration-session        ; session
+                  (default #f))
+  (host-key       machine-ssh-configuration-host-key       ; #f | string
                  (default #f)))

 (define (machine-ssh-session machine)
@ -98,11 +101,13 @@ one from the configuration's parameters if one was not provided."
        (let ((host-name (machine-ssh-configuration-host-name config))
              (user (machine-ssh-configuration-user config))
              (port (machine-ssh-configuration-port config))
-              (identity (machine-ssh-configuration-identity config)))
+              (identity (machine-ssh-configuration-identity config))
+              (host-key (machine-ssh-configuration-host-key config)))
          (open-ssh-session host-name
                            #:user user
                            #:port port
-                            #:identity identity)))))
+                            #:identity identity
+                            #:host-key host-key)))))


 ;;;