GNU bug report logs - #77013
[PATCH] machine: hetzner: Allow connections using ssh-agent.

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Sergey Trofimov <sarg <at> sarg.org.ru>
Subject: bug#77013: closed (Re: [bug#77013] [PATCH] machine: hetzner:
 Allow connections using ssh-agent.)
Date: Sun, 06 Apr 2025 09:47:02 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#77013: [PATCH] machine: hetzner: Allow connections using ssh-agent.

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 77013 <at> debbugs.gnu.org.

-- 
77013: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=77013
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Ludovic Courtès <ludo <at> gnu.org>
To: Sergey Trofimov <sarg <at> sarg.org.ru>
Cc: Roman Scherer <roman <at> burningswell.com>,
 Maxim Cournoyer <maxim.cournoyer <at> gmail.com>, 77013-done <at> debbugs.gnu.org
Subject: Re: [bug#77013] [PATCH] machine: hetzner: Allow connections using
 ssh-agent.
Date: Sun, 06 Apr 2025 11:46:01 +0200

Hi Sergey,

Ludovic Courtès <ludo <at> gnu.org> skribis:

> Sergey Trofimov <sarg <at> sarg.org.ru> skribis:
>
>> * gnu/machine/hetzner.scm (<hetzner-configuration>): Add ssh-public-key.
>> * doc/guix.texi (System Configuration)[hetzner-configuration]: Document it.
>
> [...]
>
>> -@item @code{ssh-key}
>> -The file name of the SSH private key to use to authenticate with the
>> +@item @code{ssh-key} (default: @code{#f})
>> +If specified, the path to the SSH private key to use to authenticate with the
>
> s/path/file name/
>
> At first sight the rest LGTM but I’ll let Roman comment.

No news from Roman so I made the change above and applied it.

Thanks,
Ludo’.

[Message part 3 (message/rfc822, inline)]

From: Sergey Trofimov <sarg <at> sarg.org.ru>
To: guix-patches <at> gnu.org
Cc: Sergey Trofimov <sarg <at> sarg.org.ru>
Subject: [PATCH] machine: hetzner: Allow connections using ssh-agent.
Date: Fri, 14 Mar 2025 16:06:54 +0100

* gnu/machine/hetzner.scm (<hetzner-configuration>): Add ssh-public-key.
* doc/guix.texi (System Configuration)[hetzner-configuration]: Document it.
---
 doc/guix.texi           | 11 ++++++++---
 gnu/machine/hetzner.scm | 17 +++++++++++------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index d109877a32..49ac018913 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -45942,10 +45942,15 @@ Invoking guix deploy
 server type is currently not supported, since its rescue system is too
 small to bootstrap a Guix system from.
 
-@item @code{ssh-key}
-The file name of the SSH private key to use to authenticate with the
+@item @code{ssh-key} (default: @code{#f})
+If specified, the path to the SSH private key to use to authenticate with the
 remote host.
 
+@item @code{ssh-public-key} (default: extracted from @code{ssh-key})
+If specified, either a public key as returned by
+@code{string->public-key} or the path to the SSH public key to use to
+authenticate with the remote host.
+
 @end table
 
 When deploying a machine for the first time, the following steps are
@@ -46008,7 +46013,7 @@ Invoking guix deploy
        (environment hetzner-environment-type)
        (configuration (hetzner-configuration
                        (server-type "cpx51")
-                       (ssh-key "/home/charlie/.ssh/id_rsa")))))
+                       (ssh-public-key "/home/charlie/.ssh/id_rsa.pub")))))
 @end lisp
 
 @vindex GUIX_HETZNER_API_TOKEN
diff --git a/gnu/machine/hetzner.scm b/gnu/machine/hetzner.scm
index bc8d2efbd3..e8484e4d51 100644
--- a/gnu/machine/hetzner.scm
+++ b/gnu/machine/hetzner.scm
@@ -77,6 +77,7 @@ (define-module (gnu machine hetzner)
             hetzner-configuration-location
             hetzner-configuration-server-type
             hetzner-configuration-ssh-key
+            hetzner-configuration-ssh-public-key
             hetzner-configuration?
             hetzner-environment-type))
 
@@ -204,20 +205,24 @@ (define-record-type* <hetzner-configuration> hetzner-configuration
             (default "fsn1"))
   (server-type hetzner-configuration-server-type ; string
                (default "cx42"))
-  (ssh-key hetzner-configuration-ssh-key)) ; string
+  (ssh-public-key hetzner-configuration-ssh-public-key ; public-key | string
+                  (thunked)
+                  (default (public-key-from-file (hetzner-configuration-ssh-key this-hetzner-configuration)))
+                  (sanitize
+                   (lambda (value)
+                     (if (string? value) (public-key-from-file value) value))))
+  (ssh-key hetzner-configuration-ssh-key
+           (default #f))) ; #f | string
 
 (define (hetzner-configuration-ssh-key-fingerprint config)
   "Return the SSH public key fingerprint of CONFIG as a string."
-  (and-let* ((file-name (hetzner-configuration-ssh-key config))
-             (privkey (private-key-from-file file-name))
-             (pubkey (private-key->public-key privkey))
+  (and-let* ((pubkey (hetzner-configuration-ssh-public-key config))
              (hash (get-public-key-hash pubkey 'md5)))
     (bytevector->hex-string hash)))
 
 (define (hetzner-configuration-ssh-key-public config)
   "Return the SSH public key of CONFIG as a string."
-  (and-let* ((ssh-key (hetzner-configuration-ssh-key config))
-             (public-key (public-key-from-file ssh-key)))
+  (let ((public-key (hetzner-configuration-ssh-public-key config)))
     (format #f "ssh-~a ~a" (get-key-type public-key)
             (public-key->string public-key))))
 

base-commit: 9449ab3c2025820d2e6fd679fa7e34832b667ea7
--
2.48.1

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.