GNU bug report logs - #27388
offloading: Add support for keyfile-less keys as used by GnuPG

Previous Next

Package: guix;

Reported by: ng0 <ng0 <at> infotropique.org>

Date: Thu, 15 Jun 2017 18:57:02 UTC

Severity: normal

Tags: fixed, notabug

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 27388 in the body.
You can then email your comments to 27388 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-guix <at> gnu.org:
bug#27388; Package guix. (Thu, 15 Jun 2017 18:57:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to ng0 <ng0 <at> infotropique.org>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Thu, 15 Jun 2017 18:57:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: ng0 <ng0 <at> infotropique.org>
To: bug-guix <at> gnu.org
Subject: offloading: Add support for keyfile-less keys as used by GnuPG
Date: Thu, 15 Jun 2017 18:56:15 +0000
[Message part 1 (text/plain, inline)]
At the moment the field (private-key) in /etc/guix/machines.scm expects
to be a file.
When you use GnuPG authentication keys for ssh logins, you have no
pubkey file, but you have a very long pubkey which can be used with
~/.ssh/authorized_keys and similar mechanisms.

Example:

user <at> abyayala ~/src/guix/guix$ cat /etc/guix/machines.scm
(list (build-machine
      …
       (privat-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgRM0G+Dnl/wlrHNb9sr3/yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dmVCo57O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFWy8nDSw4RR1d+OU5/Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++i4PaiWyrQDm1FAYtMGW5MBKH3ohO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0+r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9XR2wf3rVGR6KRcLWPEXLkGfAPCs+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK0EUrVHdFc1q8tcCeq0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dLeVSXJrUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6Q5opbehdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73RWj3bFcMnPHHlJgxXB1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoXg4TIPz6gv6Bg1OiGpfseGw== (none)")
      …
-- 
ng0
OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://krosos.org/~/ng0/ https://www.infotropique.org
[signature.asc (application/pgp-signature, inline)]

Information forwarded to bug-guix <at> gnu.org:
bug#27388; Package guix. (Thu, 15 Jun 2017 19:15:02 GMT) Full text and rfc822 format available.

Message #8 received at 27388 <at> debbugs.gnu.org (full text, mbox):

From: ng0 <ng0 <at> infotropique.org>
To: 27388 <at> debbugs.gnu.org
Subject: Re: bug#27388: offloading: Add support for keyfile-less keys as used
 by GnuPG
Date: Thu, 15 Jun 2017 19:13:59 +0000
[Message part 1 (text/plain, inline)]
ng0 transcribed 2.3K bytes:
> At the moment the field (private-key) in /etc/guix/machines.scm expects
> to be a file.
> When you use GnuPG authentication keys for ssh logins, you have no
> pubkey file, but you have a very long pubkey which can be used with
> ~/.ssh/authorized_keys and similar mechanisms.
> 
> Example:
> 
> user <at> abyayala ~/src/guix/guix$ cat /etc/guix/machines.scm
> (list (build-machine
>       …
>        (privat-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgRM0G+Dnl/wlrHNb9sr3/yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dmVCo57O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFWy8nDSw4RR1d+OU5/Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++i4PaiWyrQDm1FAYtMGW5MBKH3ohO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0+r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9XR2wf3rVGR6KRcLWPEXLkGfAPCs+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK0EUrVHdFc1q8tcCeq0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dLeVSXJrUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6Q5opbehdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73RWj3bFcMnPHHlJgxXB1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoXg4TIPz6gv6Bg1OiGpfseGw== (none)")
>       …

Actually this might be the wrong approach.

The key you see above is the public key equivalent to the ssh pubkey.
The private key is only in the GnuPG keyring.

Solution for this kind of situations are welcome. For now I'll use
ssh pubkeys.
-- 
ng0
OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://krosos.org/~/ng0/ https://www.infotropique.org
[signature.asc (application/pgp-signature, inline)]

Added tag(s) notabug. Request was from ludo <at> gnu.org (Ludovic Courtès) to control <at> debbugs.gnu.org. (Mon, 26 Jun 2017 19:58:02 GMT) Full text and rfc822 format available.

bug closed, send any further explanations to 27388 <at> debbugs.gnu.org and ng0 <ng0 <at> infotropique.org> Request was from ludo <at> gnu.org (Ludovic Courtès) to control <at> debbugs.gnu.org. (Mon, 26 Jun 2017 19:58:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-guix <at> gnu.org:
bug#27388; Package guix. (Mon, 26 Jun 2017 21:19:01 GMT) Full text and rfc822 format available.

Message #15 received at 27388 <at> debbugs.gnu.org (full text, mbox):

From: ng0 <ng0 <at> infotropique.org>
To: 27388 <at> debbugs.gnu.org
Cc: ng0 <ng0 <at> infotropique.org>
Subject: Re: bug#27388 acknowledged by developer (control message for bug
 #27388)
Date: Mon, 26 Jun 2017 21:17:42 +0000
[Message part 1 (text/plain, inline)]
GNU bug Tracking System transcribed 0.4K bytes:
> This is an automatic notification regarding your bug report
> #27388: offloading: Add support for keyfile-less keys as used by GnuPG,
> which was filed against the guix package.
> 
> Thank you for your report, which has now been closed.
> You can view the full report at
> http://debbugs.gnu.org/cgi/bugreport.cgi?bug=27388
> 
> If you require further information, please followup to 27388 <at> debbugs.gnu.org.
> 
> debbugs.gnu.org maintainers
> (administrator, GNU bugs database)
> 
> 

Could someone tell me why this has been closed?
-- 
ng0
OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
infotropique: https://www.infotropique.org
personal: https://ng-0.github.io https://krosos.org/
[signature.asc (application/pgp-signature, inline)]

Did not alter fixed versions and reopened. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Mon, 03 Jul 2017 22:14:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-guix <at> gnu.org:
bug#27388; Package guix. (Mon, 03 Jul 2017 22:18:01 GMT) Full text and rfc822 format available.

Message #20 received at 27388 <at> debbugs.gnu.org (full text, mbox):

From: ng0 <ng0 <at> infotropique.org>
To: 27388 <at> debbugs.gnu.org
Subject: Re: bug#27388: offloading: Add support for keyfile-less keys as used
 by GnuPG
Date: Mon, 3 Jul 2017 22:16:56 +0000
[Message part 1 (text/plain, inline)]
ng0 transcribed 2.6K bytes:
> ng0 transcribed 2.3K bytes:
> > At the moment the field (private-key) in /etc/guix/machines.scm expects
> > to be a file.
> > When you use GnuPG authentication keys for ssh logins, you have no
> > pubkey file, but you have a very long pubkey which can be used with
> > ~/.ssh/authorized_keys and similar mechanisms.
> > 
> > Example:
> > 
> > user <at> abyayala ~/src/guix/guix$ cat /etc/guix/machines.scm
> > (list (build-machine
> >       …
> >        (privat-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgRM0G+Dnl/wlrHNb9sr3/yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dmVCo57O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFWy8nDSw4RR1d+OU5/Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++i4PaiWyrQDm1FAYtMGW5MBKH3ohO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0+r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9XR2wf3rVGR6KRcLWPEXLkGfAPCs+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK0EUrVHdFc1q8tcCeq0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dLeVSXJrUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6Q5opbehdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73RWj3bFcMnPHHlJgxXB1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoXg4TIPz6gv6Bg1OiGpfseGw== (none)")
> >       …
> 
> Actually this might be the wrong approach.
> 
> The key you see above is the public key equivalent to the ssh pubkey.
> The private key is only in the GnuPG keyring.
> 
> Solution for this kind of situations are welcome. For now I'll use
> ssh pubkeys.
> -- 
> ng0
> OpenPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
> https://krosos.org/~/ng0/ https://www.infotropique.org

Ignore the second message in this thread. I tried to provide
a possible solution which lead to the believe that this is
considered solved. It isn't. This wishlist bug is still wanted.
-- 
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[signature.asc (application/pgp-signature, inline)]

Added tag(s) fixed. Request was from ludo <at> gnu.org (Ludovic Courtès) to control <at> debbugs.gnu.org. (Thu, 27 Jul 2017 12:27:02 GMT) Full text and rfc822 format available.

bug closed, send any further explanations to 27388 <at> debbugs.gnu.org and ng0 <ng0 <at> infotropique.org> Request was from ludo <at> gnu.org (Ludovic Courtès) to control <at> debbugs.gnu.org. (Thu, 27 Jul 2017 12:27:02 GMT) Full text and rfc822 format available.

bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Fri, 25 Aug 2017 11:24:05 GMT) Full text and rfc822 format available.

This bug report was last modified 6 years and 217 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.