From 6a96bfe3001319734912a9621cbc552baedca24b Mon Sep 17 00:00:00 2001
From: Ryan Schanzenbacher <ryan@rschanz.org>
Date: Wed, 17 May 2023 00:37:34 -0400
Subject: [PATCH] SSH and GPG services

---
 home-config/gnupg/gpg-agent.conf   |  3 +++
 home-config/gnupg/sshcontrol       | 10 ++++++++++
 home-config/home-configuration.scm |  5 ++++-
 home-config/ssh/config             | 12 ++++++++++++
 4 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 home-config/gnupg/gpg-agent.conf
 create mode 100644 home-config/gnupg/sshcontrol
 create mode 100644 home-config/ssh/config

diff --git a/home-config/gnupg/gpg-agent.conf b/home-config/gnupg/gpg-agent.conf
new file mode 100644
index 0000000..53927ac
--- /dev/null
+++ b/home-config/gnupg/gpg-agent.conf
@@ -0,0 +1,3 @@
+enable-ssh-support
+
+pinentry-program /run/current-system/profile/bin/pinentry
diff --git a/home-config/gnupg/sshcontrol b/home-config/gnupg/sshcontrol
new file mode 100644
index 0000000..55e6073
--- /dev/null
+++ b/home-config/gnupg/sshcontrol
@@ -0,0 +1,10 @@
+# List of allowed ssh keys.  Only keys present in this file are used
+# in the SSH protocol.  The ssh-add tool may add new entries to this
+# file to enable them; you may also add them manually.  Comment
+# lines, like this one, as well as empty lines are ignored.  Lines do
+# have a certain length limit but this is not serious limitation as
+# the format of the entries is fixed and checked by gpg-agent. A
+# non-comment line starts with optional white spaces, followed by the
+# keygrip of the key given as 40 hex digits, optionally followed by a
+# caching TTL in seconds, and another optional field for arbitrary
+# flags.   Prepend the keygrip with an '!' mark to disable it.
diff --git a/home-config/home-configuration.scm b/home-config/home-configuration.scm
index 62dec0f..704c8a6 100644
--- a/home-config/home-configuration.scm
+++ b/home-config/home-configuration.scm
@@ -95,4 +95,7 @@
                     ("waybar" ,(local-file "waybar" #:recursive? #t))
                     ("alacritty" ,(local-file "alacritty" #:recursive? #t)) ))
          (service home-files-service-type
-                  `((".local/share/nvim/site/autoload/plug.vim" ,(local-file "nvim/plugin-manager/plug.vim")) )))))
+                  `((".local/share/nvim/site/autoload/plug.vim" ,(local-file "nvim/plugin-manager/plug.vim"))
+                    (".ssh/config" ,(local-file "ssh/config"))
+                    (".gnupg/sshcontrol" ,(local-file "gnupg/sshcontrol"))
+                    (".gnupg/gpg-agent.conf" ,(local-file "gnupg/gpg-agent.conf")) )))))
diff --git a/home-config/ssh/config b/home-config/ssh/config
new file mode 100644
index 0000000..68d7dae
--- /dev/null
+++ b/home-config/ssh/config
@@ -0,0 +1,12 @@
+Match host * exec "gpg-connect-agent UPDATESTARTUPTTY /bye"
+
+Host rocApex
+    HostName 129.158.232.104
+    User root
+
+Host linode
+    HostName 97.107.142.58
+    User root
+
+Host *
+    KexAlgorithms -sntrup761x25519-sha512@openssh.com