diff options
Diffstat (limited to 'nixpkgs/nixos/modules/programs/ssh.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/programs/ssh.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/programs/ssh.nix b/nixpkgs/nixos/modules/programs/ssh.nix index 733b8f7636f..80198990ed1 100644 --- a/nixpkgs/nixos/modules/programs/ssh.nix +++ b/nixpkgs/nixos/modules/programs/ssh.nix @@ -115,6 +115,16 @@ in ''; }; + agentPKCS11Whitelist = mkOption { + type = types.nullOr types.str; + default = null; + example = "\${pkgs.opensc}/lib/opensc-pkcs11.so"; + description = '' + A pattern-list of acceptable paths for PKCS#11 shared libraries + that may be used with the -s option to ssh-add. + ''; + }; + package = mkOption { type = types.package; default = pkgs.openssh; @@ -241,6 +251,7 @@ in ExecStart = "${cfg.package}/bin/ssh-agent " + optionalString (cfg.agentTimeout != null) ("-t ${cfg.agentTimeout} ") + + optionalString (cfg.agentPKCS11Whitelist != null) ("-P ${cfg.agentPKCS11Whitelist} ") + "-a %t/ssh-agent"; StandardOutput = "null"; Type = "forking"; |