Skip to content

Commit c047dea

Browse files
authored
Merge pull request #130 from numtide/port-fixe
fix ssh-keyscan for non-standard ssh ports
2 parents 8ab64f7 + 7c8b2dd commit c047dea

File tree

2 files changed

+12
-2
lines changed

2 files changed

+12
-2
lines changed

bors.toml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,9 @@ cut_body_after = "" # don't include text from the PR body in the merge commit me
22
status = [
33
"Evaluate flake.nix",
44
"check from-nixos [x86_64-linux]",
5+
"check from-nixos-2211 [x86_64-linux]",
56
"check from-nixos-with-sudo [x86_64-linux]",
7+
"check from-nixos-with-sudo-2211 [x86_64-linux]",
68
"check treefmt [x86_64-linux]",
79
"deploy",
810
"devShell default [x86_64-linux]",

src/nixos-anywhere.sh

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -221,6 +221,10 @@ if [[ -n ${ssh_private_key_file-} ]]; then
221221
ssh_copy_id_args+=(-f)
222222
fi
223223

224+
ssh_settings=$(ssh -G "${ssh_connection}")
225+
ssh_host=$(echo "$ssh_settings" | awk '/^host / { print $2 }')
226+
ssh_port=$(echo "$ssh_settings" | awk '/^port / { print $2 }')
227+
224228
step Uploading install SSH keys
225229
until
226230
ssh-copy-id \
@@ -318,7 +322,7 @@ SSH
318322
while timeout_ssh_ -- exit 0; do sleep 1; done
319323

320324
# After kexec we explicitly set the user to root@
321-
ssh_connection="root@${ssh_connection#*@}"
325+
ssh_connection="root@${ssh_host}"
322326

323327
# watiting for machine to become available again
324328
until ssh_ -o ConnectTimeout=10 -- exit 0; do sleep 5; done
@@ -328,7 +332,11 @@ for path in "${!disk_encryption_keys[@]}"; do
328332
ssh_ "umask 077; cat > $path" <"${disk_encryption_keys[$path]}"
329333
done
330334

331-
pubkey=$(ssh-keyscan -t ed25519 "${ssh_connection//*@/}" 2>/dev/null | sed -e 's/^[^ ]* //' | base64 -w0)
335+
pubkey=$(ssh-keyscan -p "$ssh_port" -t ed25519 "$ssh_host" 2>/dev/null || {
336+
echo "ERROR: failed to retrieve host public key for ${ssh_connection}"
337+
exit 1
338+
})
339+
pubkey=$(echo "$pubkey" | sed -e 's/^[^ ]* //' | base64 -w0)
332340

333341
if [[ -z ${disko_script-} ]] && [[ ${build_on_remote-n} == "y" ]]; then
334342
step Building disko script

0 commit comments

Comments
 (0)