I’m trying to use agenix to manage encrypted secrets on my NixOS machine. I’m starting with my git signing key; I told agenix in my secrets.nix
that I only wanted to sign this secret with both the system’s and user’s ed2115 SSH keys. Why is it that agenix -e git_signing_key.age
asks me for my RSA key password?
Sounds like something that shouldn’t happen. You mean something like this?
A full example would be helpful.
1 Like
Exactly like that. I will have a concrete example soon
Concrete example that fails with the same error
secrets/secrets.nix
let
rocky = "ssh-ed25519";
elaine = "ssh-ed25519";
in
{
"secret1.age".publicKeys = [ rocky elaine ];
}
And the actual secret could be anything
Time to take it to GitHub?
Unfortunately, I cannot reproduce this. Maybe opening an upstream issue with detailed instructions about your setup and the steps you executed is the best way forward.
cc @ryantm