Hi everyone. I am trying to copy a big derivation from one of my machines, but get a complaint:
nix copy --from ssh-ng://$(tailscale ip -4 vno1-oh2)?trusted=true /nix/store/dgr3f918x09nblmvmfm66794p0qsfysc-qgis-ltr-unwrapped-3.34.7.drv^* |& nom
copying 1 paths...
copying path '/nix/store/l2cwymkz5hh4987b2gzhm2qwp417mhln-qgis-ltr-unwrapped-3.34.7' from 'ssh-ng://100.89.176.4'...
error: cannot add path '/nix/store/l2cwymkz5hh4987b2gzhm2qwp417mhln-qgis-ltr-unwrapped-3.34.7' because it lacks a signature by a trusted key
- I am happy to add the trusted key of the machine to
nix.conf
– but how do I figure out the trusted key? - How come
?trusted=true
does not work? ssh-ng options seem to imply?trusted=true
should work, but alas. - Also tried
nix copy --no-require-sigs
, no avail. - I tried adding the SSH pubkey to trusted keys (
trusted-public-keys = ip:pubkey
), also no avail.
How can I make my machine trust my other machine?