Add sas RSA key

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

hosts/elara/configs/git/default.nix

@@ -9,9 +9,9 @@ let
   selfPkgs = inputs.self.packages.${system};
 in
 {
-  sops.secrets."ssh/sas/key" = {
+  sops.secrets."ssh/sas/ed25519/key" = {
     sopsFile = ../../../../secrets/sas/secrets.yaml;
-    key = "ssh/key";
+    key = "ssh/ed25519/key";
     path = "/root/.ssh/ssh_sas_ed25519_key";
   };
 

hosts/elara/users/nikara/configs/console/git/default.nix

@@ -84,6 +84,13 @@ in
             port = 29418;
             identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
           };
+
+          "artifactlfs.unx.sas.com" = {
+            hostname = "artifactlfs.unx.sas.com";
+            user = "nikara";
+            port = 1339;
+            identityFile = "${home}/.ssh/ssh_sas_rsa_key";
+          };
         };
 
         userKnownHostsFiles =
@@ -93,6 +100,7 @@ in
             ++ lib.lists.optionals config.sas.build.private [
               ssh-known-hosts-sas-gitlab
               ssh-known-hosts-sas-gerrit
+              ssh-known-hosts-sas-artifact
             ]
           );
       };

hosts/elara/users/nikara/configs/console/ssh/default.nix

@@ -27,15 +27,26 @@ in
         key = "ssh/pass";
       };
 
-      "ssh/sas/key" = {
+      "ssh/sas/ed25519/key" = {
         sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
-        key = "ssh/key";
+        key = "ssh/ed25519/key";
         path = "${home}/.ssh/ssh_sas_ed25519_key";
       };
 
-      "ssh/sas/pass" = {
+      "ssh/sas/ed25519/pass" = {
         sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
-        key = "ssh/pass";
+        key = "ssh/ed25519/pass";
+      };
+
+      "ssh/sas/rsa/key" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/rsa/key";
+        path = "${home}/.ssh/ssh_sas_rsa_key";
+      };
+
+      "ssh/sas/rsa/pass" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/rsa/pass";
       };
     };
 
@@ -56,7 +67,8 @@ in
 
       clipbook.bookmarks = {
         "Personal SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/personal/pass".path;
-        "SAS SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/pass".path;
+        "SAS SSH ED25519 Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/ed25519/pass".path;
+        "SAS SSH RSA Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/rsa/pass".path;
       };
     };
   };

packages/default.nix

@@ -30,6 +30,9 @@
   ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs inputs system; };
 
   # SAS
+  ssh-known-hosts-sas-artifact = import ./ssh/known-hosts/sas/artifact {
+    inherit pkgs inputs system;
+  };
   ssh-known-hosts-sas-cldlgn = import ./ssh/known-hosts/sas/cldlgn { inherit pkgs inputs system; };
   ssh-known-hosts-sas-gerrit = import ./ssh/known-hosts/sas/gerrit { inherit pkgs inputs system; };
   ssh-known-hosts-sas-gitlab = import ./ssh/known-hosts/sas/gitlab { inherit pkgs inputs system; };

packages/ssh/known-hosts/sas/artifact/default.nix

@@ -0,0 +1,23 @@
+{
+  pkgs,
+  inputs,
+  system,
+  ...
+}:
+# AUTO-UPDATE: echo "Warning: Package using custom fetcher cannot be automatically updated." >&2
+pkgs.stdenv.mkDerivation rec {
+  pname = "ssh-known-hosts-sas-artifact";
+  version = "0-unstable-2025-03-14";
+
+  src = inputs.self.lib.${system}.fetchers.sshKnownHosts {
+    host = "artifactlfs.unx.sas.com";
+    port = 1339;
+    hash = "sha256-r3RaTj1GClvD0NwMwgNyfLYNBBjtGFu72CqB1L7f6wQ=";
+  };
+
+  phases = [ "installPhase" ];
+
+  installPhase = ''
+    cp $src $out
+  '';
+}