backup: Move to TPM ssh key

author Martin Pitt <martin@piware.de>

Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)

committer Martin Pitt <martin@piware.de>

Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)
author Martin Pitt <martin@piware.de>
Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)
committer Martin Pitt <martin@piware.de>
Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)
diff --git a/backup b/backup

index 79dc369ed05699cbfd160abf0fac455d5fd3210a..acee348bf5c7fb60dd88a18965eebb65bebfb02c 100755 (executable)
--- a/backup
+++ b/backup
@@ -3,7 +3,10 @@ set -eu
  cd $HOME
  LOG=.cache/backup/log
  PATH=$PATH:/sbin:/usr/sbin
-RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piware.de:backup/restic"
+#RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piware.de:backup/restic"
+# use TPM key; requires ~/.ssh/authorized_keys with
+# command="internal-sftp -d backup/restic",restrict KEY tpm-backup@abakus
+RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piwaretpmbackup:"
  
  fail() {
      notify-send -i /usr/share/icons/Adwaita/48x48/status/network-error-symbolic.symbolic.png -u critical -t 180000 "${1:-BACKUP FAILED!}"
author	Martin Pitt <martin@piware.de>
	Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)
committer	Martin Pitt <martin@piware.de>
	Sat, 11 Oct 2025 17:47:13 +0000 (19:47 +0200)