summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/machine/ssh.scm7
-rw-r--r--guix/ssh.scm5
2 files changed, 8 insertions, 4 deletions
diff --git a/gnu/machine/ssh.scm b/gnu/machine/ssh.scm
index ac3aa3e370..aafe0ccf41 100644
--- a/gnu/machine/ssh.scm
+++ b/gnu/machine/ssh.scm
@@ -126,7 +126,9 @@ an environment type of 'managed-host."
                  #:build-locally?
                  (machine-ssh-configuration-build-locally? config)
                  #:system
-                 (machine-ssh-configuration-system config))))
+                 (machine-ssh-configuration-system config)
+                 #:become-command
+                 (machine-become-command machine))))
 
 
 ;;;
@@ -377,7 +379,8 @@ have you run 'guix archive --generate-key?'")
                                     (lambda (port)
                                       (string->canonical-sexp
                                        (get-string-all port))))
-                                  (machine-ssh-session machine)))
+                                  (machine-ssh-session machine)
+                                  (machine-become-command machine)))
   (mlet %store-monad ((_ (check-deployment-sanity machine))
                       (boot-parameters (machine-boot-parameters machine)))
     (let* ((os (machine-operating-system machine))
diff --git a/guix/ssh.scm b/guix/ssh.scm
index 24834c6f68..7bc499a2fe 100644
--- a/guix/ssh.scm
+++ b/guix/ssh.scm
@@ -302,7 +302,7 @@ the machine on the other end of SESSION."
   (inferior-remote-eval '(begin (use-modules (guix utils)) (%current-system))
                         session))
 
-(define (remote-authorize-signing-key key session)
+(define* (remote-authorize-signing-key key session #:optional become-command)
   "Send KEY, a canonical sexp containing a public key, over SESSION and add it
 to the system ACL file if it has not yet been authorized."
   (inferior-remote-eval
@@ -321,7 +321,8 @@ to the system ACL file if it has not yet been authorized."
           (mkdir-p (dirname %acl-file))
           (with-atomic-file-output %acl-file
             (cut write-acl acl <>)))))
-   session))
+   session
+   become-command))
 
 (define* (send-files local files remote
                      #:key