GNU bug report logs - #26548
[PATCH] install: Enable SSH in installation image.

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Mon, 17 Apr 2017 21:31:01 UTC

Severity: normal

Tags: patch

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

Message #17 received at 26548 <at> debbugs.gnu.org (full text, mbox):

From: Marius Bakke <mbakke <at> fastmail.com>
To: ng0 <contact.ng0 <at> cryptolab.net>
Cc: 26548 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name>
Subject: Re: bug#26548: [PATCH] install: Enable SSH in installation image.
Date: Tue, 18 Apr 2017 01:01:21 +0200

[Message part 1 (text/plain, inline)]
ng0 <contact.ng0 <at> cryptolab.net> writes:

> Marius Bakke transcribed 1.5K bytes:
>> Leo Famulari <leo <at> famulari.name> writes:
>> 
>> > On Mon, Apr 17, 2017 at 11:30:30PM +0200, Marius Bakke wrote:
>> >> Hi Guix! This patch adds an SSH server to the installation image
>> >> to aid remote installations as requested in
>> >> https://lists.gnu.org/archive/html/help-guix/2017-01/msg00047.html
>> >> 
>> >> lsh-service depends on networking, so I pulled in a DHCP client too.
>> >> It increases the image size by about 29MiB.
>> >> 
>> >> * gnu/system/install.scm (%installation-services): Add DHCP-CLIENT-SERVICE
>> >> and LSH-SERVICE.
>> >
>> > I wonder, did you consider using OpenSSH instead? Are there any
>> > advantages to using lsh here?
>> 
>> I chose lsh mostly because I thought the GNU live image should use the
>> GNU ssh implementation. For the intended usage (logging in once with a
>> password to complete the installation), there is no difference to the
>> end user. No strong opinion though :-)
>
>
> Uhm, didn't we choose to default to OpenSSH in the config? Why should the installation
> image differ?
>
> There were good reasons against lsh mentioned in the thread.

The only argument I can see is that ~/.ssh/authorized_keys is not
working out of the box. Which is not a huge problem in the ephemeral
live image since most users will just set a password and use that,
instad of copying over or typing out their public key first.

But, I don't have a strong opinion on this and will leave the decision
to those who will ultimately sign this thing and offer to end users (if
networking support is desired at all) :-)

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 8 years and 66 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.