GNU bug report logs - #26548
[PATCH] install: Enable SSH in installation image.

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Mon, 17 Apr 2017 21:31:01 UTC

Severity: normal

Tags: patch

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: ng0 <contact.ng0 <at> cryptolab.net>
To: Marius Bakke <mbakke <at> fastmail.com>
Cc: ng0 <contact.ng0 <at> cryptolab.net>, 26548 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name>
Subject: bug#26548: [PATCH] install: Enable SSH in installation image.
Date: Tue, 18 Apr 2017 11:06:28 +0000

Marius Bakke transcribed 2.2K bytes:
> ng0 <contact.ng0 <at> cryptolab.net> writes:
> 
> > Marius Bakke transcribed 1.5K bytes:
> >> Leo Famulari <leo <at> famulari.name> writes:
> >> 
> >> > On Mon, Apr 17, 2017 at 11:30:30PM +0200, Marius Bakke wrote:
> >> >> Hi Guix! This patch adds an SSH server to the installation image
> >> >> to aid remote installations as requested in
> >> >> https://lists.gnu.org/archive/html/help-guix/2017-01/msg00047.html
> >> >> 
> >> >> lsh-service depends on networking, so I pulled in a DHCP client too.
> >> >> It increases the image size by about 29MiB.
> >> >> 
> >> >> * gnu/system/install.scm (%installation-services): Add DHCP-CLIENT-SERVICE
> >> >> and LSH-SERVICE.
> >> >
> >> > I wonder, did you consider using OpenSSH instead? Are there any
> >> > advantages to using lsh here?
> >> 
> >> I chose lsh mostly because I thought the GNU live image should use the
> >> GNU ssh implementation. For the intended usage (logging in once with a
> >> password to complete the installation), there is no difference to the
> >> end user. No strong opinion though :-)
> >
> >
> > Uhm, didn't we choose to default to OpenSSH in the config? Why should the installation
> > image differ?
> >
> > There were good reasons against lsh mentioned in the thread.
> 
> The only argument I can see is that ~/.ssh/authorized_keys is not
> working out of the box. Which is not a huge problem in the ephemeral
> live image since most users will just set a password and use that,
> instad of copying over or typing out their public key first.
> 
> But, I don't have a strong opinion on this and will leave the decision
> to those who will ultimately sign this thing and offer to end users (if
> networking support is desired at all) :-)

Another point: With OpenSSH you can copy a file over with scp, for example
a system config, without too much work and reading.
With lsh... "it is complicated".

-- 
PGP and more: https://people.pragmatique.xyz/ng0/
This bug report was last modified 8 years and 66 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.