GNU bug report logs -
#27837
[PATCH 0/1] SSH service supports the definition of authorized keys
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Wed, 26 Jul 2017 13:12:02 UTC
Severity: normal
Tags: patch
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Hello!
This patch adds an 'authorized-keys' field to 'openssh-configuration',
which allows users to define per-user authorized keys.
There are some shenanigans due to the fact that 'sshd' ignores
authorized key files that are more than owner-writable, or that have a
parent directory that is more than owner-writable. Since /gnu/store is
group-writable (for "guixbuild"), we have to copy the authorized-key
directory to /etc/ssh and set the right permissions there.
Eventually, I'd like to make 'openssh-service-type' extensible with more
authorized keys, which we can use to implement things like the
"sysadmin" API we have for the build farm.
Thoughts?
Thanks,
Ludo'.
Ludovic Courtès (1):
services: openssh: Add 'authorized-keys' field.
doc/guix.texi | 24 +++++++++++++--
gnu/services/ssh.scm | 86 +++++++++++++++++++++++++++++++++++++++++-----------
2 files changed, 91 insertions(+), 19 deletions(-)
--
2.13.3
This bug report was last modified 7 years and 301 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.