From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: The openssh service does not allow multiple authorized key files per user
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 16:17:02 +0000
Resent-Message-ID: <handler.51487.B.16355241781380@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
X-Debbugs-Original-To: bug-guix@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.16355241781380
          (code B ref -1); Fri, 29 Oct 2021 16:17:02 +0000
Received: (at submit) by debbugs.gnu.org; 29 Oct 2021 16:16:18 +0000
Received: from localhost ([127.0.0.1]:55690 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgUYE-0000MC-DY
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:16:18 -0400
Received: from lists.gnu.org ([209.51.188.17]:35592)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgUY6-0000Lz-RB
 for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:16:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:42272)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <vivien@planete-kraus.eu>)
 id 1mgUY6-0005P1-G3
 for bug-guix@gnu.org; Fri, 29 Oct 2021 12:16:10 -0400
Received: from planete-kraus.eu ([2a00:5881:4008:2810::309]:49724)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <vivien@planete-kraus.eu>)
 id 1mgUXz-0005ol-P4
 for bug-guix@gnu.org; Fri, 29 Oct 2021 12:16:10 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 7b7b0aa1
 for <bug-guix@gnu.org>; Fri, 29 Oct 2021 16:15:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=from
 :to:subject:date:message-id:mime-version:content-type; s=dkim;
 bh=1qGxPc6kQpRdYd63imAgUYG5mSE=; b=TSUlP0FT1YgW5HXP9kiRVDGAPVWf
 x3c1lKVhzUY+nLsnHvk5QbUuJfnEHKAHU+6qVSArSb1vEnR5wbiisolztctBSgcH
 Zo/WvaZLuUml8IdmHRKsx6TA9TmgIVxqzURckaVk/6Zhz/zdCErIQS14qq9sdRvV
 K2MCErCgPXsqkVg=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id dfe6dd87
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); 
 Fri, 29 Oct 2021 16:15:54 +0000 (UTC)
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:15:54 +0200
Message-ID: <87fssjvmbp.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
Received-SPF: pass client-ip=2a00:5881:4008:2810::309;
 envelope-from=vivien@planete-kraus.eu; helo=planete-kraus.eu
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

--=-=-=
Content-Type: text/plain


Dear guix,

The openssh service is configured with a list of authorized keys, as a
list of items, where each item is a list of 2 values, the user name (as
a string) and the public key file (a file-like object). The service can
be extended with new keys.

To have multiple keys per user, we can put them on the same file-like
object, each on its own line. However, if we put two different records,
only the last one is remembered.

This is a problem if we want to extend the service for users that
already have a key. As I am trying to create a service that would
convert GPG keys to SSH keys, I am in this exact situation: the users
may have already defined SSH keys, and I want to add some more without
losing the others.

Best regards,

Vivien

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEq4yIHjMvkliPpwQnO7C8EjLYuCwFAmF8HjoACgkQO7C8EjLY
uCxCIQv+NcyLkPpKJGrBT2ibgR1DkOO0sOad46VtBCgu8rCwmU+A5na6X4/k6cW/
IQniJhaaVv9BorI269rYch7vCQC5V4Vy0gCxrMhA4bWzHgTjB7J7Rz4oVB3XpvmS
Fe5an8kgr/hxMruanWGBRVCcbxPhjeervhcnYiicz2g6OWnq0CfhLv0i0rn6gpeY
/PRIlj4ehaL3UUIApAr+M9rzRNa4cg7jk2NXPbpfcx9YdYLOCFXT7qR0XXBFkSFj
LTaU0+Ex0Zxa5OFCW8eoqK5j8YfaL+UNGK7JayVuwJNL9FhEJclvO1inyCCb1p3R
ckgKnbhyQMg/MI2tL8FnXNh8jw99p2pvzMJ0VGnYhjOoiLruy8Tk6tdj5OkcY3Yb
BcKtBW3fDBV2Y9fXJZUK+DFwRgHo618zwe5QqNRpDvnfYNqXvAoteR7I0AoAgWMt
8a0pNMHFaT/cj3+qlOg9luveRyh+Amw9qMdO1Et1JJ+99SkEG5/OjDPPsD9qbYhs
irRrjAEb
=O9Al
-----END PGP SIGNATURE-----
--=-=-=--




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: Acknowledgement (The openssh service does not allow multiple authorized key files per user)
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 16:45:02 +0000
Resent-Message-ID: <handler.51487.B51487.16355258664582@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.16355258664582
          (code B ref 51487); Fri, 29 Oct 2021 16:45:02 +0000
Received: (at 51487) by debbugs.gnu.org; 29 Oct 2021 16:44:26 +0000
Received: from localhost ([127.0.0.1]:55737 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgUzR-0001Bq-Uf
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:44:26 -0400
Received: from planete-kraus.eu ([89.234.140.182]:36444)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgUzP-0001Bg-TR
 for 51487@debbugs.gnu.org; Fri, 29 Oct 2021 12:44:24 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id be5470f7
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:44:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 references:from:to:subject:date:in-reply-to:message-id
 :mime-version:content-type; s=dkim; bh=LgTGOEJfQ9FLRc3V08rBz2WCa
 CU=; b=RH2zOqCBklzLAoBzqTDn/3XHoBq69oCNf/YlEoqbIiZXbHA8/iy93K38c
 SpLWYELS58o9WzQpUZxEOth57AGF5xRD+V3VwW2/Cqb3vk4cDYi0+WuT9Yi56Kb1
 GAZn2P7NkpipiOhQ17TpZ3joWdTu+gUdwSydxft906SaoOEIaM=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 54f7ccab
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO)
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:44:19 +0000 (UTC)
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
User-agent: mu4e 1.6.6; emacs 27.2
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:39:11 +0200
In-reply-to: <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
Message-ID: <87bl37vl0d.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain


I have a patch, what do you think?

I tested it by building an operating system of the form:

(operating-system
  ...
  (services
   (append
       (list
        (service openssh-service-type
                 (openssh-configuration
                  (authorized-keys
                   `(("root" ,(plain-file "first-key" "ssh-rsa ..."))
                     ("root" ,(plain-file "second-key" "ssh-rsa ..."))))))))))

I caught the derivation to build the authorized-keys directory, and root
had 2 keys. Without the patch, root had only 1 key.

Vivien


--=-=-=
Content-Type: message/external-body;
 name="~/Projets/guix/0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch";
 access-type=local-file

Content-Type: text/x-patch
Content-ID: <87a6irvl0d.fsf@planete-kraus.eu>
Content-Transfer-Encoding: binary



--=-=-=--

--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEq4yIHjMvkliPpwQnO7C8EjLYuCwFAmF8JOIACgkQO7C8EjLY
uCyI3QwAmU2y8iJYOfVR0ZgHbmX/rdeIbpWHtM6TFY3oH508SdQyoCwQDJxymQVE
SqG6xi2DcEBOZEYULGDA0EAfjnz37BHMTNWlOyuZ4jLcxJONCqEJeHz5nX40vV9x
1uWgxQ+ReTSloCjxxLbGH4aeCmFHPB4vvTqPuR3cZS6APTID+iKkju84FgIRr6Vl
3IKs8hxHr7ykBG88Q9OMnplDJcBjZwOg2rAF60+3XkUJxJsR616wTuW57rXAnQr8
MXxdjCGjQjWjv3scsmYx0sp0+ZT25JGCR5ymgkHNS6bw1v5YUHoKkOmXMB5A6b+N
Snjp9Qy4A8TIeZrk1XGq+f53/el12A2Vtq2Q8dJWZQO3IeZprs6GoSCDfmW2LwM1
6/yzbHYhQXAeWryZbvfk540cYcMHPbQQALe6hFrOJDQCIz56nq03UBrnWHCEVvZy
DmlnnNwLc/GuYAgASwiOfBjLxLkuf6XoZsCwcO4uHuEyUylSrPdi+ivepwP9bF3t
GcnzbUMO
=Q06M
-----END PGP SIGNATURE-----
--==-=-=--




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: Acknowledgement (The openssh service does not allow multiple authorized key files per user)
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 16:47:02 +0000
Resent-Message-ID: <handler.51487.B51487.16355260164897@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.16355260164897
          (code B ref 51487); Fri, 29 Oct 2021 16:47:02 +0000
Received: (at 51487) by debbugs.gnu.org; 29 Oct 2021 16:46:56 +0000
Received: from localhost ([127.0.0.1]:55741 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgV1s-0001Gu-As
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:46:56 -0400
Received: from planete-kraus.eu ([89.234.140.182]:36446)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgV1q-0001Gl-OQ
 for 51487@debbugs.gnu.org; Fri, 29 Oct 2021 12:46:55 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id ffc2402b
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:46:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 references:from:to:subject:date:in-reply-to:message-id
 :mime-version:content-type; s=dkim; bh=0D3SLlmNBfDwKPhjEy1XhKNWK
 DE=; b=CxZhMxxazv6IHlA/6Y+2gDhg5KK4sSeKfcnDHQX8BUWcC167kXu3CVUdd
 ELEoQX35ZDYHgh3znGOdy2bKmiHmfDm/9jTOmAsZL2Ea7dKgfvlChxx9KFI04LJ5
 DgeC9UWEWteu0m2XGHE1kiY1/QgQWw8XxlLoz0AZh7Qvz2WlT0=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 2e43fa89
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO)
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:46:51 +0000 (UTC)
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <87bl37vl0d.fsf@planete-kraus.eu>
User-agent: mu4e 1.6.6; emacs 27.2
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:45:48 +0200
In-reply-to: <87bl37vl0d.fsf@planete-kraus.eu>
Message-ID: <875ytfvkw4.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Vivien Kraus <vivien@planete-kraus.eu> writes:
> I have a patch, what do you think?
>
> I tested it by building an operating system of the form:
>
> (operating-system
>   ...
>   (services
>    (append
>        (list
>         (service openssh-service-type
>                  (openssh-configuration
>                   (authorized-keys
>                    `(("root" ,(plain-file "first-key" "ssh-rsa ..."))
>                      ("root" ,(plain-file "second-key" "ssh-rsa ...")))))=
)))))
>
> I caught the derivation to build the authorized-keys directory, and root
> had 2 keys. Without the patch, root had only 1 key.

The patch wasn=E2=80=99t formatted correctly, sorry.


--=-=-=
Content-Type: message/external-body;
 name="~/Projets/guix/0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch";
 access-type=local-file

Content-Type: text/x-patch
Content-ID: <874k8zvkw4.fsf@planete-kraus.eu>
Content-Transfer-Encoding: binary



--=-=-=
Content-Type: text/plain


>
> Vivien

--=-=-=--




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: Acknowledgement (The openssh service does not allow multiple authorized key files per user)
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 16:53:02 +0000
Resent-Message-ID: <handler.51487.B51487.16355263275747@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.16355263275747
          (code B ref 51487); Fri, 29 Oct 2021 16:53:02 +0000
Received: (at 51487) by debbugs.gnu.org; 29 Oct 2021 16:52:07 +0000
Received: from localhost ([127.0.0.1]:55763 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgV6s-0001UR-W1
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:52:07 -0400
Received: from planete-kraus.eu ([89.234.140.182]:36448)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgV6l-0001Tb-Td
 for 51487@debbugs.gnu.org; Fri, 29 Oct 2021 12:52:01 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 75297502
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:51:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 message-id:subject:from:to:date:in-reply-to:references
 :content-type:mime-version; s=dkim; bh=NbL703PHgNbl8sczBm9FggfSb
 p4=; b=IPlNwZKNkKpuUURhFxIK3rgDIXH+XYpY4TRxlRLyyHxt2IKLsA6a5yUtB
 f8ECueFhsuaXloFNff7hPxa4EzRCq750JFoGTunT/2ueU4wxgrSiArztbbzYGEto
 a6gQ+xyZvRiTSNvEQA18aRGiSdbwTzVNdxTxnqLNACE5ssT/x8=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 422bffe4
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO)
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 16:51:54 +0000 (UTC)
Message-ID: <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:51:54 +0200
In-Reply-To: <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
Content-Type: multipart/mixed; boundary="=-a1SvPpCUwBhAJDpuIhTw"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-a1SvPpCUwBhAJDpuIhTw
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit

The patch does not seem to get formatted correctly, sorry. Hopefully,
this should work.

Vivien

--=-a1SvPpCUwBhAJDpuIhTw
Content-Disposition: attachment;
	filename="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch"
Content-Transfer-Encoding: base64
Content-Type: text/x-patch;
	name="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch";
	charset="UTF-8"

RnJvbSA4ZGNmMWE5MmNiNmViYmM1MzcwMjlmODhkNWM3MTk3Y2JmNDk1OWFhIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBWaXZpZW4gS3JhdXMgPHZpdmllbkBwbGFuZXRlLWtyYXVzLmV1
PgpEYXRlOiBGcmksIDI5IE9jdCAyMDIxIDE4OjI1OjI0ICswMjAwClN1YmplY3Q6IFtQQVRDSF0g
Z251OiBvcGVuc3NoLXNlcnZpY2U6IENvbGxlY3QgYWxsIGtleXMgZm9yIGFsbCB1c2Vycy4KCiog
Z251L3NlcnZpY2VzL3NzaC5zY206IChhdXRob3JpemVkLWtleS1kaXJlY3RvcnkpW2J1aWxkXTog
ZW5zdXJlIHRoYXQgbm8ga2V5IGlzIGZvcmdvdHRlbi4KLS0tCiBnbnUvc2VydmljZXMvc3NoLnNj
bSB8IDI4ICsrKysrKysrKysrKysrKysrLS0tLS0tLS0tLS0KIDEgZmlsZSBjaGFuZ2VkLCAxNyBp
bnNlcnRpb25zKCspLCAxMSBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS9nbnUvc2VydmljZXMv
c3NoLnNjbSBiL2dudS9zZXJ2aWNlcy9zc2guc2NtCmluZGV4IGEwMTgwNTJlZWIuLjExOGRmZGJl
ZjggMTAwNjQ0Ci0tLSBhL2dudS9zZXJ2aWNlcy9zc2guc2NtCisrKyBiL2dudS9zZXJ2aWNlcy9z
c2guc2NtCkBAIC00MTUsMTcgKzQxNSwyMyBAQCAoZGVmaW5lIGJ1aWxkCiAgICAgICAgICAgICAg
ICAgICAgICAgIChndWl4IGJ1aWxkIHV0aWxzKSkKIAogICAgICAgICAgIChta2RpciAjJG91dHB1
dCkKLSAgICAgICAgICAoZm9yLWVhY2ggKG1hdGNoLWxhbWJkYQotICAgICAgICAgICAgICAgICAg
ICAgICgodXNlciBrZXlzIC4uLikKLSAgICAgICAgICAgICAgICAgICAgICAgKGxldCAoKGZpbGUg
KHN0cmluZy1hcHBlbmQgIyRvdXRwdXQgIi8iIHVzZXIpKSkKLSAgICAgICAgICAgICAgICAgICAg
ICAgICAoY2FsbC13aXRoLW91dHB1dC1maWxlIGZpbGUKLSAgICAgICAgICAgICAgICAgICAgICAg
ICAgIChsYW1iZGEgKHBvcnQpCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgIChmb3ItZWFj
aCAobGFtYmRhIChrZXkpCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
IChjYWxsLXdpdGgtaW5wdXQtZmlsZSBrZXkKLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAoY3V0IGR1bXAtcG9ydCA8PiBwb3J0KSkpCi0gICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICBrZXlzKSkpKSkpCi0gICAgICAgICAgICAgICAgICAgICcj
JGtleXMpKSkpCi0KKyAgICAgICAgICAobGV0ICgoYnktdXNlciAobWFrZS1oYXNoLXRhYmxlKSkp
CisgICAgICAgICAgICAoZm9yLWVhY2gKKyAgICAgICAgICAgICAobWF0Y2gtbGFtYmRhCisgICAg
ICAgICAgICAgICAoKHVzZXIga2V5cyAuLi4pCisgICAgICAgICAgICAgICAgKGhhc2gtc2V0ISBi
eS11c2VyIHVzZXIgKGFwcGVuZCAoaGFzaC1yZWYgYnktdXNlciB1c2VyICcoKSkga2V5cykpKSkK
KyAgICAgICAgICAgICAnIyRrZXlzKQorICAgICAgICAgICAgKGhhc2gtZm9yLWVhY2gKKyAgICAg
ICAgICAgICAobWF0Y2gtbGFtYmRhKgorICAgICAgICAgICAgICAgKCh1c2VyIGtleXMpCisgICAg
ICAgICAgICAgICAgKGxldCAoKGZpbGUgKHN0cmluZy1hcHBlbmQgIyRvdXRwdXQgIi8iIHVzZXIp
KSkKKyAgICAgICAgICAgICAgICAgIChjYWxsLXdpdGgtb3V0cHV0LWZpbGUgZmlsZQorICAgICAg
ICAgICAgICAgICAgICAobGFtYmRhIChwb3J0KQorICAgICAgICAgICAgICAgICAgICAgIChmb3It
ZWFjaCAobGFtYmRhIChrZXkpCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKGNh
bGwtd2l0aC1pbnB1dC1maWxlIGtleQorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgKGN1dCBkdW1wLXBvcnQgPD4gcG9ydCkpKQorICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICBrZXlzKSkpKSkpCisgICAgICAgICAgICAgYnktdXNlcikpKSkpCiAgIChjb21wdXRlZC1m
aWxlICJvcGVuc3NoLWF1dGhvcml6ZWQta2V5cyIgYnVpbGQpKQogCiAoZGVmaW5lIChvcGVuc3No
LWNvbmZpZy1maWxlIGNvbmZpZykKLS0gCjIuMzMuMQoK


--=-a1SvPpCUwBhAJDpuIhTw--





From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: Acknowledgement (The openssh service does not allow multiple authorized key files per user)
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 21:23:02 +0000
Resent-Message-ID: <handler.51487.B51487.163554258122313@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.163554258122313
          (code B ref 51487); Fri, 29 Oct 2021 21:23:02 +0000
Received: (at 51487) by debbugs.gnu.org; 29 Oct 2021 21:23:01 +0000
Received: from localhost ([127.0.0.1]:56099 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgZL3-0005no-0x
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 17:23:01 -0400
Received: from planete-kraus.eu ([89.234.140.182]:36450)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgZKy-0005na-Bv
 for 51487@debbugs.gnu.org; Fri, 29 Oct 2021 17:22:59 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 6109be82
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 21:22:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 message-id:subject:from:to:date:in-reply-to:references
 :content-type:mime-version; s=dkim; bh=Pan6wr/kkiwLd36FwTuVJzr8l
 Wc=; b=Vb6dQjsMsdgOgX1eVk4Tv8JXFKuFugbDxM4s4ZcLn4VM1qI63bTwzq9lp
 riFRg2Pmz/DHKXP43HVa0Pz/mjVqRRuMfK9YBHNvK/6mdF1Gqea2RndSiNauCG/h
 nSQskF++fY+huDZ9UpX2mSjCylHlm7fzLOi9W7DzdKXMmbTGS4=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id e0788ce2
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO)
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 21:22:50 +0000 (UTC)
Message-ID: <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 23:22:50 +0200
In-Reply-To: <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
Content-Type: multipart/mixed; boundary="=-ipTfOKIkhicPtav+nxT1"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-ipTfOKIkhicPtav+nxT1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit

After some discussion on #guix, this seems to be the easier way to fix
the problem:

Vivien

--=-ipTfOKIkhicPtav+nxT1
Content-Disposition: attachment;
	filename="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch"
Content-Type: text/x-patch;
	name="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch";
	charset="UTF-8"
Content-Transfer-Encoding: base64

RnJvbSBkMDI5MTc5NTU0ZmMyZjk2NTZmNzA4ZTUzMTViY2E1MjkyOGU5MjU0IE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBWaXZpZW4gS3JhdXMgPHZpdmllbkBwbGFuZXRlLWtyYXVzLmV1
PgpEYXRlOiBGcmksIDI5IE9jdCAyMDIxIDE4OjI1OjI0ICswMjAwClN1YmplY3Q6IFtQQVRDSF0g
Z251OiBvcGVuc3NoLXNlcnZpY2U6IENvbGxlY3QgYWxsIGtleXMgZm9yIGFsbCB1c2Vycy4KCiog
Z251L3NlcnZpY2VzL3NzaC5zY206IChhdXRob3JpemVkLWtleS1kaXJlY3RvcnkpW2J1aWxkXTog
ZW5zdXJlIHRoYXQgbm8ga2V5IGlzIGZvcmdvdHRlbi4KLS0tCiBnbnUvc2VydmljZXMvc3NoLnNj
bSB8IDE0ICsrKysrKysrKystLS0tCiAxIGZpbGUgY2hhbmdlZCwgMTAgaW5zZXJ0aW9ucygrKSwg
NCBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS9nbnUvc2VydmljZXMvc3NoLnNjbSBiL2dudS9z
ZXJ2aWNlcy9zc2guc2NtCmluZGV4IGEwMTgwNTJlZWIuLjEzMDllMDYyY2UgMTAwNjQ0Ci0tLSBh
L2dudS9zZXJ2aWNlcy9zc2guc2NtCisrKyBiL2dudS9zZXJ2aWNlcy9zc2guc2NtCkBAIC01MzIs
MTAgKzUzMiwxNiBAQCAoZGVmaW5lIChvcGVuc3NoLXBhbS1zZXJ2aWNlcyBjb25maWcpCiAKIChk
ZWZpbmUgKGV4dGVuZC1vcGVuc3NoLWF1dGhvcml6ZWQta2V5cyBjb25maWcga2V5cykKICAgIkV4
dGVuZCBDT05GSUcgd2l0aCB0aGUgZXh0cmEgYXV0aG9yaXplZCBrZXlzIGxpc3RlZCBpbiBLRVlT
LiIKLSAgKG9wZW5zc2gtY29uZmlndXJhdGlvbgotICAgKGluaGVyaXQgY29uZmlnKQotICAgKGF1
dGhvcml6ZWQta2V5cwotICAgIChhcHBlbmQgKG9wZW5zc2gtYXV0aG9yaXplZC1rZXlzIGNvbmZp
Zykga2V5cykpKSkKKyAgKGxldCAoKGFsbC1rZXlzIChtYWtlLWhhc2gtdGFibGUpKSkKKyAgICAo
Zm9yLWVhY2gKKyAgICAgKG1hdGNoLWxhbWJkYQorICAgICAgICgodXNlciBrZXlzIC4uLikKKyAg
ICAgICAgKGhhc2gtc2V0ISBhbGwta2V5cyB1c2VyIChhcHBlbmQgKGhhc2gtcmVmIGFsbC1rZXlz
IHVzZXIgJygpKSBrZXlzKSkpKQorICAgICAoYXBwZW5kIChvcGVuc3NoLWF1dGhvcml6ZWQta2V5
cyBjb25maWcpIGtleXMpKQorICAgIChvcGVuc3NoLWNvbmZpZ3VyYXRpb24KKyAgICAgKGluaGVy
aXQgY29uZmlnKQorICAgICAoYXV0aG9yaXplZC1rZXlzCisgICAgICAoaGFzaC1tYXAtPmxpc3Qg
Y29ucyBhbGwta2V5cykpKSkpCiAKIChkZWZpbmUgb3BlbnNzaC1zZXJ2aWNlLXR5cGUKICAgKHNl
cnZpY2UtdHlwZSAobmFtZSAnb3BlbnNzaCkKLS0gCjIuMzMuMQoK


--=-ipTfOKIkhicPtav+nxT1--





From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: Acknowledgement (The openssh service does not allow multiple authorized key files per user)
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 29 Oct 2021 21:27:02 +0000
Resent-Message-ID: <handler.51487.B51487.163554276722710@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.163554276722710
          (code B ref 51487); Fri, 29 Oct 2021 21:27:02 +0000
Received: (at 51487) by debbugs.gnu.org; 29 Oct 2021 21:26:07 +0000
Received: from localhost ([127.0.0.1]:56113 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgZO3-0005uE-G4
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 17:26:07 -0400
Received: from planete-kraus.eu ([89.234.140.182]:36454)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgZO1-0005u4-Q5
 for 51487@debbugs.gnu.org; Fri, 29 Oct 2021 17:26:06 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 01b7ec5f
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 21:26:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 message-id:subject:from:to:date:in-reply-to:references
 :content-type:mime-version; s=dkim; bh=x0NMkKEzc8xSwg6hHgMmyPEdG
 TQ=; b=COW4FcXdLfmqmxy7WAi5sgV5DYkCr3isWGdGSF1yXZyp/LqTvTRovx4Qv
 hm8esF4xwgpnsdiRFEQYgjz5XCdddebpIfLBzM6iIpRsMar4no7baSLuR3tQ+VLL
 t9/eEVZAAWNpbuZOopoUwPl23fGx6FWhVQc/Em8vkN4sLY4vpI=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id a858f93f
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO)
 for <51487@debbugs.gnu.org>; Fri, 29 Oct 2021 21:26:02 +0000 (UTC)
Message-ID: <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 23:26:02 +0200
In-Reply-To: <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
Content-Type: multipart/mixed; boundary="=-0cFPayuh4PcmqR7YuNiP"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-0cFPayuh4PcmqR7YuNiP
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit

Le vendredi 29 octobre 2021 à 23:22 +0200, Vivien Kraus a écrit :
> After some discussion on #guix, this seems to be the easier way to
> fix
> the problem:
Sorry, I forgot to update the commit message.

Vivien

--=-0cFPayuh4PcmqR7YuNiP
Content-Disposition: attachment;
	filename="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch"
Content-Transfer-Encoding: base64
Content-Type: text/x-patch;
	name="0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch";
	charset="UTF-8"

RnJvbSBiMmY0NzczMGEzZDlhYTk3NzE2NzQxMTM0OTE3YzM0MDM1NGQ5YzNhIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBWaXZpZW4gS3JhdXMgPHZpdmllbkBwbGFuZXRlLWtyYXVzLmV1
PgpEYXRlOiBGcmksIDI5IE9jdCAyMDIxIDE4OjI1OjI0ICswMjAwClN1YmplY3Q6IFtQQVRDSF0g
Z251OiBvcGVuc3NoLXNlcnZpY2U6IENvbGxlY3QgYWxsIGtleXMgZm9yIGFsbCB1c2Vycy4KCiog
Z251L3NlcnZpY2VzL3NzaC5zY20gKGV4dGVuZC1vcGVuc3NoLWF1dGhvcml6ZWQta2V5cyk6IGVu
c3VyZSB0aGF0IG5vIGtleSBpcyBmb3Jnb3R0ZW4uCi0tLQogZ251L3NlcnZpY2VzL3NzaC5zY20g
fCAxNCArKysrKysrKysrLS0tLQogMSBmaWxlIGNoYW5nZWQsIDEwIGluc2VydGlvbnMoKyksIDQg
ZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvZ251L3NlcnZpY2VzL3NzaC5zY20gYi9nbnUvc2Vy
dmljZXMvc3NoLnNjbQppbmRleCBhMDE4MDUyZWViLi4xMzA5ZTA2MmNlIDEwMDY0NAotLS0gYS9n
bnUvc2VydmljZXMvc3NoLnNjbQorKysgYi9nbnUvc2VydmljZXMvc3NoLnNjbQpAQCAtNTMyLDEw
ICs1MzIsMTYgQEAgKGRlZmluZSAob3BlbnNzaC1wYW0tc2VydmljZXMgY29uZmlnKQogCiAoZGVm
aW5lIChleHRlbmQtb3BlbnNzaC1hdXRob3JpemVkLWtleXMgY29uZmlnIGtleXMpCiAgICJFeHRl
bmQgQ09ORklHIHdpdGggdGhlIGV4dHJhIGF1dGhvcml6ZWQga2V5cyBsaXN0ZWQgaW4gS0VZUy4i
Ci0gIChvcGVuc3NoLWNvbmZpZ3VyYXRpb24KLSAgIChpbmhlcml0IGNvbmZpZykKLSAgIChhdXRo
b3JpemVkLWtleXMKLSAgICAoYXBwZW5kIChvcGVuc3NoLWF1dGhvcml6ZWQta2V5cyBjb25maWcp
IGtleXMpKSkpCisgIChsZXQgKChhbGwta2V5cyAobWFrZS1oYXNoLXRhYmxlKSkpCisgICAgKGZv
ci1lYWNoCisgICAgIChtYXRjaC1sYW1iZGEKKyAgICAgICAoKHVzZXIga2V5cyAuLi4pCisgICAg
ICAgIChoYXNoLXNldCEgYWxsLWtleXMgdXNlciAoYXBwZW5kIChoYXNoLXJlZiBhbGwta2V5cyB1
c2VyICcoKSkga2V5cykpKSkKKyAgICAgKGFwcGVuZCAob3BlbnNzaC1hdXRob3JpemVkLWtleXMg
Y29uZmlnKSBrZXlzKSkKKyAgICAob3BlbnNzaC1jb25maWd1cmF0aW9uCisgICAgIChpbmhlcml0
IGNvbmZpZykKKyAgICAgKGF1dGhvcml6ZWQta2V5cworICAgICAgKGhhc2gtbWFwLT5saXN0IGNv
bnMgYWxsLWtleXMpKSkpKQogCiAoZGVmaW5lIG9wZW5zc2gtc2VydmljZS10eXBlCiAgIChzZXJ2
aWNlLXR5cGUgKG5hbWUgJ29wZW5zc2gpCi0tIAoyLjMzLjEKCg==


--=-0cFPayuh4PcmqR7YuNiP--





From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: The openssh service does not allow multiple authorized key files per user
Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Sun, 07 Nov 2021 15:05:02 +0000
Resent-Message-ID: <handler.51487.B51487.1636297494839@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Vivien Kraus <vivien@planete-kraus.eu>
Cc: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.1636297494839
          (code B ref 51487); Sun, 07 Nov 2021 15:05:02 +0000
Received: (at 51487) by debbugs.gnu.org; 7 Nov 2021 15:04:54 +0000
Received: from localhost ([127.0.0.1]:54317 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mjjj3-0000DT-Ps
	for submit@debbugs.gnu.org; Sun, 07 Nov 2021 10:04:54 -0500
Received: from eggs.gnu.org ([209.51.188.92]:40442)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1mjjj1-0000D4-U4
 for 51487@debbugs.gnu.org; Sun, 07 Nov 2021 10:04:52 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:46846)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mjjiw-0003QZ-8l; Sun, 07 Nov 2021 10:04:46 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=awU/B9g9Bq46G0gKF9AXzLwr+Q0wuiJfPfB4jiIco6U=; b=Kyq5Pm9mpd+y4Z5QTHx7
 Rx7mT9w+O1umd8yHwlhE+WLq/ORHPNB2hxdpxVGy2JD5yVW93tdNCslupLaXV3W7KUwZnPyKfJ6o8
 r4c3He7cbcG9rF4P/vauXu1x3/PfX7X66T7cu5KLQCL/ZqUM5KQDfqHlFW357eQksXE+HBPZaa6aI
 6asUmgqOzD9r5P8qt/0gZugodZ6qQuKit9OrubX9duQTsgB8DxwWVJ4ImVmWqfsoRthljHvtNi+WM
 Y8/i/qKVUpFbQ0eCfT+3LdSNTA3p7ynpCs9MpQMiKTGaN1XwbpzWJCBod+C9LSxV2W7zOe9mOyMTL
 dweSL/elyicOeg==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:55536
 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mjjiv-0003mz-VK; Sun, 07 Nov 2021 10:04:46 -0500
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
 <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
Date: Sun, 07 Nov 2021 16:04:44 +0100
In-Reply-To: <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
 (Vivien Kraus's message of "Fri, 29 Oct 2021 23:26:02 +0200")
Message-ID: <87fss8knw3.fsf_-_@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Vivien Kraus <vivien@planete-kraus.eu> skribis:

> From b2f47730a3d9aa97716741134917c340354d9c3a Mon Sep 17 00:00:00 2001
> From: Vivien Kraus <vivien@planete-kraus.eu>
> Date: Fri, 29 Oct 2021 18:25:24 +0200
> Subject: [PATCH] gnu: openssh-service: Collect all keys for all users.
>
> * gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no k=
ey is forgotten.

Good catch!

> diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
> index a018052eeb..1309e062ce 100644
> --- a/gnu/services/ssh.scm
> +++ b/gnu/services/ssh.scm
> @@ -532,10 +532,16 @@ (define (openssh-pam-services config)
>=20=20
>  (define (extend-openssh-authorized-keys config keys)
>    "Extend CONFIG with the extra authorized keys listed in KEYS."
> -  (openssh-configuration
> -   (inherit config)
> -   (authorized-keys
> -    (append (openssh-authorized-keys config) keys))))
> +  (let ((all-keys (make-hash-table)))
> +    (for-each
> +     (match-lambda
> +       ((user keys ...)
> +        (hash-set! all-keys user (append (hash-ref all-keys user '()) ke=
ys))))
> +     (append (openssh-authorized-keys config) keys))
> +    (openssh-configuration
> +     (inherit config)
> +     (authorized-keys
> +      (hash-map->list cons all-keys)))))

Could you write it in functional style using a vhash (info "(guile)
VHashes")?  You=E2=80=99ll probably need two list traversals: one to build =
the
user/key mapping, and one to compute the list of users.

Thanks in advance,
Ludo=E2=80=99.




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: The openssh service does not allow multiple authorized key files per user
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Sun, 07 Nov 2021 17:34:02 +0000
Resent-Message-ID: <handler.51487.B51487.163630642424205@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.163630642424205
          (code B ref 51487); Sun, 07 Nov 2021 17:34:02 +0000
Received: (at 51487) by debbugs.gnu.org; 7 Nov 2021 17:33:44 +0000
Received: from localhost ([127.0.0.1]:54583 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mjm36-0006IL-8D
	for submit@debbugs.gnu.org; Sun, 07 Nov 2021 12:33:44 -0500
Received: from planete-kraus.eu ([89.234.140.182]:36470)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mjm33-0006IA-98
 for 51487@debbugs.gnu.org; Sun, 07 Nov 2021 12:33:42 -0500
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id cfc80316;
 Sun, 7 Nov 2021 17:33:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 references:from:to:cc:subject:date:in-reply-to:message-id
 :mime-version:content-type; s=dkim; bh=Yi3Fw11lW03wsPX0o493oceTg
 F8=; b=AYL293tKISIaq3skSCuxFEr0+nK/VFrL26oFVHK0h1jbNngymqmUANofY
 /CbHENOeVL57sx6vUKMeh21bxkOPY1JWNHu7VrtvSfsZI/wK3dNkvkMiYosChZ2m
 e7AQRo8WV6nO/65ZC3JlO0/YvQc+Tazn6+cp1BgoqGb6iO2ibU=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 18aa5d54
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); 
 Sun, 7 Nov 2021 17:33:32 +0000 (UTC)
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
 <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
 <87fss8knw3.fsf_-_@gnu.org>
User-agent: mu4e 1.6.9; emacs 27.2
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Sun, 07 Nov 2021 18:29:30 +0100
In-reply-to: <87fss8knw3.fsf_-_@gnu.org>
Message-ID: <87lf1zc1lg.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hello,

Ludovic Court=C3=A8s <ludo@gnu.org> writes:
> Could you write it in functional style using a vhash (info "(guile)
> VHashes")?  You=E2=80=99ll probably need two list traversals: one to buil=
d the
> user/key mapping, and one to compute the list of users.

I thought that as the vhash data structure inherited the drawbacks of
vlist, it would not be worth using in place of a hash table, but you=E2=80=
=99re
saying that it=E2=80=99s still a better (more functional) data structure, n=
oted.

Here is the new patch (and I also forgot that appending short lists to
long lists was not great, so I do all the appending at the end of the
function now).


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch

>From a2c4d7cefbc71fd3d35b0b7cc2f61118bd3a29b2 Mon Sep 17 00:00:00 2001
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:25:24 +0200
Subject: [PATCH] gnu: openssh-service: Collect all keys for all users.

* gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no key is forgotten.
---
 gnu/services/ssh.scm | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index a018052eeb..6ddaf55eeb 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -39,6 +39,7 @@ (define-module (gnu services ssh)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
+  #:use-module (ice-9 vlist)
   #:export (lsh-configuration
             lsh-configuration?
             lsh-service
@@ -532,10 +533,30 @@ (define (openssh-pam-services config)
 
 (define (extend-openssh-authorized-keys config keys)
   "Extend CONFIG with the extra authorized keys listed in KEYS."
-  (openssh-configuration
-   (inherit config)
-   (authorized-keys
-    (append (openssh-authorized-keys config) keys))))
+  (let generate-keys
+      ((user-keys
+        (append (openssh-authorized-keys config) keys))
+       ;; The by-user vhash indexes a list of list of keys for each user, the
+       ;; list of list is not concatenated eagerly to avoid quadratic
+       ;; complexity.
+       (by-user (alist->vhash '())))
+    (match user-keys
+      (()
+       (openssh-configuration
+        (inherit config)
+        (authorized-keys
+         (vhash-fold
+          (lambda (user keys other-users)
+            `((,user ,@(apply append (reverse keys))) ,@other-users))
+          '() by-user))))
+      (((user keys ...) other-user-keys ...)
+       (let ((existing
+              (match (vhash-assoc user by-user)
+                ((_ . keys) keys)
+                (#f '()))))
+         (generate-keys
+          other-user-keys
+          (vhash-cons user `(,keys ,@existing) by-user)))))))
 
 (define openssh-service-type
   (service-type (name 'openssh)
-- 
2.33.1


--=-=-=
Content-Type: text/plain


Vivien

--=-=-=--




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: The openssh service does not allow multiple authorized key files per user
Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Mon, 15 Nov 2021 14:43:02 +0000
Resent-Message-ID: <handler.51487.B51487.16369873586937@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Vivien Kraus <vivien@planete-kraus.eu>
Cc: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.16369873586937
          (code B ref 51487); Mon, 15 Nov 2021 14:43:02 +0000
Received: (at 51487) by debbugs.gnu.org; 15 Nov 2021 14:42:38 +0000
Received: from localhost ([127.0.0.1]:53151 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mmdBu-0001no-E6
	for submit@debbugs.gnu.org; Mon, 15 Nov 2021 09:42:38 -0500
Received: from eggs.gnu.org ([209.51.188.92]:51050)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1mmdBs-0001nb-Dm
 for 51487@debbugs.gnu.org; Mon, 15 Nov 2021 09:42:36 -0500
Received: from [2001:470:142:3::e] (port=37072 helo=fencepost.gnu.org)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mmdBn-00063K-69; Mon, 15 Nov 2021 09:42:31 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=jhUt59pzVnAR+a45bT3408Xg1YeSqIJ56RP28frUNTM=; b=p2Garm5qPLYBSZPoJvcD
 WFsZczIaYE+2GeGrLCQ1gm3j55LwybtuRkNuZc8n2nLww2UkpgNU1c12NJmPLII+40xYIkKETCPhf
 PcHc3thWcGsOYN0wRT3msCUgJhAwvXrq6zhumOTXNBUyOe2SVJ6089YtFerrze5+RdwJu7IpZqg6n
 yl+6xw2551FN2KyQJTn5RrEzuzpKcT7kaC9H4mft2fmOzCV/c9+p86/f+4MtLRqLgx2aZRVl4ZvLw
 AJDp3YErHroDf5I/Jk0bYwEZ8+C4ZydinQ8Gv9Sc/HwTb5tIT3sH1KCQ611++fS63s8xSoQx8lEC2
 vbImiDryI+S5FA==;
Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=41732 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mmdBm-0002KI-53; Mon, 15 Nov 2021 09:42:31 -0500
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
 <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
 <87fss8knw3.fsf_-_@gnu.org> <87lf1zc1lg.fsf@planete-kraus.eu>
Date: Mon, 15 Nov 2021 15:42:28 +0100
In-Reply-To: <87lf1zc1lg.fsf@planete-kraus.eu> (Vivien Kraus's message of
 "Sun, 07 Nov 2021 18:29:30 +0100")
Message-ID: <874k8d5vl7.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Vivien Kraus <vivien@planete-kraus.eu> skribis:

>  (define (extend-openssh-authorized-keys config keys)
>    "Extend CONFIG with the extra authorized keys listed in KEYS."
> -  (openssh-configuration
> -   (inherit config)
> -   (authorized-keys
> -    (append (openssh-authorized-keys config) keys))))
> +  (let generate-keys
> +      ((user-keys
> +        (append (openssh-authorized-keys config) keys))
> +       ;; The by-user vhash indexes a list of list of keys for each user=
, the
> +       ;; list of list is not concatenated eagerly to avoid quadratic
> +       ;; complexity.
> +       (by-user (alist->vhash '())))
> +    (match user-keys
> +      (()
> +       (openssh-configuration
> +        (inherit config)
> +        (authorized-keys
> +         (vhash-fold
> +          (lambda (user keys other-users)
> +            `((,user ,@(apply append (reverse keys))) ,@other-users))
> +          '() by-user))))
> +      (((user keys ...) other-user-keys ...)
> +       (let ((existing
> +              (match (vhash-assoc user by-user)
> +                ((_ . keys) keys)
> +                (#f '()))))
> +         (generate-keys
> +          other-user-keys
> +          (vhash-cons user `(,keys ,@existing) by-user)))))))

I find it a bit hard to read.  What I had in mind is along these lines:

  (match (openssh-authorized-keys config)
    (((users _ ...) ...)
     ;; Build a user/key-list mapping.
     (let ((user-keys (fold (lambda (spec table)
                              (match spec
                                ((user keys ...)
                                 (vhash-cons user keys table))))
                            vlist-null
                            (openssh-authorized-keys config))))
       ;; Coalesce the key lists associated with each user.
       (map (lambda (user)
              (concatenate (vhash-fold* cons '() user user-keys)))
            users))))

WDYT?

Thanks,
Ludo=E2=80=99.




From unknown Sun Jun 22 04:29:54 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#51487: The openssh service does not allow multiple authorized key files per user
Resent-From: Vivien Kraus <vivien@planete-kraus.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Mon, 15 Nov 2021 15:36:02 +0000
Resent-Message-ID: <handler.51487.B51487.163699054123921@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 51487
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 51487@debbugs.gnu.org
Received: via spool by 51487-submit@debbugs.gnu.org id=B51487.163699054123921
          (code B ref 51487); Mon, 15 Nov 2021 15:36:02 +0000
Received: (at 51487) by debbugs.gnu.org; 15 Nov 2021 15:35:41 +0000
Received: from localhost ([127.0.0.1]:55819 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mme1F-0006Dk-Is
	for submit@debbugs.gnu.org; Mon, 15 Nov 2021 10:35:41 -0500
Received: from planete-kraus.eu ([89.234.140.182]:36486)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mme1C-0006DV-OK
 for 51487@debbugs.gnu.org; Mon, 15 Nov 2021 10:35:39 -0500
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 6a807a22;
 Mon, 15 Nov 2021 15:35:36 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=
 references:from:to:cc:subject:date:in-reply-to:message-id
 :mime-version:content-type; s=dkim; bh=wOiZiQo8OEiu9sBCLrCqqETHz
 oc=; b=w/mx9oGNDZXwb88Oq6Dx9J5VBsN7SOmFr5xzCZAsDw4GeACIczOUtduRc
 fK3qIhe6F2cfyWmy6Vd+zz2z+8M599G0444IQ+bGJVUfxJINKwl2ZloSc+XIctvG
 t+q1WO0I/HTzmTiUP8muIeABgM9w/L+TfbMQmlEdPVkTN4hrVw=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id 549326a3
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); 
 Mon, 15 Nov 2021 15:35:32 +0000 (UTC)
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
 <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
 <87fss8knw3.fsf_-_@gnu.org> <87lf1zc1lg.fsf@planete-kraus.eu>
 <874k8d5vl7.fsf@gnu.org>
User-agent: mu4e 1.6.9; emacs 27.2
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Mon, 15 Nov 2021 15:31:52 +0000
In-reply-to: <874k8d5vl7.fsf@gnu.org>
Message-ID: <87fsrx4eku.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Ludovic Court=C3=A8s <ludo@gnu.org> writes:
> I find it a bit hard to read.  What I had in mind is along these lines:
>
>   (match (openssh-authorized-keys config)
>     (((users _ ...) ...)
>      ;; Build a user/key-list mapping.
>      (let ((user-keys (fold (lambda (spec table)
>                               (match spec
>                                 ((user keys ...)
>                                  (vhash-cons user keys table))))
>                             vlist-null
>                             (openssh-authorized-keys config))))
>        ;; Coalesce the key lists associated with each user.
>        (map (lambda (user)
>               (concatenate (vhash-fold* cons '() user user-keys)))
>             users))))

That=E2=80=99s way cleaner. I didn=E2=80=99t know of vhash-fold*, it seems =
to save the
day!

(just fixing the final map function not to forget the user name in the
alist, and removing "spec")


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0001-gnu-openssh-service-Collect-all-keys-for-all-users.patch
Content-Transfer-Encoding: quoted-printable
Content-Description: Collect all users in ssh service

From=207bc8abcfd5024f5269c36dc8cb44803eb0ab29ba Mon Sep 17 00:00:00 2001
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Fri, 29 Oct 2021 18:25:24 +0200
Subject: [PATCH] gnu: openssh-service: Collect all keys for all users.

* gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no key=
 is forgotten.
=2D--
 gnu/services/ssh.scm | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index a018052eeb..92b470aa96 100644
=2D-- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -39,6 +39,7 @@ (define-module (gnu services ssh)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
+  #:use-module (ice-9 vlist)
   #:export (lsh-configuration
             lsh-configuration?
             lsh-service
@@ -535,7 +536,19 @@ (define (extend-openssh-authorized-keys config keys)
   (openssh-configuration
    (inherit config)
    (authorized-keys
=2D    (append (openssh-authorized-keys config) keys))))
+    (match (openssh-authorized-keys config)
+      (((users _ ...) ...)
+       ;; Build a user/key-list mapping.
+       (let ((user-keys (fold (match-lambda*
+                                (((user keys ...) table)
+                                 (vhash-cons user keys table)))
+                              vlist-null
+                              (openssh-authorized-keys config))))
+         ;; Coalesce the key lists associated with each user.
+         (map (lambda (user)
+                `(,user
+                  ,@(concatenate (vhash-fold* cons '() user user-keys))))
+              users)))))))
=20
 (define openssh-service-type
   (service-type (name 'openssh)
=2D-=20
2.33.1


--=-=-=
Content-Type: text/plain


Vivien

--=-=-=--

--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEq4yIHjMvkliPpwQnO7C8EjLYuCwFAmGSfjIACgkQO7C8EjLY
uCxvrAv/bYqiYgs6ji87X0y9J2WR0yuK93iiWj55yPLkWOY5omw6B8GkpGKjbfij
a50hPRizgM7G99cfRKIveoD0dobHQdmGH/1M/8yQshfgcqOOm77Or5pCMWhS9I3v
UfLwzyMvZBA5eN+n9YNrAcxI+exysl/pwDsbRpaHlwIlFjzIIxMF5T/0abcd8J3L
2FjMxNvNMV91CWrelCtQwMXy+kimPe7tRg/PT4hXU154RMMX2kF1J4grSSZxZRaz
MmhajxwF1iMLb94EPT7PIk4Gr6DlEULYAwMKJKiSwY6hbFs1VwsUjMRGvnmcazaw
SJPQl0Y52m6KGg+kz+r9lyEFS5dTzD29xVN6+RVowP61/59Z55BP7yByOY1fe1qH
vzgvqIamIvodf6Yr4k7eI01SCi5RghX3xNJywf+XLMTpWa04LfLKwL+CbQfbzwN5
bI2iZw2kPinU66PaoAcixvQQidf0CQw7Bb58HKN/PU/xVxb2Es1AUaEwexM1rx8V
LCQSkV0x
=CkkV
-----END PGP SIGNATURE-----
--==-=-=--




From unknown Sun Jun 22 04:29:54 2025
MIME-Version: 1.0
X-Mailer: MIME-tools 5.505 (Entity 5.505)
X-Loop: help-debbugs@gnu.org
From: help-debbugs@gnu.org (GNU bug Tracking System)
To: Vivien Kraus <vivien@planete-kraus.eu>
Subject: bug#51487: closed (Re: bug#51487: The openssh service does not
 allow multiple authorized key files per user)
Message-ID: <handler.51487.D51487.16370534105382.notifdone@debbugs.gnu.org>
References: <874k8c4gmg.fsf@gnu.org> <87fssjvmbp.fsf@planete-kraus.eu>
X-Gnu-PR-Message: they-closed 51487
X-Gnu-PR-Package: guix
Reply-To: 51487@debbugs.gnu.org
Date: Tue, 16 Nov 2021 09:04:01 +0000
Content-Type: multipart/mixed; boundary="----------=_1637053441-5453-1"

This is a multi-part message in MIME format...

------------=_1637053441-5453-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Your bug report

#51487: The openssh service does not allow multiple authorized key files pe=
r user

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 51487@debbugs.gnu.org.

--=20
51487: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D51487
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

------------=_1637053441-5453-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at 51487-done) by debbugs.gnu.org; 16 Nov 2021 09:03:30 +0000
Received: from localhost ([127.0.0.1]:57183 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mmuNG-0001Ok-5Z
	for submit@debbugs.gnu.org; Tue, 16 Nov 2021 04:03:30 -0500
Received: from eggs.gnu.org ([209.51.188.92]:59758)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1mmuNE-0001OV-DR
 for 51487-done@debbugs.gnu.org; Tue, 16 Nov 2021 04:03:28 -0500
Received: from [2001:470:142:3::e] (port=38832 helo=fencepost.gnu.org)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mmuN8-000634-Bx; Tue, 16 Nov 2021 04:03:22 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=7Ss6o9tRZr1x3JwVokPWigQHFOoF7mTrvfBCPkc+PeQ=; b=h92vzfLg0RP7gw8SNwvO
 zQtFkgzP2iKTyOc0q0pXdxEkLyPIUFFdo+ao/9+dRkwig3B/SKShZYHFpxzxu81jfXK6k74AZ+4oG
 tQO5rhTSxJl3GdoyrEEEk/abkMJ4mPsc6TMKXar47XydW9vC5ohyenQ+boPxekn7QNu/FWDmmxAyZ
 QaM4z1OK6JU96FyY5CBIyyN73eWt94OyRJVqWSxBqkgtADBXLGp0CqGjEAp2kN7wlkIdMWfYTlCi7
 rlUQlqT+W+TArz5UKpleCMCq54HCHV0Fw8EPl4HuEDieaXHFLzxPo+mYVjdXMJf4rju0AQEfQFYWl
 A/ykfKEijmgOmg==;
Received: from [193.50.110.110] (port=57564 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mmuN7-0001Sp-UU; Tue, 16 Nov 2021 04:03:22 -0500
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: Vivien Kraus <vivien@planete-kraus.eu>
Subject: Re: bug#51487: The openssh service does not allow multiple
 authorized key files per user
References: <87fssjvmbp.fsf@planete-kraus.eu>
 <handler.51487.B.16355241781380.ack@debbugs.gnu.org>
 <5e2cb25499ce79f6afc6b8fc775b6ff8e5817670.camel@planete-kraus.eu>
 <a3baa9271aba2624bcdcc5f831d071a7dd792128.camel@planete-kraus.eu>
 <e9d6b181ddd0dd156a10bbba9500da11a8f4cfde.camel@planete-kraus.eu>
 <87fss8knw3.fsf_-_@gnu.org> <87lf1zc1lg.fsf@planete-kraus.eu>
 <874k8d5vl7.fsf@gnu.org> <87fsrx4eku.fsf@planete-kraus.eu>
Date: Tue, 16 Nov 2021 10:03:19 +0100
In-Reply-To: <87fsrx4eku.fsf@planete-kraus.eu> (Vivien Kraus's message of
 "Mon, 15 Nov 2021 15:31:52 +0000")
Message-ID: <874k8c4gmg.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 51487-done
Cc: 51487-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Vivien Kraus <vivien@planete-kraus.eu> skribis:

> (just fixing the final map function not to forget the user name in the
> alist, and removing "spec")

Oops, indeed.

> From 7bc8abcfd5024f5269c36dc8cb44803eb0ab29ba Mon Sep 17 00:00:00 2001
> From: Vivien Kraus <vivien@planete-kraus.eu>
> Date: Fri, 29 Oct 2021 18:25:24 +0200
> Subject: [PATCH] gnu: openssh-service: Collect all keys for all users.
>
> * gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no k=
ey is forgotten.

I realized we could just use =E2=80=98alist->vhash=E2=80=99 instead of (fol=
d =E2=80=A6) so I did
that.

Applied, thanks!

Ludo=E2=80=99.


------------=_1637053441-5453-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by debbugs.gnu.org; 29 Oct 2021 16:16:18 +0000
Received: from localhost ([127.0.0.1]:55690 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mgUYE-0000MC-DY
	for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:16:18 -0400
Received: from lists.gnu.org ([209.51.188.17]:35592)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <vivien@planete-kraus.eu>) id 1mgUY6-0000Lz-RB
 for submit@debbugs.gnu.org; Fri, 29 Oct 2021 12:16:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:42272)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <vivien@planete-kraus.eu>)
 id 1mgUY6-0005P1-G3
 for bug-guix@gnu.org; Fri, 29 Oct 2021 12:16:10 -0400
Received: from planete-kraus.eu ([2a00:5881:4008:2810::309]:49724)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <vivien@planete-kraus.eu>)
 id 1mgUXz-0005ol-P4
 for bug-guix@gnu.org; Fri, 29 Oct 2021 12:16:10 -0400
Received: from planete-kraus.eu (localhost.lan [127.0.0.1])
 by planete-kraus.eu (OpenSMTPD) with ESMTP id 7b7b0aa1
 for <bug-guix@gnu.org>; Fri, 29 Oct 2021 16:15:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=planete-kraus.eu; h=from
 :to:subject:date:message-id:mime-version:content-type; s=dkim;
 bh=1qGxPc6kQpRdYd63imAgUYG5mSE=; b=TSUlP0FT1YgW5HXP9kiRVDGAPVWf
 x3c1lKVhzUY+nLsnHvk5QbUuJfnEHKAHU+6qVSArSb1vEnR5wbiisolztctBSgcH
 Zo/WvaZLuUml8IdmHRKsx6TA9TmgIVxqzURckaVk/6Zhz/zdCErIQS14qq9sdRvV
 K2MCErCgPXsqkVg=
Received: by planete-kraus.eu (OpenSMTPD) with ESMTPSA id dfe6dd87
 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); 
 Fri, 29 Oct 2021 16:15:54 +0000 (UTC)
From: Vivien Kraus <vivien@planete-kraus.eu>
To: bug-guix@gnu.org
Subject: The openssh service does not allow multiple authorized key files
 per user
Date: Fri, 29 Oct 2021 18:15:54 +0200
Message-ID: <87fssjvmbp.fsf@planete-kraus.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
Received-SPF: pass client-ip=2a00:5881:4008:2810::309;
 envelope-from=vivien@planete-kraus.eu; helo=planete-kraus.eu
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

--=-=-=
Content-Type: text/plain


Dear guix,

The openssh service is configured with a list of authorized keys, as a
list of items, where each item is a list of 2 values, the user name (as
a string) and the public key file (a file-like object). The service can
be extended with new keys.

To have multiple keys per user, we can put them on the same file-like
object, each on its own line. However, if we put two different records,
only the last one is remembered.

This is a problem if we want to extend the service for users that
already have a key. As I am trying to create a service that would
convert GPG keys to SSH keys, I am in this exact situation: the users
may have already defined SSH keys, and I want to add some more without
losing the others.

Best regards,

Vivien

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEq4yIHjMvkliPpwQnO7C8EjLYuCwFAmF8HjoACgkQO7C8EjLY
uCxCIQv+NcyLkPpKJGrBT2ibgR1DkOO0sOad46VtBCgu8rCwmU+A5na6X4/k6cW/
IQniJhaaVv9BorI269rYch7vCQC5V4Vy0gCxrMhA4bWzHgTjB7J7Rz4oVB3XpvmS
Fe5an8kgr/hxMruanWGBRVCcbxPhjeervhcnYiicz2g6OWnq0CfhLv0i0rn6gpeY
/PRIlj4ehaL3UUIApAr+M9rzRNa4cg7jk2NXPbpfcx9YdYLOCFXT7qR0XXBFkSFj
LTaU0+Ex0Zxa5OFCW8eoqK5j8YfaL+UNGK7JayVuwJNL9FhEJclvO1inyCCb1p3R
ckgKnbhyQMg/MI2tL8FnXNh8jw99p2pvzMJ0VGnYhjOoiLruy8Tk6tdj5OkcY3Yb
BcKtBW3fDBV2Y9fXJZUK+DFwRgHo618zwe5QqNRpDvnfYNqXvAoteR7I0AoAgWMt
8a0pNMHFaT/cj3+qlOg9luveRyh+Amw9qMdO1Et1JJ+99SkEG5/OjDPPsD9qbYhs
irRrjAEb
=O9Al
-----END PGP SIGNATURE-----
--=-=-=--



------------=_1637053441-5453-1--