Package: guix Version: 0.16.0 Severity: wishlist In a disk-image the ssh host keys are generated anew every time the system boots. This is a significant security issue - the unknown host warnings will cause notification blindness and users won't recognize if the host is legitimately compromised.
There's a workaround involving mounting the disk image (losetup -fP & mount) after building it and adding the files that way, but it requires a patch to the openssh service activation procedure to re-reset the file permissions (they're set to 644 or something by an earlier statement). I can submit my patch if there's interest. This is a wishlist bug though since it requires a method to add files with sensitive contents to the system, which I made another ticket for (35459).
