Joe Hillenbrand <joehil...@gmail.com> skribis:
> On Thu, Apr 9, 2015 at 5:00 AM, Ludovic Courtès <l...@gnu.org> wrote:
>>
>> No (not yet?). I guess you mean the authorized keys, right?
>
> Yes
>
>> It would be nice to have something like that, especially for automated
>> deployment scenarios.
>
> That is specifically the scenario I am building for. I am also trying
> to build testing VMs that need to be able to ssh after the images boot
> up.
>
> How do you suggests this functionality should be added?
>
> NixOS has the "openssh.authorizedKeys.keys" setting, but I don't think
> that translates to Guix.
> https://nixos.org/nixos/manual/sec-user-management.html
No, indeed.
As discussed on IRC, there are several issues, such as the choice of the
SSH implementation (lshd uses ‘lsh-authorize’ to add authorized keys,
not ~/.ssh/authorized_keys.) That complicates things.
However, as David suggests, we could have a per-account list of files to
install. I can imagine something like:
(user-account
(name "joe")
;; ...
(files `((".ssh/authorized_keys" ,(local-file "my-authorized-keys"))
(".emacs.d/foo.el" ,(local-file "foo.el")))))
Now, how should that be handled upon ‘reconfigure’? By just overriding
those files? Probably, I guess.
Also, should they be symlinks to the store or copies?
Ludo’.
