Hi, Chris Marusich <cmmarus...@gmail.com> skribis:
> ng0 <contact....@cryptolab.net> writes: > >> Hi, >> >> I will soon start to assemble an GuixSD system image for IN-Berlin >> virtual servers. >> I know bayfront uses a module which defines lsh pubkeys for user 'root' >> (?) and makes them part of the system generation. >> >> For IN-Berlin (and probably other hosters) it would help if there was a >> way to define openssh pubkeys in the system config. >> I know I could just generate an image, make it writable and put my key >> into /root/.ssh/authorized_keys, but it would be better if this would be >> possible to define directly. >> >> Has someone looked into this before? > > I only know of this discussion: > > https://lists.gnu.org/archive/html/help-guix/2016-11/msg00075.html For bayfront, we have a module to declare authorized publish SSH keys, but that currently relies on lshd rather than sshd: https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/hydra/modules/sysadmin/people.scm It’s a common need so we should move it to Guix proper and implement the same thing for OpenSSH. HTH, Ludo’.
