On 02/01/2018 at 15:23 Leo Famulari writes: > On Wed, Jan 31, 2018 at 08:41:44PM -0500, George myglc2 Clemmer wrote: >> How do I avoid the need to set user passwords for vm-images created with >> 'guix system vm-image'? > > It's possible to put the encrypted user passwords in the GuixSD configuration > file: > > "password (default: #f) > > You would normally leave this field to #f, initialize user passwords > as root with the passwd command, and then let users change it with > passwd. Passwords set with passwd are of course preserved across > reboot and reconfiguration. > > If you do want to have a preset password for an account, then this > field must contain the encrypted password, as a string. See crypt in > The GNU C Library Reference Manual, for more information on password > encryption, and Encryption in GNU Guile Reference Manual, for > information on Guileās crypt procedure." > > https://www.gnu.org/software/guix/manual/html_node/User-Accounts.html#User-Accounts > >> Is there a way to pre-populate user accounts with public keys? > > And, at least with the OpenSSH service, to include the public keys: > > (service openssh-service-type > (openssh-configuration > (x11-forwarding? #t) > (permit-root-login 'without-password) > (authorized-keys > `(("alice" ,(local-file "alice.pub")) > ("bob" ,(local-file "bob.pub")))))) > > I haven't tried it, but I think it should be possible to pass the public > key as a string instead of using local-file if necessary. > > https://www.gnu.org/software/guix/manual/html_node/Networking-Services.html#index-openssh_002dservice_002dtype > >> A sample config sure would be appreciated ;-) > > Sorry, I've never tried either of these things before :)
Many thanks. Duh! dunno how I missed that in the doc ;-) - George
