[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] openssh service
|
From: |
Andy Wingo |
|
Subject: |
Re: [PATCH] openssh service |
|
Date: |
Fri, 26 Aug 2016 12:51:56 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hi Julien,
Thanks for the documentation update!
On Fri 19 Aug 2016 16:31, Julien Lepiller <address@hidden> writes:
> address@hidden {Scheme Procedure} openssh-service [#:pidfile
> "/var/run/sshd.pid"] @
> + [#:port-number 22] [#:root-login "without-password"] @
> + [#:allow-empty-passwords #f] [#:password-authentication? #t] @
> + [#:pubkey-authentication? #t] [#:rsa-authentication? #t] @
> + [#:x11-forwarding? #f] [#:protocol-number "2"]
> +"Run the @command{sshd} program from @var{openssh} on port @var{port-number}.
> address@hidden runs an ssh daemon and writes its PID to @var{pidfile}. It
> +understands ssh protocol @var{protocol-number}. The @var{protocol-number} can
> +be one of \"1\", \"2\" or \"1,2\".
> +
> address@hidden takes one of @var{yes}, @var{without-password} and
> address@hidden It is used to allow root login through ssh.
> @var{without-password}
> +means that root login is allowed, except when loging with a password (eg: a
> +public key).
The variable needs to be changed to @var{root-login} (and I think
probably @var{permit-root-login} would be more expected), and probably
"without-password" should be a symbol rather than a string. In general
I think naming the keywords after the upstream options is going to be
the least confusing thing for users. Consider changing from
yes/no/without-password to #t/#f/without-password, and renaming the
option to #:permit-root-login?. Consider requiring that the protocol
number be either 1 or 2. In general we want to make errors happen
early, when building the OS, rather than when the OS is booted.
WDYT?
Andy