guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] openssh service


From: Julien Lepiller
Subject: Re: [PATCH] openssh service
Date: Mon, 26 Sep 2016 18:42:19 +0200

On Fri, 26 Aug 2016 12:51:56 +0200
Andy Wingo <address@hidden> wrote:

> Hi Julien,
> 
> Thanks for the documentation update!
> 
> On Fri 19 Aug 2016 16:31, Julien Lepiller <address@hidden> writes:
> 
> > address@hidden {Scheme Procedure} openssh-service [#:pidfile
> > "/var/run/sshd.pid"] @
> > +       [#:port-number 22] [#:root-login "without-password"] @
> > +       [#:allow-empty-passwords #f] [#:password-authentication?
> > #t] @
> > +       [#:pubkey-authentication? #t] [#:rsa-authentication? #t] @
> > +       [#:x11-forwarding? #f] [#:protocol-number "2"]
> > +"Run the @command{sshd} program from @var{openssh} on port
> > @var{port-number}. address@hidden runs an ssh daemon and writes
> > its PID to @var{pidfile}. It +understands ssh protocol
> > @var{protocol-number}. The @var{protocol-number} can +be one of
> > \"1\", \"2\" or \"1,2\". +
> > address@hidden takes one of @var{yes},
> > @var{without-password} and address@hidden It is used to allow root
> > login through ssh. @var{without-password} +means that root login is
> > allowed, except when loging with a password (eg: a +public key).  
> 
> The variable needs to be changed to @var{root-login} (and I think
> probably @var{permit-root-login} would be more expected), and probably
> "without-password" should be a symbol rather than a string.  In
> general I think naming the keywords after the upstream options is
> going to be the least confusing thing for users.  Consider changing
> from yes/no/without-password to #t/#f/without-password, and renaming
> the option to #:permit-root-login?.  Consider requiring that the
> protocol number be either 1 or 2.  In general we want to make errors
> happen early, when building the OS, rather than when the OS is booted.

Sorry for the delay, here is a new version of the patch.

Meanwhile, sysconfdir was set to /etc, but I changed this for /etc/ssh,
because openssh looks for its configuration and other files (about 10)
directly in sysconfdir, not a subdirectory. Also, I fixed a mistake in
openssh-service (it was not following what the doc said).

> 
> WDYT?
> 
> Andy

Attachment: 0001-services-Add-openssh.patch
Description: Text Data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]