From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marius Bakke <mbakke@fastmail.com>
Subject: bug#26695: openssh password-authentication? should be #f by default
Date: Fri, 28 Apr 2017 19:23:50 +0200
Message-ID: <87efwcbg49.fsf@fastmail.com>
References: <87k264tx8m.fsf@dustycloud.org>
	<01F8858C-D359-42CA-96A6-45F6C4A3B80C@gmail.com>
	<87h9184heg.fsf@dustycloud.org>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41761)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d49cl-0000vr-1Z
	for bug-guix@gnu.org; Fri, 28 Apr 2017 13:24:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d49ch-0001NI-3F
	for bug-guix@gnu.org; Fri, 28 Apr 2017 13:24:07 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:46764)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1d49cg-0001Ml-Og
	for bug-guix@gnu.org; Fri, 28 Apr 2017 13:24:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d49cg-0004xg-Fw
	for bug-guix@gnu.org; Fri, 28 Apr 2017 13:24:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.26695.B26695.149340023719062@debbugs.gnu.org>
In-Reply-To: <87h9184heg.fsf@dustycloud.org>
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Christopher Allan Webber <cwebber@dustycloud.org>, Maxim Cournoyer <maxim.cournoyer@gmail.com>
Cc: 26695@debbugs.gnu.org

--=-=-=
Content-Type: text/plain

Christopher Allan Webber <cwebber@dustycloud.org> writes:

> Maxim Cournoyer writes:
>
>> +1. Although it means the keys will have to be copied by another mean
>> than the "ssh-copy-id" script. Maybe the configuration could accept
>> the public key? :) I haven't checked if this is already possible.
>
> We have discussed in the past having some service that just copies some
> static files on init.  That would be enough to set up public keys
> appropriately.

I think that can already be done with 'special-file-service-type'.

https://lists.gnu.org/archive/html/guix-devel/2017-02/msg00332.html

Another approach could be a small program that reads a configuration
file and can also pull from e.g. the ec2 metadata service which should
work with many "cloud" providers. Similar to "cloud-init" but Guile of
course :)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlkDeqYACgkQoqBt8qM6
VPqQcggAsOZNTZCFhFeY2gD4IV//lSXmFI8fhzuoeB56JeDlzf+3+qQQHzsgii0r
ySF9Gv9jZXm4xppqXUoSZksRF+JACYUVp50Z/PwkekLbEmT+NVeVOjkNxWQvSyZr
giWQwalq+kNdRLQw+YIGECCuTTbudpJ7iwj+UxNka80JJmzRotWBkNyB5ABHeJRY
ElXI6gPK90lTiRcR3BVjTMSkbt5cD1Kbqvy+JsYhAsaBRx6NP4o6I524ec3V6AL0
dYGhUNJPowtu2FxGaG6xaEf43kUnqbcRFk7ORrxpemU55ofKV7WNW2TyXJNh/OAQ
qH85jFMfWp+g7erpE0clH1DoTVzU9Q==
=Hxbh
-----END PGP SIGNATURE-----
--=-=-=--