>
> > I finally migrated my home configuration to guix home.  However, it
>> > seems guix home creates all symlinks with 777 permissions.  This causes
>> > problems with openssh as it will not recognize my
>> > ~/.ssh/authorized_keys.  It seems the directories have reasonable
>> > permissions (maybe because they already existed?), but it seems like
>> > someone could in theory edit the symlinks in-place (though I wasn't
>> > able to figure that out).
>> Instead of using symllinks for ~/.ssh/authorized_keys, you could try to
>> write a home-activation-service, which
>>
>> 1. creates ~/.ssh with chmod 700
>> 1a. if it already existed, enforces chmod 700 anyways
>> 2. creates authorized_keys with chmod 600 if it doesn't exist
>> 3. writes the authorized keys.
>>
>
> I'll try that soon (next 1-3 days), and hopefully then we can close this
> issue.
>

I was able create the desired effect with the following service definition:
(simple-service
 'my-activation-service
 home-activation-service-type
 (gexp
  (begin
    (chdir (ungexp user-home))
    (if (not (file-exists? ".ssh"))
        (mkdir ".ssh"))
    (chmod ".ssh" #o700)
    (chdir ".ssh")
    (let ((port (open-output-file "authorized_keys")))
      (display (ungexp authorized-keys) port)
      (close-port port))
    (chmod "authorized_keys" #o600)
    (chdir ".."))))
where 'user-home and 'authorized-keys are appropriate strings defined
earlier in the file.

I believe that resolves the issue,
Zacchaeus Scheffer