[PATCH 2/2] services: Add 'dropbear-service'.

[PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

* gnu/services/ssh.scm (dropbear-service, ...): New variables.
* doc/guix.texi: New node.
---
 doc/guix.texi        |  25 ++++++++++++-
 gnu/services/ssh.scm | 104 +++++++++++++++++++++++++++++++++++++++++++++++++--
 2 files changed, 124 insertions(+), 5 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 62c0d34..377004f 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7695,7 +7695,7 @@ In addition, @var{extra-settings} specifies a string to append to the
 configuration file.
 @end deffn
 
-Furthermore, @code{(gnu services ssh)} provides the following service.
+Furthermore, @code{(gnu services ssh)} provides the following services.
 
 @deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @
        [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @
@@ -7733,6 +7733,29 @@ root.
 The other options should be self-descriptive.
 @end deffn
 
+@deffn {Scheme Procedure} dropbear-service [#:host-key "/etc/dropbear/dropbear_ecdsa_host-key"] @
+       [#:port-number 22] [#:allow-empty-passwords? #f] @
+       [#:root-login? #f] [#:password-authentication? #t] @
+       [#:syslog-output? #t] [#:initialize? #t]
+Run the @command{dropbear} program from @var{dropbear} to listen on port @var{port-number}.
+@var{host-key} must designate a file containing the host key, and readable
+only by root.
+
+By default dropbear logs its output to syslogd, unless one sets
+@var{syslog-output?} to false. This also makes dropbear-service depend
+on existence of syslogd service.
+
+When @var{initialize?} is true, @command{dropbear} automatically generates the
+host key upon service activation if it does not exist yet.
+When @var{initialize?} is false, it is up to create a key pair with the private
+key stored in file @var{host-key}. For more information consult the
+@command{dropbearkey} man pages.
+
+@var{allow-empty-passwords?} specifies whether to accept log-ins with empty
+passwords, and @var{root-login?} specifies whether to accept log-ins as
+root.
+@end deffn
+
 @defvr {Scheme Variable} %facebook-host-aliases
 This variable contains a string for use in @file{/etc/hosts}
 (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}).  Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 1eb9382..13a5df1 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -17,14 +17,15 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu services ssh)
-  #:use-module (guix gexp)
-  #:use-module (guix records)
+  #:use-module (gnu packages ssh)
   #:use-module (gnu services)
   #:use-module (gnu services shepherd)
   #:use-module (gnu system pam)
-  #:use-module (gnu packages ssh)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
   #:use-module (srfi srfi-26)
-  #:export (lsh-service))
+  #:export (dropbear-service
+            lsh-service))
 
 ;;; Commentary:
 ;;;
@@ -235,4 +236,99 @@ The other options should be self-descriptive."
                                public-key-authentication?)
                               (initialize? initialize?))))
 
+;;;
+;;; Dropbear ssh server
+;;;
+
+(define-record-type* <dropbear-configuration>
+  dropbear-configuration make-dropbear-configuration
+  dropbear-configuration?
+  (dropbear dropbear-configuration-dropbear
+            (default dropbear))
+  (host-key dropbear-configuration-host-key)
+  (port-number dropbear-configuration-port-number)
+  (syslog-output? dropbear-configuration-syslog-output?)
+  (pid-file dropbear-configuration-pid-file)
+  (root-login? dropbear-configuration-root-login?)
+  (allow-empty-passwords? dropbear-configuration-allow-empty-passwords?)
+  (password-authentication? dropbear-configuration-password-authentication?)
+  (initialize? dropbear-configuration-initialize?))
+
+(define (dropbear-initialization dropbear host-key)
+  "Return the gexp to initialize the dropbear service for HOST-KEY."
+  #~(begin
+    (unless (file-exists? #$host-key)
+      (mkdir-p (dirname #$host-key))
+      (format #t "creating SSH host key '~a'...~%" #$host-key)
+      (system* (string-append #$dropbear "/bin/dropbearkey")
+                "-t" "ecdsa" "-f" #$host-key))))
+
+(define (dropbear-activation config)
+  "Return the activation gexp for CONFIG."
+  #~(begin
+      #$(if (dropbear-configuration-initialize? config)
+            (dropbear-initialization
+              (dropbear-configuration-dropbear config)
+              (dropbear-configuration-host-key config))
+            #t)))
+
+(define (dropbear-shepherd-service config)
+  "Return a <shepherd-service> for dropbear with CONFIG."
+  (define dropbear (dropbear-configuration-dropbear config))
+
+  (define dropbear-command
+    (append
+      (list
+        #~(string-append #$dropbear "/sbin/dropbear") "-F"
+        "-p" (number->string (dropbear-configuration-port-number config))
+        "-P" (dropbear-configuration-pid-file config)
+        "-r" (dropbear-configuration-host-key config))
+      (if (dropbear-configuration-syslog-output? config) '() '("-E"))
+      (if (dropbear-configuration-root-login? config) '() '("-w"))
+      (if (dropbear-configuration-password-authentication? config) '() '("-s" "-g"))
+      (if (dropbear-configuration-allow-empty-passwords? config) '("-B") '())))
+
+  (define requires
+    (if (dropbear-configuration-syslog-output? config)
+        '(networking syslogd)
+        '(networking)))
+
+  (list (shepherd-service
+    (documentation "Dropbear ssh server")
+    (requirement requires)
+    (provision '(ssh-daemon))
+    (start #~(make-forkexec-constructor #$@dropbear-command))
+    (stop #~(make-kill-destructor)))))
+
+(define dropbear-service-type
+  (service-type (name 'dropbear)
+    (extensions
+      (list (service-extension shepherd-root-service-type
+                               dropbear-shepherd-service)
+            (service-extension activation-service-type
+                               dropbear-activation)))))
+
+(define* (dropbear-service #:key
+  (dropbear dropbear)
+  (host-key "/etc/dropbear/dropbear_ecdsa_host_key")
+  (port-number 22)
+  (allow-empty-passwords? #f)
+  (root-login? #f)
+  (syslog-output? #t)
+  (pid-file "/var/run/dropbear.pid")
+  (password-authentication? #t)
+  (initialize? #t))
+  "Run the @command{dropbear} daemon from @var{dropbear} to start a ssh server."
+  (service dropbear-service-type
+    (dropbear-configuration
+      (dropbear dropbear)
+      (host-key host-key)
+      (port-number port-number)
+      (allow-empty-passwords? allow-empty-passwords?)
+      (root-login? root-login?)
+      (syslog-output? syslog-output?)
+      (pid-file pid-file)
+      (password-authentication? password-authentication?)
+      (initialize? initialize?))))
+
 ;;; ssh.scm ends here
-- 
2.9.0

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Leo Famulari]

On Mon, Jul 04, 2016 at 10:56:16PM +0200, David Craven wrote:
> * gnu/services/ssh.scm (dropbear-service, ...): New variables.
> * doc/guix.texi: New node.

I noticed in another thread you said something like "dropbear-service
[...] works without rngd service" [0]. Can you clarify what you mean?
Do you mean that it does not have the same behavior as LSH, which waits
for *something* before deciding it has enough entropy to create a host
key?

If so, what does Dropbear do? How does it get random numbers to generate
the host key?

I ask because, in my opinion, LSH's behaviour is annoying but desired.
Generating keys immediately after first boot without taking special care
of the kernel's RNG is, in my limited understanding, not a good idea.

[0]
https://lists.gnu.org/archive/html/help-guix/2016-07/msg00061.html

> ---
>  doc/guix.texi        |  25 ++++++++++++-
>  gnu/services/ssh.scm | 104 +++++++++++++++++++++++++++++++++++++++++++++++++--
>  2 files changed, 124 insertions(+), 5 deletions(-)
> 
> diff --git a/doc/guix.texi b/doc/guix.texi
> index 62c0d34..377004f 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -7695,7 +7695,7 @@ In addition, @var{extra-settings} specifies a string to append to the
>  configuration file.
>  @end deffn
>  
> -Furthermore, @code{(gnu services ssh)} provides the following service.
> +Furthermore, @code{(gnu services ssh)} provides the following services.
>  
>  @deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @
>         [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @
> @@ -7733,6 +7733,29 @@ root.
>  The other options should be self-descriptive.
>  @end deffn
>  
> +@deffn {Scheme Procedure} dropbear-service [#:host-key "/etc/dropbear/dropbear_ecdsa_host-key"] @
> +       [#:port-number 22] [#:allow-empty-passwords? #f] @
> +       [#:root-login? #f] [#:password-authentication? #t] @
> +       [#:syslog-output? #t] [#:initialize? #t]
> +Run the @command{dropbear} program from @var{dropbear} to listen on port @var{port-number}.
> +@var{host-key} must designate a file containing the host key, and readable
> +only by root.
> +
> +By default dropbear logs its output to syslogd, unless one sets
> +@var{syslog-output?} to false. This also makes dropbear-service depend
> +on existence of syslogd service.
> +
> +When @var{initialize?} is true, @command{dropbear} automatically generates the
> +host key upon service activation if it does not exist yet.
> +When @var{initialize?} is false, it is up to create a key pair with the private
> +key stored in file @var{host-key}. For more information consult the
> +@command{dropbearkey} man pages.
> +
> +@var{allow-empty-passwords?} specifies whether to accept log-ins with empty
> +passwords, and @var{root-login?} specifies whether to accept log-ins as
> +root.
> +@end deffn
> +
>  @defvr {Scheme Variable} %facebook-host-aliases
>  This variable contains a string for use in @file{/etc/hosts}
>  (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}).  Each
> diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
> index 1eb9382..13a5df1 100644
> --- a/gnu/services/ssh.scm
> +++ b/gnu/services/ssh.scm
> @@ -17,14 +17,15 @@
>  ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
>  
>  (define-module (gnu services ssh)
> -  #:use-module (guix gexp)
> -  #:use-module (guix records)
> +  #:use-module (gnu packages ssh)
>    #:use-module (gnu services)
>    #:use-module (gnu services shepherd)
>    #:use-module (gnu system pam)
> -  #:use-module (gnu packages ssh)
> +  #:use-module (guix gexp)
> +  #:use-module (guix records)
>    #:use-module (srfi srfi-26)
> -  #:export (lsh-service))
> +  #:export (dropbear-service
> +            lsh-service))
>  
>  ;;; Commentary:
>  ;;;
> @@ -235,4 +236,99 @@ The other options should be self-descriptive."
>                                 public-key-authentication?)
>                                (initialize? initialize?))))
>  
> +;;;
> +;;; Dropbear ssh server
> +;;;
> +
> +(define-record-type* <dropbear-configuration>
> +  dropbear-configuration make-dropbear-configuration
> +  dropbear-configuration?
> +  (dropbear dropbear-configuration-dropbear
> +            (default dropbear))
> +  (host-key dropbear-configuration-host-key)
> +  (port-number dropbear-configuration-port-number)
> +  (syslog-output? dropbear-configuration-syslog-output?)
> +  (pid-file dropbear-configuration-pid-file)
> +  (root-login? dropbear-configuration-root-login?)
> +  (allow-empty-passwords? dropbear-configuration-allow-empty-passwords?)
> +  (password-authentication? dropbear-configuration-password-authentication?)
> +  (initialize? dropbear-configuration-initialize?))
> +
> +(define (dropbear-initialization dropbear host-key)
> +  "Return the gexp to initialize the dropbear service for HOST-KEY."
> +  #~(begin
> +    (unless (file-exists? #$host-key)
> +      (mkdir-p (dirname #$host-key))
> +      (format #t "creating SSH host key '~a'...~%" #$host-key)
> +      (system* (string-append #$dropbear "/bin/dropbearkey")
> +                "-t" "ecdsa" "-f" #$host-key))))
> +
> +(define (dropbear-activation config)
> +  "Return the activation gexp for CONFIG."
> +  #~(begin
> +      #$(if (dropbear-configuration-initialize? config)
> +            (dropbear-initialization
> +              (dropbear-configuration-dropbear config)
> +              (dropbear-configuration-host-key config))
> +            #t)))
> +
> +(define (dropbear-shepherd-service config)
> +  "Return a <shepherd-service> for dropbear with CONFIG."
> +  (define dropbear (dropbear-configuration-dropbear config))
> +
> +  (define dropbear-command
> +    (append
> +      (list
> +        #~(string-append #$dropbear "/sbin/dropbear") "-F"
> +        "-p" (number->string (dropbear-configuration-port-number config))
> +        "-P" (dropbear-configuration-pid-file config)
> +        "-r" (dropbear-configuration-host-key config))
> +      (if (dropbear-configuration-syslog-output? config) '() '("-E"))
> +      (if (dropbear-configuration-root-login? config) '() '("-w"))
> +      (if (dropbear-configuration-password-authentication? config) '() '("-s" "-g"))
> +      (if (dropbear-configuration-allow-empty-passwords? config) '("-B") '())))
> +
> +  (define requires
> +    (if (dropbear-configuration-syslog-output? config)
> +        '(networking syslogd)
> +        '(networking)))
> +
> +  (list (shepherd-service
> +    (documentation "Dropbear ssh server")
> +    (requirement requires)
> +    (provision '(ssh-daemon))
> +    (start #~(make-forkexec-constructor #$@dropbear-command))
> +    (stop #~(make-kill-destructor)))))
> +
> +(define dropbear-service-type
> +  (service-type (name 'dropbear)
> +    (extensions
> +      (list (service-extension shepherd-root-service-type
> +                               dropbear-shepherd-service)
> +            (service-extension activation-service-type
> +                               dropbear-activation)))))
> +
> +(define* (dropbear-service #:key
> +  (dropbear dropbear)
> +  (host-key "/etc/dropbear/dropbear_ecdsa_host_key")
> +  (port-number 22)
> +  (allow-empty-passwords? #f)
> +  (root-login? #f)
> +  (syslog-output? #t)
> +  (pid-file "/var/run/dropbear.pid")
> +  (password-authentication? #t)
> +  (initialize? #t))
> +  "Run the @command{dropbear} daemon from @var{dropbear} to start a ssh server."
> +  (service dropbear-service-type
> +    (dropbear-configuration
> +      (dropbear dropbear)
> +      (host-key host-key)
> +      (port-number port-number)
> +      (allow-empty-passwords? allow-empty-passwords?)
> +      (root-login? root-login?)
> +      (syslog-output? syslog-output?)
> +      (pid-file pid-file)
> +      (password-authentication? password-authentication?)
> +      (initialize? initialize?))))
> +
>  ;;; ssh.scm ends here
> -- 
> 2.9.0
> 

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

That's my understanding too. From a quick glance at the source it
falls back onto stuff from /proc /sys. I guess there are weaker links
in a system dough, but I'm also no expert.

On a side note there are the matsano crypto challanges that are pretty
cool, in case you haven't heard of them, I never got to the
implementing/cracking prngs dough, simply not enough time...

[0]
https://github.com/mkj/dropbear/blob/master/dbrandom.c#L205
http://cryptopals.com/

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

Yeah, I should have better said I don't know instead of talking out of my ass.

All I can really do is trust that the people who write security
related code know what they are doing.

Is there anything else holding this up?

Cheers,
David

On Thu, Jul 7, 2016 at 7:54 PM, David Craven <david@craven.ch> wrote:
> That's my understanding too. From a quick glance at the source it
> falls back onto stuff from /proc /sys. I guess there are weaker links
> in a system dough, but I'm also no expert.
>
> On a side note there are the matsano crypto challanges that are pretty
> cool, in case you haven't heard of them, I never got to the
> implementing/cracking prngs dough, simply not enough time...
>
> [0]
> https://github.com/mkj/dropbear/blob/master/dbrandom.c#L205
> http://cryptopals.com/

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Leo Famulari]

On Sat, Jul 09, 2016 at 04:39:02PM +0200, David Craven wrote:
> Yeah, I should have better said I don't know instead of talking out of my ass.

That's harsh! I'm not an expert either, but I have begun trying to
understand the assumptions that programs like SSH daemons make in their
security model. In some cases, they assume that /dev/urandom has been
properly seeded, which it typically is not after first boot.

> All I can really do is trust that the people who write security
> related code know what they are doing.

Right, but like I said above, we must make an effort to know the
assumptions they are making about the system.

> Is there anything else holding this up?

I'm not the best person to review new services — they are still a little
over my head. At least, I should not be the sole reviewer.

In the meantime, can you provide an OS declaration (config.scm) that
makes use of dropbear-service so we can easily test it?

I'd like for this to become standard practice when new services are
submitted for review.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

Maybe this could also be seen as a test of the quality of the
documentation? But providing a example operating-system configuration
shouldn't be a problem.

```
(use-modules (gnu))
(use-service-modules base networking ssh)


(operating-system
  (host-name "builder")
  (timezone "Europe/Zurich")
  (locale "en_US.UTF-8")

  (bootloader (grub-configuration (device "/dev/vda")))

  (file-systems (cons
    (file-system
      (device "/dev/vda1")
      (mount-point "/")
      (type "ext4"))
    %base-file-systems))

  (users (cons
    (user-account
      (name "test")
      (group "users")
      (supplementary-groups '("wheel"))
      (home-directory "/home/dummy")
      (password "sa5JEXtYx/rm6")) ;; password is pass
    %base-user-accounts))

  (services (cons*
    (dhcp-client-service)
    (dropbear-service)
    %base-services))
)
```

On Sat, Jul 9, 2016 at 8:32 PM, Leo Famulari <leo@famulari.name> wrote:
> On Sat, Jul 09, 2016 at 04:39:02PM +0200, David Craven wrote:
>> Yeah, I should have better said I don't know instead of talking out of my ass.
>
> That's harsh! I'm not an expert either, but I have begun trying to
> understand the assumptions that programs like SSH daemons make in their
> security model. In some cases, they assume that /dev/urandom has been
> properly seeded, which it typically is not after first boot.
>
>> All I can really do is trust that the people who write security
>> related code know what they are doing.
>
> Right, but like I said above, we must make an effort to know the
> assumptions they are making about the system.
>
>> Is there anything else holding this up?
>
> I'm not the best person to review new services — they are still a little
> over my head. At least, I should not be the sole reviewer.
>
> In the meantime, can you provide an OS declaration (config.scm) that
> makes use of dropbear-service so we can easily test it?
>
> I'd like for this to become standard practice when new services are
> submitted for review.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Leo Famulari]

On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote:
> If so, what does Dropbear do? How does it get random numbers to generate
> the host key?

I looked into it — Dropbear uses /dev/urandom, which *may* not be safe
to use immediately after first boot.

What do you think about implementing the '-R' option, described below?

From dropbear(8) [0]:

"Host key files are read at  startup  from  a  standard  location,  by  default
/etc/dropbear/dropbear_dss_host_key,  /etc/dropbear/dropbear_rsa_host_key, and
/etc/dropbear/dropbear_ecdsa_host_key or specified on the commandline with -r.
These  are  of the form generated by dropbearkey. The -R option can be used to
automatically generate keys in the default location - keys will  be  generated
after  startup  when the first connection is established. This had the benefit
that the system /dev/urandom random number source has a better chance of being
securely seeded."

[0]
https://github.com/mkj/dropbear/blob/master/dropbear.8#L143

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Leo Famulari]

On Sat, Jul 09, 2016 at 06:41:25PM -0400, Leo Famulari wrote:
> On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote:
> > If so, what does Dropbear do? How does it get random numbers to generate
> > the host key?
> 
> I looked into it — Dropbear uses /dev/urandom, which *may* not be safe
> to use immediately after first boot.
> 
> What do you think about implementing the '-R' option, described below?

To clarify, I'm also asking what you think about making it the default
for the dropbear-service.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

Yep is probably better. I did think something dough when writing the
service. For some reason I thought that /etc was mounted readonly and
only writeable by the guix daemon - which is obviously not the case -
and that the vm virtual disk was readonly - which has a unionfs
overlay.

So I can't find a reason not to use the -R option (even if I'd feel
better now if I could =P) Thank you for pointing this out.

On Sun, Jul 10, 2016 at 12:43 AM, Leo Famulari <leo@famulari.name> wrote:
> On Sat, Jul 09, 2016 at 06:41:25PM -0400, Leo Famulari wrote:
>> On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote:
>> > If so, what does Dropbear do? How does it get random numbers to generate
>> > the host key?
>>
>> I looked into it — Dropbear uses /dev/urandom, which *may* not be safe
>> to use immediately after first boot.
>>
>> What do you think about implementing the '-R' option, described below?
>
> To clarify, I'm also asking what you think about making it the default
> for the dropbear-service.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

On the other hand a better solution might be to generate the key
outside the vm and copy it into the vm. This would also allow to
configure the key from within the operating-system config.

On Sun, Jul 10, 2016 at 1:03 AM, David Craven <david@craven.ch> wrote:
> Yep is probably better. I did think something dough when writing the
> service. For some reason I thought that /etc was mounted readonly and
> only writeable by the guix daemon - which is obviously not the case -
> and that the vm virtual disk was readonly - which has a unionfs
> overlay.
>
> So I can't find a reason not to use the -R option (even if I'd feel
> better now if I could =P) Thank you for pointing this out.
>
> On Sun, Jul 10, 2016 at 12:43 AM, Leo Famulari <leo@famulari.name> wrote:
>> On Sat, Jul 09, 2016 at 06:41:25PM -0400, Leo Famulari wrote:
>>> On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote:
>>> > If so, what does Dropbear do? How does it get random numbers to generate
>>> > the host key?
>>>
>>> I looked into it — Dropbear uses /dev/urandom, which *may* not be safe
>>> to use immediately after first boot.
>>>
>>> What do you think about implementing the '-R' option, described below?
>>
>> To clarify, I'm also asking what you think about making it the default
>> for the dropbear-service.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Ludovic Courtès]

Leo Famulari <leo@famulari.name> skribis:

> On Sat, Jul 09, 2016 at 06:41:25PM -0400, Leo Famulari wrote:
>> On Thu, Jul 07, 2016 at 01:25:17PM -0400, Leo Famulari wrote:
>> > If so, what does Dropbear do? How does it get random numbers to generate
>> > the host key?
>> 
>> I looked into it — Dropbear uses /dev/urandom, which *may* not be safe
>> to use immediately after first boot.
>> 
>> What do you think about implementing the '-R' option, described below?
>
> To clarify, I'm also asking what you think about making it the default
> for the dropbear-service.

That sounds like a good idea to me.

David, could you update the patch accordingly, with a comment explaining
this choice?

Thanks,
Ludo’.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

Ups, replied to Ludo by accident (damn you android gmail client :-).

Email 1:
Sry, had to study yesterday for my last batch of exams, I'll update it tonight.

Of course generating keys outside the vm and having them laying around
in the store is a bad idea. Even worse is hard coding them inside a
operating-system configuration file.

Email 2:
David Craven <david@craven.ch> skribis:

> Sry, had to study yesterday for my last batch of exams, I'll update it
> tonight.

No problem, take your time.  I was away from keyboard anyway.  :-)

> Of course generating keys outside the vm and having them laying around in
> the store is a bad idea. Even worse is hard coding them inside a
> operating-system configuration file.

Yup.

Ludo’.



I'm having trouble updating the dropbear-service. I rebased and now
nothing works anymore. So I tried the bare-bones example and that
gives the same error. Is it possible that it's related to the
`services: <shepherd-service> no longer has an 'imported-modules'
field` patch?

Here's the backtrace:

guix system vm bare-bones.tmpl
;;; note: source file /home/dvc/.guix/gnu/packages/linux.scm
;;;       newer than compiled
/home/dvc/.config/guix/latest/gnu/packages/linux.go
;;; note: source file /home/dvc/.guix/gnu/packages/xorg.scm
;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/xorg.go
;;; note: source file /home/dvc/.guix/gnu/packages/gl.scm
;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/gl.go
;;; note: source file /home/dvc/.guix/gnu/packages/gtk.scm
;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/gtk.go
;;; note: source file /home/dvc/.guix/gnu/packages/ssh.scm
;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/ssh.go
;;; note: source file /home/dvc/.guix/gnu/packages/xdisorg.scm
;;;       newer than compiled
/home/dvc/.config/guix/latest/gnu/packages/xdisorg.go
;;; note: source file /home/dvc/.guix/gnu/services/base.scm
;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/services/base.go
Backtrace:
In ice-9/boot-9.scm:
2864: 19 [resolve-interface (gnu system) #:select ...]
2789: 18 [#<procedure af1580 at ice-9/boot-9.scm:2777:4 (name
#:optional autoload version #:key ensure)> # ...]
3065: 17 [try-module-autoload (gnu system) #f]
2401: 16 [save-module-excursion #<procedure 1b50120 at
ice-9/boot-9.scm:3066:17 ()>]
3085: 15 [#<procedure 1b50120 at ice-9/boot-9.scm:3066:17 ()>]
In unknown file:
   ?: 14 [primitive-load-path "gnu/system" ...]
In gnu/system.scm:
  21: 13 [#<procedure 1927720 ()>]
In ice-9/boot-9.scm:
2951: 12 [define-module* (gnu system) #:filename ...]
2926: 11 [resolve-imports (((guix store)) ((guix monads)) ((guix gexp)) ...)]
2864: 10 [resolve-interface (gnu services base) #:select ...]
2789: 9 [#<procedure af1580 at ice-9/boot-9.scm:2777:4 (name
#:optional autoload version #:key ensure)> # ...]
3065: 8 [try-module-autoload (gnu services base) #f]
2401: 7 [save-module-excursion #<procedure 1c1c180 at
ice-9/boot-9.scm:3066:17 ()>]
3085: 6 [#<procedure 1c1c180 at ice-9/boot-9.scm:3066:17 ()>]
In unknown file:
   ?: 5 [primitive-load-path "gnu/services/base" ...]
In ice-9/eval.scm:
 453: 4 [eval # ()]
 387: 3 [eval # #]
 386: 2 [eval # #]
 393: 1 [eval # #]
In unknown file:
   ?: 0 [memoize-variable-access! # #]

ERROR: In procedure memoize-variable-access!:
ERROR: Unbound variable: with-imported-modules

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

It breaks for me with commit 4ee96a7, I guess an #:use-module or
something is missing, but with-imported-modules is defined in guix
gexp, so I have no idea why this is happening. Does this happen on
guixsd too or just on nixos?

On Wed, Jul 13, 2016 at 3:09 PM, David Craven <david@craven.ch> wrote:
> Ups, replied to Ludo by accident (damn you android gmail client :-).
>
> Email 1:
> Sry, had to study yesterday for my last batch of exams, I'll update it tonight.
>
> Of course generating keys outside the vm and having them laying around
> in the store is a bad idea. Even worse is hard coding them inside a
> operating-system configuration file.
>
> Email 2:
> David Craven <david@craven.ch> skribis:
>
>> Sry, had to study yesterday for my last batch of exams, I'll update it
>> tonight.
>
> No problem, take your time.  I was away from keyboard anyway.  :-)
>
>> Of course generating keys outside the vm and having them laying around in
>> the store is a bad idea. Even worse is hard coding them inside a
>> operating-system configuration file.
>
> Yup.
>
> Ludo’.
>
>
>
> I'm having trouble updating the dropbear-service. I rebased and now
> nothing works anymore. So I tried the bare-bones example and that
> gives the same error. Is it possible that it's related to the
> `services: <shepherd-service> no longer has an 'imported-modules'
> field` patch?
>
> Here's the backtrace:
>
> guix system vm bare-bones.tmpl
> ;;; note: source file /home/dvc/.guix/gnu/packages/linux.scm
> ;;;       newer than compiled
> /home/dvc/.config/guix/latest/gnu/packages/linux.go
> ;;; note: source file /home/dvc/.guix/gnu/packages/xorg.scm
> ;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/xorg.go
> ;;; note: source file /home/dvc/.guix/gnu/packages/gl.scm
> ;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/gl.go
> ;;; note: source file /home/dvc/.guix/gnu/packages/gtk.scm
> ;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/gtk.go
> ;;; note: source file /home/dvc/.guix/gnu/packages/ssh.scm
> ;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/packages/ssh.go
> ;;; note: source file /home/dvc/.guix/gnu/packages/xdisorg.scm
> ;;;       newer than compiled
> /home/dvc/.config/guix/latest/gnu/packages/xdisorg.go
> ;;; note: source file /home/dvc/.guix/gnu/services/base.scm
> ;;;       newer than compiled /home/dvc/.config/guix/latest/gnu/services/base.go
> Backtrace:
> In ice-9/boot-9.scm:
> 2864: 19 [resolve-interface (gnu system) #:select ...]
> 2789: 18 [#<procedure af1580 at ice-9/boot-9.scm:2777:4 (name
> #:optional autoload version #:key ensure)> # ...]
> 3065: 17 [try-module-autoload (gnu system) #f]
> 2401: 16 [save-module-excursion #<procedure 1b50120 at
> ice-9/boot-9.scm:3066:17 ()>]
> 3085: 15 [#<procedure 1b50120 at ice-9/boot-9.scm:3066:17 ()>]
> In unknown file:
>    ?: 14 [primitive-load-path "gnu/system" ...]
> In gnu/system.scm:
>   21: 13 [#<procedure 1927720 ()>]
> In ice-9/boot-9.scm:
> 2951: 12 [define-module* (gnu system) #:filename ...]
> 2926: 11 [resolve-imports (((guix store)) ((guix monads)) ((guix gexp)) ...)]
> 2864: 10 [resolve-interface (gnu services base) #:select ...]
> 2789: 9 [#<procedure af1580 at ice-9/boot-9.scm:2777:4 (name
> #:optional autoload version #:key ensure)> # ...]
> 3065: 8 [try-module-autoload (gnu services base) #f]
> 2401: 7 [save-module-excursion #<procedure 1c1c180 at
> ice-9/boot-9.scm:3066:17 ()>]
> 3085: 6 [#<procedure 1c1c180 at ice-9/boot-9.scm:3066:17 ()>]
> In unknown file:
>    ?: 5 [primitive-load-path "gnu/services/base" ...]
> In ice-9/eval.scm:
>  453: 4 [eval # ()]
>  387: 3 [eval # #]
>  386: 2 [eval # #]
>  393: 1 [eval # #]
> In unknown file:
>    ?: 0 [memoize-variable-access! # #]
>
> ERROR: In procedure memoize-variable-access!:
> ERROR: Unbound variable: with-imported-modules

[PATCH 0/2] Dropbear service take two.

[David Craven]

Changes from previous version:
* Service initialization is reduced to just creating the "/etc/dropbear"
directory.
* The initialize and host-key options are removed.
* The -R flag has been added to dropbear.

Example service file:
```scheme
(use-modules (gnu))
(use-service-modules base networking ssh)

(operating-system
  (host-name "test")
  (timezone "Europe/Zurich")
  (locale "en_US.UTF-8")

  (bootloader (grub-configuration (device "/dev/vda")))

  (file-systems (cons
    (file-system
      (device "/dev/vda1")
      (mount-point "/")
      (type "ext4"))
    %base-file-systems))

  (users (cons
    (user-account
      (name "test")
      (group "users")
      (supplementary-groups '("wheel"))
      (home-directory "/home/test")
      (password "sa5JEXtYx/rm6")) ;; password pass
    %base-user-accounts))

  (packages %base-packages)

  (services (cons*
    (dhcp-client-service)
    (dropbear-service
      #:port-number 22
      #:allow-empty-passwords? #t
      #:root-login? #t
      #:syslog-output? #t
      #:pid-file "/var/run/dropbear.pid"
      #:password-authentication? #t)
    (rngd-service)
    %base-services)))
```

Additional information:

This patch is needed, just adding -net user,hostfwd=tcp::10022-:22 at the end
didn't work for me.

```diff
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 676e89d..68aab5d 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -468,7 +468,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS."
            "")
      " -no-reboot -net nic,model=virtio \
   " #$@(map virtfs-option shared-fs) " \
-  -net user \
+  -net user,hostfwd=tcp::10022-:22 \
   -vga std \
   -drive file=" #$image
   ",if=virtio,cache=writeback,werror=report,readonly \
```

You can use this command to connect to dropbear:

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no test@localhost -p 10022

I'm currently having an issue with all guix operations after commit 4ee96a7 but I
tested it with previous commits. I'm assuming that the problem is related to nixos
and that it shouldn't affect people using guixsd.

David Craven (2):
  gnu: lsh: Move to (gnu packages ssh)
  services: Add 'dropbear-service'.

 doc/guix.texi        |  18 +++++-
 gnu/local.mk         |   1 -
 gnu/packages/lsh.scm | 159 ---------------------------------------------------
 gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
 gnu/services/ssh.scm |  83 +++++++++++++++++++++++++--
 5 files changed, 242 insertions(+), 177 deletions(-)
 delete mode 100644 gnu/packages/lsh.scm

--
2.9.0

[PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)

[David Craven]

* gnu/packages/lsh.scm: Remove.  Move 'lsh and liboop' to...
* gnu/packages/ssh.scm (liboop, lsh): ... here.  New variables.
* gnu/services/ssh.scm: Adjust accordingly.
* gnu/local.mk: Adjust accordingly.
---
 gnu/local.mk         |   1 -
 gnu/packages/lsh.scm | 159 ---------------------------------------------------
 gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
 gnu/services/ssh.scm |   2 +-
 4 files changed, 147 insertions(+), 173 deletions(-)
 delete mode 100644 gnu/packages/lsh.scm

diff --git a/gnu/local.mk b/gnu/local.mk
index d011844..71409b9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -215,7 +215,6 @@ GNU_SYSTEM_MODULES =				\
   %D%/packages/llvm.scm				\
   %D%/packages/lout.scm				\
   %D%/packages/logging.scm			\
-  %D%/packages/lsh.scm				\
   %D%/packages/lsof.scm				\
   %D%/packages/lua.scm				\
   %D%/packages/lxde.scm				\
diff --git a/gnu/packages/lsh.scm b/gnu/packages/lsh.scm
deleted file mode 100644
index 2ea1591..0000000
--- a/gnu/packages/lsh.scm
+++ /dev/null
@@ -1,159 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages lsh)
-  #:use-module ((guix licenses) #:prefix license:)
-  #:use-module (guix packages)
-  #:use-module (guix download)
-  #:use-module (guix build-system gnu)
-  #:use-module (gnu packages)
-  #:use-module (gnu packages m4)
-  #:use-module (gnu packages linux)
-  #:use-module (gnu packages nettle)
-  #:use-module (gnu packages compression)
-  #:use-module (gnu packages multiprecision)
-  #:use-module (gnu packages readline)
-  #:use-module (gnu packages gperf)
-  #:use-module (gnu packages guile)
-  #:use-module (gnu packages xorg))
-
-(define-public liboop
-  (package
-    (name "liboop")
-    (version "1.0")
-    (source
-     (origin
-      (method url-fetch)
-      (uri (string-append "http://download.ofb.net/liboop/liboop-"
-                          version ".tar.gz"))
-      (sha256
-       (base32
-        "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
-      (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
-    (build-system gnu-build-system)
-    (home-page "http://www.lysator.liu.se/liboop/")
-    (synopsis "Event loop library")
-    (description "Liboop is a low-level event loop management library for
-POSIX-based operating systems.  It supports the development of modular,
-multiplexed applications which may respond to events from several sources.  It
-replaces the \"select() loop\" and allows the registration of event handlers
-for file and network I/O, timers and signals.  Since processes use these
-mechanisms for almost all external communication, liboop can be used as the
-basis for almost any application.")
-    (license license:lgpl2.1+)))
-
-(define-public lsh
-  (package
-    (name "lsh")
-    (version "2.1")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "mirror://gnu/lsh/lsh-"
-                                  version ".tar.gz"))
-              (sha256
-               (base32
-                "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
-              (modules '((guix build utils)))
-              (snippet
-               '(begin
-                  (substitute* "src/testsuite/functions.sh"
-                    (("localhost")
-                     ;; Avoid host name lookups since they don't work in
-                     ;; chroot builds.
-                     "127.0.0.1")
-                    (("set -e")
-                     ;; Make tests more verbose.
-                     "set -e\nset -x"))
-
-                  (substitute* (find-files "src/testsuite" "-test$")
-                    (("localhost") "127.0.0.1"))
-
-                  (substitute* "src/testsuite/login-auth-test"
-                    (("/bin/cat") "cat"))))))
-    (build-system gnu-build-system)
-    (native-inputs
-     `(("m4" ,m4)
-       ("guile" ,guile-2.0)
-       ("gperf" ,gperf)
-       ("psmisc" ,psmisc)))                       ; for `killall'
-    (inputs
-     `(("nettle" ,nettle-2)
-       ("linux-pam" ,linux-pam)
-
-       ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
-       ;; Readline 6.3.
-       ("readline" ,readline-6.2)
-
-       ("liboop" ,liboop)
-       ("zlib" ,zlib)
-       ("gmp" ,gmp)
-
-       ;; The server (lshd) invokes xauth when X11 forwarding is requested.
-       ;; This adds 24 MiB (or 27%) to the closure of lsh.
-       ("xauth" ,xauth)))
-    (arguments
-     '(;; Skip the `configure' test that checks whether /dev/ptmx &
-       ;; co. work as expected, because it relies on impurities (for
-       ;; instance, /dev/pts may be unavailable in chroots.)
-       #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
-
-       ;; FIXME: Tests won't run in a chroot, presumably because
-       ;; /etc/profile is missing, and thus clients get an empty $PATH
-       ;; and nothing works.
-       #:tests? #f
-
-       #:phases
-       (modify-phases %standard-phases
-         (add-before 'configure 'pre-configure
-           (lambda* (#:key inputs #:allow-other-keys)
-             (let* ((nettle    (assoc-ref inputs "nettle"))
-                    (sexp-conv (string-append nettle "/bin/sexp-conv")))
-               ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
-               ;; by default.
-               (substitute* "src/environ.h.in"
-                 (("^#define PATH_SEXP_CONV.*")
-                  (string-append "#define PATH_SEXP_CONV \""
-                                 sexp-conv "\"\n")))
-
-               ;; Same for the 'lsh-authorize' script.
-               (substitute* "src/lsh-authorize"
-                 (("=sexp-conv")
-                  (string-append "=" sexp-conv)))
-
-               ;; Tell lshd where 'xauth' lives.  Another option would be to
-               ;; hardcode "/run/current-system/profile/bin/xauth", thereby
-               ;; reducing the closure size, but that wouldn't work on foreign
-               ;; distros.
-               (with-fluids ((%default-port-encoding "ISO-8859-1"))
-                 (substitute* "src/server_x11.c"
-                   (("define XAUTH_PROGRAM.*")
-                    (string-append "define XAUTH_PROGRAM \""
-                                   (assoc-ref inputs "xauth")
-                                   "/bin/xauth\"\n")))))
-
-             ;; Tests rely on $USER being set.
-             (setenv "USER" "guix"))))))
-    (home-page "http://www.lysator.liu.se/~nisse/lsh/")
-    (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
-    (description
-     "GNU lsh is a free implementation of the SSH version 2 protocol.  It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client.  It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
-    (license license:gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index c782d4d..71310ec 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -1,4 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
@@ -20,27 +21,34 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu packages ssh)
-  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages autotools)
+  #:use-module (gnu packages base)
+  #:autoload   (gnu packages boost) (boost)
   #:use-module (gnu packages compression)
+  #:use-module (gnu packages elf)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages gperf)
   #:use-module (gnu packages groff)
-  #:use-module (gnu packages elf)
   #:use-module (gnu packages guile)
-  #:use-module (gnu packages pkg-config)
-  #:use-module (gnu packages autotools)
-  #:use-module (gnu packages texinfo)
-  #:use-module (gnu packages perl)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages m4)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages ncurses)
+  #:use-module (gnu packages nettle)
+  #:use-module (gnu packages perl)
+  #:use-module (gnu packages pkg-config)
   #:autoload   (gnu packages protobuf) (protobuf)
-  #:autoload   (gnu packages boost) (boost)
-  #:use-module (gnu packages base)
+  #:use-module (gnu packages readline)
+  #:use-module (gnu packages texinfo)
   #:use-module (gnu packages tls)
-  #:use-module (gnu packages)
-  #:use-module (guix packages)
+  #:use-module (gnu packages xorg)
+  #:use-module (guix build-system cmake)
+  #:use-module (guix build-system gnu)
   #:use-module (guix download)
   #:use-module (guix git-download)
-  #:use-module (guix build-system gnu)
-  #:use-module (guix build-system cmake))
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages))
 
 (define-public libssh
   (package
@@ -355,3 +363,129 @@ client.  It runs on a variety of POSIX-based platforms.  Dropbear is
 particularly useful for embedded systems, such as wireless routers.")
     (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
     (license (license:x11-style "" "See file LICENSE."))))
+
+(define-public liboop
+  (package
+    (name "liboop")
+    (version "1.0")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (string-append "http://download.ofb.net/liboop/liboop-"
+                          version ".tar.gz"))
+      (sha256
+       (base32
+        "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
+      (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
+    (build-system gnu-build-system)
+    (home-page "http://www.lysator.liu.se/liboop/")
+    (synopsis "Event loop library")
+    (description "Liboop is a low-level event loop management library for
+POSIX-based operating systems.  It supports the development of modular,
+multiplexed applications which may respond to events from several sources.  It
+replaces the \"select() loop\" and allows the registration of event handlers
+for file and network I/O, timers and signals.  Since processes use these
+mechanisms for almost all external communication, liboop can be used as the
+basis for almost any application.")
+    (license license:lgpl2.1+)))
+
+(define-public lsh
+  (package
+    (name "lsh")
+    (version "2.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnu/lsh/lsh-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  (substitute* "src/testsuite/functions.sh"
+                    (("localhost")
+                     ;; Avoid host name lookups since they don't work in
+                     ;; chroot builds.
+                     "127.0.0.1")
+                    (("set -e")
+                     ;; Make tests more verbose.
+                     "set -e\nset -x"))
+
+                  (substitute* (find-files "src/testsuite" "-test$")
+                    (("localhost") "127.0.0.1"))
+
+                  (substitute* "src/testsuite/login-auth-test"
+                    (("/bin/cat") "cat"))))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("m4" ,m4)
+       ("guile" ,guile-2.0)
+       ("gperf" ,gperf)
+       ("psmisc" ,psmisc)))                       ; for `killall'
+    (inputs
+     `(("nettle" ,nettle-2)
+       ("linux-pam" ,linux-pam)
+
+       ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+       ;; Readline 6.3.
+       ("readline" ,readline-6.2)
+
+       ("liboop" ,liboop)
+       ("zlib" ,zlib)
+       ("gmp" ,gmp)
+
+       ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+       ;; This adds 24 MiB (or 27%) to the closure of lsh.
+       ("xauth" ,xauth)))
+    (arguments
+     '(;; Skip the `configure' test that checks whether /dev/ptmx &
+       ;; co. work as expected, because it relies on impurities (for
+       ;; instance, /dev/pts may be unavailable in chroots.)
+       #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
+
+       ;; FIXME: Tests won't run in a chroot, presumably because
+       ;; /etc/profile is missing, and thus clients get an empty $PATH
+       ;; and nothing works.
+       #:tests? #f
+
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'pre-configure
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let* ((nettle    (assoc-ref inputs "nettle"))
+                    (sexp-conv (string-append nettle "/bin/sexp-conv")))
+               ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
+               ;; by default.
+               (substitute* "src/environ.h.in"
+                 (("^#define PATH_SEXP_CONV.*")
+                  (string-append "#define PATH_SEXP_CONV \""
+                                 sexp-conv "\"\n")))
+
+               ;; Same for the 'lsh-authorize' script.
+               (substitute* "src/lsh-authorize"
+                 (("=sexp-conv")
+                  (string-append "=" sexp-conv)))
+
+               ;; Tell lshd where 'xauth' lives.  Another option would be to
+               ;; hardcode "/run/current-system/profile/bin/xauth", thereby
+               ;; reducing the closure size, but that wouldn't work on foreign
+               ;; distros.
+               (with-fluids ((%default-port-encoding "ISO-8859-1"))
+                 (substitute* "src/server_x11.c"
+                   (("define XAUTH_PROGRAM.*")
+                    (string-append "define XAUTH_PROGRAM \""
+                                   (assoc-ref inputs "xauth")
+                                   "/bin/xauth\"\n")))))
+
+             ;; Tests rely on $USER being set.
+             (setenv "USER" "guix"))))))
+    (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+    (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
+    (description
+     "GNU lsh is a free implementation of the SSH version 2 protocol.  It is
+used to create a secure line of communication between two computers,
+providing shell access to the server system from the client.  It provides
+both the server daemon and the client application, as well as tools for
+manipulating key files.")
+    (license license:gpl2+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 33e1951..1eb9382 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -22,7 +22,7 @@
   #:use-module (gnu services)
   #:use-module (gnu services shepherd)
   #:use-module (gnu system pam)
-  #:use-module (gnu packages lsh)
+  #:use-module (gnu packages ssh)
   #:use-module (srfi srfi-26)
   #:export (lsh-service))
 
-- 
2.9.0

[PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

* gnu/services/ssh.scm (dropbear-service, ...): New variables.
* doc/guix.texi: New node.
---
 doc/guix.texi        | 18 +++++++++++-
 gnu/services/ssh.scm | 83 +++++++++++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 96 insertions(+), 5 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 67ece1d..5c501bf 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7738,7 +7738,7 @@ In addition, @var{extra-settings} specifies a string to append to the
 configuration file.
 @end deffn
 
-Furthermore, @code{(gnu services ssh)} provides the following service.
+Furthermore, @code{(gnu services ssh)} provides the following services.
 
 @deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @
        [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @
@@ -7776,6 +7776,22 @@ root.
 The other options should be self-descriptive.
 @end deffn
 
+@deffn {Scheme Procedure} dropbear-service @
+       [#:port-number 22] [#:root-login? #f] @
+       [#:allow-empty-passwords? #f] @
+       [#:password-authentication? #t] @
+       [#:syslog-output? #t]
+Run the @command{dropbear} program from @var{dropbear} to listen on port @var{port-number}.
+
+By default dropbear logs its output to syslogd, unless @var{syslog-output?} is
+set to false. This also makes dropbear-service depend on existence of syslogd
+service.
+
+@var{allow-empty-passwords?} specifies whether to accept connections to accounts
+with empty passwords, and @var{root-login?} specifies whether to accept logging in
+with the root account.
+@end deffn
+
 @defvr {Scheme Variable} %facebook-host-aliases
 This variable contains a string for use in @file{/etc/hosts}
 (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}).  Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 1eb9382..bf7a5e2 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -17,14 +17,15 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu services ssh)
-  #:use-module (guix gexp)
-  #:use-module (guix records)
+  #:use-module (gnu packages ssh)
   #:use-module (gnu services)
   #:use-module (gnu services shepherd)
   #:use-module (gnu system pam)
-  #:use-module (gnu packages ssh)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
   #:use-module (srfi srfi-26)
-  #:export (lsh-service))
+  #:export (dropbear-service
+            lsh-service))
 
 ;;; Commentary:
 ;;;
@@ -235,4 +236,78 @@ The other options should be self-descriptive."
                                public-key-authentication?)
                               (initialize? initialize?))))
 
+;;;
+;;; Dropbear ssh server
+;;;
+
+(define-record-type* <dropbear-configuration>
+  dropbear-configuration make-dropbear-configuration
+  dropbear-configuration?
+  (dropbear dropbear-configuration-dropbear
+            (default dropbear))
+  (port-number dropbear-configuration-port-number)
+  (syslog-output? dropbear-configuration-syslog-output?)
+  (pid-file dropbear-configuration-pid-file)
+  (root-login? dropbear-configuration-root-login?)
+  (allow-empty-passwords? dropbear-configuration-allow-empty-passwords?)
+  (password-authentication? dropbear-configuration-password-authentication?))
+
+(define (dropbear-activation config)
+  "Return the activation gexp for CONFIG."
+  #~(begin
+      (mkdir-p "/etc/dropbear")))
+
+(define (dropbear-shepherd-service config)
+  "Return a <shepherd-service> for dropbear with CONFIG."
+  (define dropbear (dropbear-configuration-dropbear config))
+
+  (define dropbear-command
+    (append
+      (list
+        #~(string-append #$dropbear "/sbin/dropbear") "-F" "-R"
+        "-p" (number->string (dropbear-configuration-port-number config))
+        "-P" (dropbear-configuration-pid-file config))
+      (if (dropbear-configuration-syslog-output? config) '() '("-E"))
+      (if (dropbear-configuration-root-login? config) '() '("-w"))
+      (if (dropbear-configuration-password-authentication? config) '() '("-s" "-g"))
+      (if (dropbear-configuration-allow-empty-passwords? config) '("-B") '())))
+
+  (define requires
+    (if (dropbear-configuration-syslog-output? config)
+        '(networking syslogd) '(networking)))
+
+  (list (shepherd-service
+    (documentation "Dropbear ssh server")
+    (requirement requires)
+    (provision '(ssh-daemon))
+    (start #~(make-forkexec-constructor #$@dropbear-command))
+    (stop #~(make-kill-destructor)))))
+
+(define dropbear-service-type
+  (service-type (name 'dropbear)
+    (extensions
+      (list (service-extension shepherd-root-service-type
+                               dropbear-shepherd-service)
+            (service-extension activation-service-type
+                               dropbear-activation)))))
+
+(define* (dropbear-service #:key
+  (dropbear dropbear)
+  (port-number 22)
+  (allow-empty-passwords? #f)
+  (root-login? #f)
+  (syslog-output? #t)
+  (pid-file "/var/run/dropbear.pid")
+  (password-authentication? #t))
+  "Run the @command{dropbear} daemon from @var{dropbear} to start a ssh server."
+  (service dropbear-service-type
+    (dropbear-configuration
+      (dropbear dropbear)
+      (port-number port-number)
+      (allow-empty-passwords? allow-empty-passwords?)
+      (root-login? root-login?)
+      (syslog-output? syslog-output?)
+      (pid-file pid-file)
+      (password-authentication? password-authentication?))))
+
 ;;; ssh.scm ends here
-- 
2.9.0

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[David Craven]

Found the issue, I had to do a guix pull. Wow the amount of silly
mistakes I make is big. How many times have I debugged software while
looking at a wrong version of the source code... Thank you for bearing
all my emails...

Re: [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)

[Ludovic Courtès]

David Craven <david@craven.ch> skribis:

> * gnu/packages/lsh.scm: Remove.  Move 'lsh and liboop' to...
> * gnu/packages/ssh.scm (liboop, lsh): ... here.  New variables.
> * gnu/services/ssh.scm: Adjust accordingly.
> * gnu/local.mk: Adjust accordingly.

I adjusted gnu/services/base.scm and applied, thanks!

Ludo’.

Re: [PATCH 2/2] services: Add 'dropbear-service'.

[Ludovic Courtès]

David Craven <david@craven.ch> skribis:

> * gnu/services/ssh.scm (dropbear-service, ...): New variables.
> * doc/guix.texi: New node.

Applied with these modifications:

  • I exposed and documented ‘dropbear-configuration’ (we should do the
    same with ‘lsh-configuration’ eventually);

  • I used the #:pid-file option of ‘make-forkexec-constructor’;

  • Turned ‘dropbear-command’ into a gexp (instead of a list);

  • Fixed indentation of a few things;

  • Added a comment for “-R”.

  • Added a copyright line for you;

  • Added a full commit log.

Thanks!

Ludo’.