From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Nieuwenhuizen <janneke@gnu.org>
Subject: Re: Network with QEMU generated image (guix system vm)?
Date: Mon, 26 Sep 2016 19:30:08 +0200
Message-ID: <87h9928t7j.fsf@gnu.org>
References: <87pont13rh.fsf@we.make.ritual.n0.is> <87a8exaw96.fsf@gnu.org>
	<87vaxlrqbf.fsf@we.make.ritual.n0.is> <8760plaulz.fsf@gnu.org>
	<878tuh2e25.fsf@we.make.ritual.n0.is>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:48476)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <janneke@gnu.org>) id 1boZjc-0004Nb-2b
	for guix-devel@gnu.org; Mon, 26 Sep 2016 13:30:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <janneke@gnu.org>) id 1boZjX-0003wT-Jg
	for guix-devel@gnu.org; Mon, 26 Sep 2016 13:30:31 -0400
In-Reply-To: <878tuh2e25.fsf@we.make.ritual.n0.is> (ng0's message of "Sat, 24
	Sep 2016 21:17:06 +0000")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: ng0 <ngillmann@runbox.com>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain

ng0 writes:

> For a considerable long time and countless tries, that's why I'm asking
> about any way to do this as it just does not work. Just about anything
> which would work on GuixSD from a git checkout of guix.git is welcome.

Find attached my ssh/lsh-seed hack to allow unattended entry into a vm
and a minimal vm description.

Here's what I did

    19:18:45 janneke@dundal:~/src/guix 
    $ guix system vm os.scm
    /gnu/store/4rqrzxz8amzq7j599sfr2vsbwy01fx04-run-vm.sh -net user,hostfwd=tcp::2223-:2222&
    19:19:37 janneke@dundal:~/src/guix 
    $ ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:2223
    [wait]
    19:19:40 janneke@dundal:~/src/guix 
    $ ssh localhost -p 2223
    .. RET RET
    janneke@os ~$ GIT_SSL_NO_VERIFY=1 git clone https://gitlab.com/janneke/mes.git
    Cloning into 'mes'...
    remote: Counting objects: 969, done.        
    remote: Compressing objects: 100% (348/348), done.        
    remote: Total 969 (delta 654), reused 886 (delta 610)        
    Receiving objects: 100% (969/969), 316.35 KiB | 0 bytes/s, done.
    Resolving deltas: 100% (654/654), done.

What I don't understand: sometimes the clone works instantly, sometimes
I need to "wait a bit" until cloning or `ping gitlab.com' works.  It
seemed to be always immediately available when I added the mcron and
rottlog test services, which confuses me even more.  Might just be
coincidence.

Greetings,
Jan


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=0001-gnu-Add-lsh-seed-lsh-service-use-it.patch

>From 8c8687407057ca9caa123905f7ca2e3feeffa203 Mon Sep 17 00:00:00 2001
From: Jan Nieuwenhuizen <janneke@gnu.org>
Date: Thu, 8 Sep 2016 14:09:28 +0200
Subject: [PATCH] gnu: Add lsh-seed, lsh-service: use it.

---
 gnu/packages/ssh.scm | 26 ++++++++++++++++++++++++++
 gnu/services/ssh.scm |  7 +++++++
 2 files changed, 33 insertions(+)

diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b2612a4..5255848 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -517,3 +517,29 @@ manipulating key files.")
 authentication with SSH's so-called @dfn{interactive keyboard password
 authentication}.")
     (license license:gpl2+)))
+
+(use-modules (guix build-system trivial))
+(define-public lsh-seed
+  (package
+    (name "lsh-seed")
+    (version "0")
+    (source #f)
+    (build-system trivial-build-system)
+    (arguments
+     '(#:modules ((guix build utils))
+       #:builder
+       (begin
+         (use-modules (guix build utils))
+         (let* ((source (assoc-ref %build-inputs "source"))
+                (out (assoc-ref %outputs "out"))
+                (etc (string-append out "/etc"))
+                (seed (string-append etc "/lsh-seed")))
+           (mkdir-p etc)
+           (with-output-to-file seed
+             (lambda () (display "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")))
+           (chmod seed #o400)
+           #t))))
+    (home-page "http://localhost")
+    (synopsis "lsh-seed")
+    (description "lsh-seed")
+    (license license:gpl3+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 462988c..96ba3d7 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -68,6 +68,13 @@
 (define (lsh-initialization lsh host-key)
   "Return the gexp to initialize the LSH service for HOST-KEY."
   #~(begin
+
+      (unless (file-exists? #$%yarrow-seed)
+        (when (file-exists? #$lsh-seed)
+          (mkdir-p (dirname #$%yarrow-seed))
+          (copy-file (string-append #$lsh-seed "/etc/lsh-seed") #$%yarrow-seed)
+          (chmod #$%yarrow-seed #o400)))
+
       (unless (file-exists? #$%yarrow-seed)
         (system* (string-append #$lsh "/bin/lsh-make-seed")
                  "--sloppy" "-o" #$%yarrow-seed))
-- 
2.9.3


--=-=-=
Content-Type: application/octet-stream
Content-Disposition: attachment; filename=os.scm
Content-Transfer-Encoding: base64

KHVzZS1tb2R1bGVzIChnbnUpKQoodXNlLXNlcnZpY2UtbW9kdWxlcwogYWRtaW4KIGJhc2UKIG1j
cm9uCiBuZXR3b3JraW5nCiBzc2gpCgoodXNlLXBhY2thZ2UtbW9kdWxlcwogYWRtaW4KIHNzaAog
dmVyc2lvbi1jb250cm9sKQoKKGRlZmluZSAldXNlciAoZ2V0ZW52ICJVU0VSIikpCgooZGVmaW5l
IG9zCiAgKG9wZXJhdGluZy1zeXN0ZW0KICAgIChob3N0LW5hbWUgIm9zIikKICAgICh0aW1lem9u
ZSAiRXVyb3BlL0Ftc3RlcmRhbSIpCiAgICAobG9jYWxlICJlbl9VUy5VVEYtOCIpCgogICAgKGJv
b3Rsb2FkZXIKICAgICAoZ3J1Yi1jb25maWd1cmF0aW9uCiAgICAgIChkZXZpY2UgIi9kZXYvc2Rh
IikpKQogICAgCiAgICAoZmlsZS1zeXN0ZW1zCiAgICAgKGNvbnMqIChmaWxlLXN5c3RlbSAobW91
bnQtcG9pbnQgIi8iKQogICAgICAgICAgICAgICAgICAgICAgICAgKGRldmljZSAiL2Rldi9zZGEx
IikKICAgICAgICAgICAgICAgICAgICAgICAgICh0eXBlICJleHQ0IikpCiAgICAgICAgICAgICVi
YXNlLWZpbGUtc3lzdGVtcykpCiAgICAKICAgIChncm91cHMKICAgICAoY29ucyogKHVzZXItZ3Jv
dXAgKG5hbWUgJXVzZXIpKQogICAgICAgICAgJWJhc2UtZ3JvdXBzKSkKICAgIAogICAgKHVzZXJz
CiAgICAgKGNvbnMqICh1c2VyLWFjY291bnQgKG5hbWUgJXVzZXIpCiAgICAgICAgICAgICAgICAg
ICAgICAgICAgKGdyb3VwICV1c2VyKQogICAgICAgICAgICAgICAgICAgICAgICAgIChwYXNzd29y
ZCAoY3J5cHQgIiIgInh4IikpCiAgICAgICAgICAgICAgICAgICAgICAgICAgKHVpZCAxMDAwKQog
ICAgICAgICAgICAgICAgICAgICAgICAgIChzdXBwbGVtZW50YXJ5LWdyb3VwcyAnKCJ3aGVlbCIp
KQogICAgICAgICAgICAgICAgICAgICAgICAgIChob21lLWRpcmVjdG9yeSAoc3RyaW5nLWFwcGVu
ZCAiL2hvbWUvIiAldXNlcikpKQogICAgICAgICAgICAlYmFzZS11c2VyLWFjY291bnRzKSkKCiAg
ICAocGFja2FnZXMKICAgICAoY29ucyoKICAgICAgZ2l0CiAgICAgIG9wZW5zc2gKICAgICAgJWJh
c2UtcGFja2FnZXMpKQoKICAgIChzZXJ2aWNlcwogICAgIChjb25zKgogICAgICAoZGhjcC1jbGll
bnQtc2VydmljZSkKICAgICAgKGxzaC1zZXJ2aWNlICM6cG9ydC1udW1iZXIgMjIyMgogICAgICAg
ICAgICAgICAgICAgIzphbGxvdy1lbXB0eS1wYXNzd29yZHM/ICN0CiAgICAgICAgICAgICAgICAg
ICAjOnJvb3QtbG9naW4/ICN0KQogICAgICAlYmFzZS1zZXJ2aWNlcwogICAgICApKSkpCm9zCg==
--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable



--=20
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar=C2=AE  http://AvatarAcademy.nl=
=20=20

--=-=-=--