From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id cPovH6aiR2NUxAAAbAwnHQ (envelope-from ) for ; Thu, 13 Oct 2022 07:31:18 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id SBZqHqaiR2Pw9wAAG6o9tA (envelope-from ) for ; Thu, 13 Oct 2022 07:31:18 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 495761CBBC for ; Thu, 13 Oct 2022 07:31:18 +0200 (CEST) Received: from localhost ([::1]:52646 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oiqoJ-0002Fn-Ms for larch@yhetil.org; Thu, 13 Oct 2022 01:31:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46102) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oiqnh-0002CS-GQ for help-guix@gnu.org; Thu, 13 Oct 2022 01:30:39 -0400 Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136]:35709) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oiqnf-0002vs-Ob for help-guix@gnu.org; Thu, 13 Oct 2022 01:30:33 -0400 Received: by mail-lf1-x136.google.com with SMTP id r14so877990lfm.2 for ; Wed, 12 Oct 2022 22:30:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=oDOjjR1oDiFqdYUFHS9S57ib1Glu7SrdksvFKp0zpcw=; b=fkM/rsIusDNSUKW+9hmKLUkOBKsTqVb8rilu5XGflb5x3mqxc8u1Wqnw5AuObqzrEu BAg6/zHAYIpeRKo5RSUkeMG7uwfuIrY3TyH93kJntNiTJHEx4LsbNEim9mv9VpNAbhtk g7HI9QwV0itI5CExFgMo1ZNk3sGzYnOG0gL4ONiKLLFQH78YVJQ49hNqISAnVAZZJBCI pXk7aHOunLV/66g4gtent5xKzep3eJaQNaVFp+CIitoKxjmyek9L3BW6jaMSkK5/iAQx 3HoAquLg71zK8iDmLFJUy9DQEzMR86ELByGQqrZfVlG46mHZu4KKaYmSOAqWZ2uptf3/ 1UAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=oDOjjR1oDiFqdYUFHS9S57ib1Glu7SrdksvFKp0zpcw=; b=6R4apg0ctAoYsDl30qyrCeulqTVIcuSC3+eAQukFWJ6CfCFCIV4+y6IGyixbMJKxnM G71WHeFvocXzbV9zxD3ri6yXSNJzC5Q0gyBwshqen0M4IuMCSvfHaMYygzwX/rq3v0l6 tzVSq/Jve25w/MW8Iktc11mYCufX7dQAvYXLABFg+hzjIV20mvIw+EHDTvg54bv04Gpk H7c8b1vZKr4tIOr03PK3vIEqhVuJ6U2qQz2BppW5V/2WoIj+9lUER3h/t876QMQam2Yh 5ojtUa+uOPPLY08oIFt78T4S07JCJw578NouMfOUjHHOmJxWCyhgxc4/Mg10ulC8CHGE RIOw== X-Gm-Message-State: ACrzQf25+SowMZdgoo8BGHR4EYwYvpBRRS1uCiRhtgZYjgmw8e1DLKLT 2hKBKN6ZZJFCkWa94TfMigY= X-Google-Smtp-Source: AMsMyM6Isl+02hkvBW9judXbKm18HbB0UK4foWNK6aPmz83c2lL7zEvott1Y15tApst9t75PUgJ/Ww== X-Received: by 2002:a05:6512:2207:b0:4a2:6b5d:8afc with SMTP id h7-20020a056512220700b004a26b5d8afcmr10555793lfu.261.1665639029448; Wed, 12 Oct 2022 22:30:29 -0700 (PDT) Received: from localhost ([88.201.161.72]) by smtp.gmail.com with ESMTPSA id r17-20020ac25f91000000b00493014c3d7csm239638lfe.309.2022.10.12.22.30.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Oct 2022 22:30:28 -0700 (PDT) From: Oleg Pykhalov To: dabbede@gmail.com Cc: help-guix@gnu.org Subject: Re: Connection refused to Guix-hosted SSH References: Date: Thu, 13 Oct 2022 08:30:27 +0300 In-Reply-To: (dabbede@gmail.com's message of "Wed, 12 Oct 2022 22:22:11 +0200") Message-ID: <87mta0xpcc.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=2a00:1450:4864:20::136; envelope-from=go.wigust@gmail.com; helo=mail-lf1-x136.google.com X-Spam_score_int: -10 X-Spam_score: -1.1 X-Spam_bar: - X-Spam_report: (-1.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1665639078; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=oDOjjR1oDiFqdYUFHS9S57ib1Glu7SrdksvFKp0zpcw=; b=Qwjktu7Ki3LssPDNy2+5Vxv5gzXF9KDudL+vIejLs9r0q5CPRix5Fv5HVl5VEOhUj1kQmR ZJ2YituRn0t7InigMWdLbespfbY0j3yhnM1p0AZiNeZc8gr0ez0hURRa9lPyfoXIXsefhN S429YXaqPxMAOlr035Q31G7utsrohMgv0m1KTLEtUnLQowq9NH5TFPzK8SqAxQIrF93Puu 0jvSd+i2j6HlzJXTVlX7vcaWPn6CQlc91TeaHD0kYcIbjL5JaTDg4mqB3tiGYFKyYak6ZV ZzYqWbvWFc0RmoFQXXfdt66nKykh1mamSFodv6XerfKxSNynrglIqfsgKZS0hQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1665639078; a=rsa-sha256; cv=none; b=gyqinulJsXwoFtEttZBkZhgSkayL2uaV8W7WZLChzC2dcvxw6mwjFgc5ntTrirlkFywrzB GWtb90zbfZNgCTLPRmMxpoE/pcpqsY1OUSL/bOpRuey1p+QLR6Q+GVVMEzQ5wCsoDGGKo9 UhI2w40qgn8PfEqGoQfEFSHAD0gdyMLqQgduFdCRdF+HHE5PDvQjbi+2GLvH0veMjRW9i5 A2UDlU+HQU1rNg5y5NGWnh4l9vwa2QXV5zXcq1BFLokF66okcLnuLH9BO51byHOzHEVdC+ L+XmMEWBy0qqIBtr2YVcYxwxdQfrBVZuO89220fn75fyDpF3ik8q4xzbDEf5yA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="fkM/rsIu"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -9.60 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="fkM/rsIu"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 495761CBBC X-Spam-Score: -9.60 X-Migadu-Scanner: scn0.migadu.com X-TUID: /8v3fb43C1d9 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, "dabbede@gmail.com" writes: [=E2=80=A6] > (users (cons* (user-account > (name "pcp") > (comment "Pcp Developer") > (group "users") > (home-directory "/home/pcp") > (supplementary-groups > '("wheel" "netdev" "audio" "video"))) > %base-user-accounts)) > (services > (append > (list (service static-networking-service-type > (list (static-networking > (addresses (list (network-address (device > "eno1") (value "10.168.214.102/24"))))))) > (service openssh-service-type > (openssh-configuration > (permit-root-login #t) > (password-authentication? #t) > (public-key-authentication? #t) > (authorized-keys > `(("root" ,(local-file "root.pub")) > ("pcp" ,(local-file "pcp.pub"))))))) > %base-services)) [=E2=80=A6] > From another machine I can correctly ping this system at the static > address, but I can't login with private credentials. Actually, I can't > connect even with password, because every time my client ends with > "Network error: Software caused connection abort". Is another machine in the same network 10.168.214.102/24? A default gateway should be specified if not. (static-networking (routes (list (network-route (destination "default") (gateway "???")))) ...) > Within guix, if I run "ssh pcp@localhost" I receive a "Connection > reset by 127.0.0.1 port 22" (I don't know if it is supposed to work on > localhost). It is supposed. What does =E2=80=98sudo herd status=E2=80=99 show? > I've also tried to manaully add the pub keys in ".ssh/authorized_keys" > for both users, with no luck. What am I missing?! By default on Guix system that should work as well as specifing keys in the system configuration file. Make sure that .ssh directory has 0700 permissions, which is required by SSH daemon. Oleg. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAmNHonMUHGdvLndpZ3Vz dEBnbWFpbC5jb20ACgkQFn+OpQAa+pxheA//eT6ho1wxReDv3EEqudtPuIlhvYcs SCpUrvW/G0MGzZGDjJjvlr+pV+0rFYZSL0/AP9VcvCWrmH/yaVgPVewFrA02sNQI OQlJbLyLKa3N7wmcnD1V/jhxrgjBMgBJEPry5t2laSgFBnnEkZNfLTRYw78X/q4F v+kcgnhrawX7y+lH9UmjH/vjFuJ9Aa/JGVJo/I0Hc10y5tdMjxiQIBSTpzq9z73W N1Tj0/4Ys5P3yRc5UyJo1S771v2M+QOPi+JMc1uwQ/5IhAp8xPtGmqwEdQaL0HXx XSkvzBkx8B5yyhqN8scH1imXjWQ2KKmENZykjxrUAO4J+GTkNVeOicPzu5YkRyhM JootBfJ65n66aDh6pqfw3k1qxbs8EFxP0J453xx7KkTDXCShnSMfLdtO986iJnCn TZ6ZNC+a0LmUi/gZEXAD6CQvjjWpCnTjryzMk+9XqVsmMusMxZKcFsgoWpiLZE94 /VYCFK6dF5qVrFbzhaPTZ/vcJXUjnZoLLv3t51hdxbzKlr/5qBZxZ1bBSC7seC6K iefUbFqBYW1+omicGesaaEKGgC72typUv1pgzK6TzLVWty7gPW+IKrYmbgt1OOQn X8++ciRuEMHDjxD4C32qV37XxVLqAc0f5giYVyNNmvPVKj1sB/AFt+BblYt37RmP i8g+hPtkrghTRo0= =xonH -----END PGP SIGNATURE----- --=-=-=--