From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chris Marusich Subject: Re: openssh pubkeys as part of system config Date: Fri, 17 Mar 2017 01:02:11 -0700 Message-ID: <8760j8babg.fsf@gmail.com> References: <20170316095102.iayousse4pcoajkv@abyayala> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:54735) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1comq5-0004Ar-I0 for guix-devel@gnu.org; Fri, 17 Mar 2017 04:02:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1comq2-0003IT-G6 for guix-devel@gnu.org; Fri, 17 Mar 2017 04:02:21 -0400 Received: from mail-pf0-x22c.google.com ([2607:f8b0:400e:c00::22c]:34169) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1comq2-0003HQ-A2 for guix-devel@gnu.org; Fri, 17 Mar 2017 04:02:18 -0400 Received: by mail-pf0-x22c.google.com with SMTP id p189so13187933pfp.1 for ; Fri, 17 Mar 2017 01:02:17 -0700 (PDT) Received: from garuda (c-24-18-189-215.hsd1.wa.comcast.net. [24.18.189.215]) by smtp.gmail.com with ESMTPSA id h9sm14819375pfd.103.2017.03.17.01.02.14 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 17 Mar 2017 01:02:15 -0700 (PDT) In-Reply-To: <20170316095102.iayousse4pcoajkv@abyayala> (ng0's message of "Thu, 16 Mar 2017 09:51:02 +0000") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable ng0 writes: > Hi, > > I will soon start to assemble an GuixSD system image for IN-Berlin > virtual servers. > I know bayfront uses a module which defines lsh pubkeys for user 'root' > (?) and makes them part of the system generation. > > For IN-Berlin (and probably other hosters) it would help if there was a > way to define openssh pubkeys in the system config. > I know I could just generate an image, make it writable and put my key > into /root/.ssh/authorized_keys, but it would be better if this would be > possible to define directly. > > Has someone looked into this before? I only know of this discussion: https://lists.gnu.org/archive/html/help-guix/2016-11/msg00075.html Try searching for the words "authorized" and "key". The link to IRC at the very bottom might be helpful. =2D-=20 Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAljLmAMACgkQ3UCaFdgi Rp0K7A/+OpP5GAZYwH/BReizjbi+rNMT2N+btRxTTa5fOjL5eYX5fnLDSVKo4Wvd FihYQxzeR9SNizKM/mTuVXBzlHVgK8i8EoG71i037VQcbR+XhMZD4C8IN0RvDfh4 KSFArozR4VFZS9GNx4iMxfW8WrYo1MGGApsFmn0fYN6VAECrhz3+VjfZM5Z2Acve eGbzSJqdVd7nYu43pPltMwxho2r/Cqgu6L9iAwAR9/7XZJyP1c6KwsB5Irqf7jaq xUWH93gsNSQuOubVz3IflTOsRYbYt5TDM6eXDqz7tT9Hqt49xV4hjG82pmyZEy1r jK7wF5anc2o9eqsCWahS2GEZZWcBbZQrP5rlxQ/n+qsi3Oey2CXI7vTxWJDlBVwn 4MLo+gzk29/Cnfdp6XY1WruD8YpX8R2psWoALNL7ipEYdbot+7lL0ng70veqbj7J Y/aP5tXQuwmplUxpl4BojAKDlcH4/TzdNyVXXy2wfkV19TjIOKzBSwsa3yey7AnC vJXR5h0+f62DFlTHMw2K15dltB68qzXk9HUEl6+Vn9SrR0BAcu13PjgF0m8DOC2x PYw9wqxHM5lDtczTiZdEc08q45870wfZYxeq+5C7ylOAvI+C156wKEM4Q3T+pXU4 jAYIhncOrW+8kl5vPrPla3t9LHR1AEfBmiTev7xDx5feCwnbLto= =nLuQ -----END PGP SIGNATURE----- --=-=-=--