> I finally migrated my home configuration to guix home. However, it
> seems guix home creates all symlinks with 777 permissions. This causes
> problems with openssh as it will not recognize my
> ~/.ssh/authorized_keys. It seems the directories have reasonable
> permissions (maybe because they already existed?), but it seems like
> someone could in theory edit the symlinks in-place (though I wasn't
> able to figure that out).
Instead of using symllinks for ~/.ssh/authorized_keys, you could try to
write a home-activation-service, which
1. creates ~/.ssh with chmod 700
1a. if it already existed, enforces chmod 700 anyways
2. creates authorized_keys with chmod 600 if it doesn't exist
3. writes the authorized keys.I'll try that soon (next 1-3 days), and hopefully then we can close this issue.