diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2020-12-07 12:34:26 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2020-12-07 12:48:26 +0100 |
| commit | aecd2a13cbd8301d0fdeafcacbf69e12cc3f6138 (patch) | |
| tree | cc3a867cf3a9af91e15810fb3663f145acfed35f /gnu/installer | |
| parent | 859b362f81598830d7ff276b96a8724aee3c4db7 (diff) | |
services: openssh: Warn about 'password-authentication?' default.
Fixes <https://bugs.gnu.org/44808>.
Reported by Christopher Lemmer Webber <cwebber@dustycloud.org>.
* gnu/services/ssh.scm (true-but-soon-false): New procedure.
(<openssh-configuration>)[password-authentication?]: Change default to
'true-but-soon-false'.
* gnu/installer/services.scm (%system-services): Explicitly set
'password-authentication?' to #f.
Diffstat (limited to 'gnu/installer')
| -rw-r--r-- | gnu/installer/services.scm | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/gnu/installer/services.scm b/gnu/installer/services.scm index ec5ea30594..14a3bb9be6 100644 --- a/gnu/installer/services.scm +++ b/gnu/installer/services.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Mathieu Othacehe <m.othacehe@gmail.com> -;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2019, 2020 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> ;;; ;;; This file is part of GNU Guix. @@ -93,7 +93,11 @@ (system-service (name (G_ "OpenSSH secure shell daemon (sshd)")) (type 'networking) - (snippet '((service openssh-service-type)))) + (snippet '((service openssh-service-type + (openssh-configuration + ;; Currently the default is #t but it's considered + ;; unsafe. Explicitly pass #f. + (password-authentication? #f)))))) (system-service (name (G_ "Tor anonymous network router")) (type 'networking) |