| Message ID | 20160713161312.20282-1-david@craven.ch |
|---|---|
| State | New |
| Headers |
Received: (qmail 24714 invoked by uid 89); 13 Jul 2016 16:14:00 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.99.1 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.2 required=5.0 tests=BAYES_00, RP_MATCHES_RCVD, SPF_PASS autolearn=ham version=3.3.2 spammy=wheel, H*RU:mxa.mailgun.org, Hx-spam-relays-external:mxa.mailgun.org, H*r:mxa.mailgun.org X-Spam-Status: No, score=-3.2 required=5.0 tests=BAYES_00, RP_MATCHES_RCVD, SPF_PASS autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: lists.gnu.org Received: from lists.gnu.org (HELO lists.gnu.org) (208.118.235.17) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA encrypted) ESMTPS; Wed, 13 Jul 2016 16:13:50 +0000 Received: from localhost ([::1]:48814 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <guix-devel-bounces+patchwork=sourceware.org@gnu.org>) id 1bNMnD-0000NV-Vk for patchwork@sourceware.org; Wed, 13 Jul 2016 12:13:48 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52418) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <bounce+4c6c88.01b20-guix-devel=gnu.org@craven.ch>) id 1bNMn0-0000F6-1e for guix-devel@gnu.org; Wed, 13 Jul 2016 12:13:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <bounce+4c6c88.01b20-guix-devel=gnu.org@craven.ch>) id 1bNMmu-0003UC-3E for guix-devel@gnu.org; Wed, 13 Jul 2016 12:13:32 -0400 Received: from so254-10.mailgun.net ([198.61.254.10]:39202) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <bounce+4c6c88.01b20-guix-devel=gnu.org@craven.ch>) id 1bNMms-0003TZ-S9 for guix-devel@gnu.org; Wed, 13 Jul 2016 12:13:28 -0400 DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=craven.ch; q=dns/txt; s=mx; t=1468426405; h=Message-Id: Date: Subject: Cc: To: From: Sender; bh=iBQzTwc/67YsB5irNV4q8iYmERA77BzdseSzq+O84/o=; b=rVgt/nYcJki48NuDt/4M/Bq70c8yAZt0ZARffYl1bTIdjV/Mj1F/1yGPPoJn8qobY68eTBIP MFx8wTFnlnjEP56itwqdXujI1sD5qDOoiRN3ZtJr+eruMIJ+nS6Oj7DdlIc/aNSRE7uMftNs XmytCnfhaW7xPzzuWu0PL4/Qcuk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=craven.ch; s=mx; q=dns; h=Sender: From: To: Cc: Subject: Date: Message-Id; b=RfJYBRHRLutbrR6e30dA9NKJyt7Bx8XvGuy0K3jJP8z7eF97Ux9SOpLVLRoVQnQNRZHj2B C85sAOMXk6n2dexGKJCyaj0sHqPVAYRkkK4zfTWZdE2P6EefTPpfEYMHy+PYzPjtbxKaAxw+ W/6Zz31hesliAqYhr7UjYlDp1fFbg= X-Mailgun-Sid: WyIxMzZlMCIsICJndWl4LWRldmVsQGdudS5vcmciLCAiMDFiMjAiXQ== Received: from xps.craven.ch (pub151248148210.dh-hfc.datazug.ch [151.248.148.210]) by mxa.mailgun.org with ESMTP id 578668a3.7fb1400752d0-in2; Wed, 13 Jul 2016 16:13:23 -0000 (UTC) From: David Craven <david@craven.ch> To: guix-devel@gnu.org Subject: [PATCH 0/2] Dropbear service take two. Date: Wed, 13 Jul 2016 18:13:10 +0200 Message-Id: <20160713161312.20282-1-david@craven.ch> X-Mailer: git-send-email 2.9.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 198.61.254.10 X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." <guix-devel.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>, <mailto:guix-devel-request@gnu.org?subject=unsubscribe> List-Archive: <http://lists.gnu.org/archive/html/guix-devel/> List-Post: <mailto:guix-devel@gnu.org> List-Help: <mailto:guix-devel-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>, <mailto:guix-devel-request@gnu.org?subject=subscribe> Cc: David Craven <david@craven.ch> Errors-To: guix-devel-bounces+patchwork=sourceware.org@gnu.org Sender: "Guix-devel" <guix-devel-bounces+patchwork=sourceware.org@gnu.org> |
Commit Message
David Craven
July 13, 2016, 4:13 p.m. UTC
Changes from previous version:
* Service initialization is reduced to just creating the "/etc/dropbear"
directory.
* The initialize and host-key options are removed.
* The -R flag has been added to dropbear.
Example service file:
```scheme
(use-modules (gnu))
(use-service-modules base networking ssh)
(operating-system
(host-name "test")
(timezone "Europe/Zurich")
(locale "en_US.UTF-8")
(bootloader (grub-configuration (device "/dev/vda")))
(file-systems (cons
(file-system
(device "/dev/vda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons
(user-account
(name "test")
(group "users")
(supplementary-groups '("wheel"))
(home-directory "/home/test")
(password "sa5JEXtYx/rm6")) ;; password pass
%base-user-accounts))
(packages %base-packages)
(services (cons*
(dhcp-client-service)
(dropbear-service
#:port-number 22
#:allow-empty-passwords? #t
#:root-login? #t
#:syslog-output? #t
#:pid-file "/var/run/dropbear.pid"
#:password-authentication? #t)
(rngd-service)
%base-services)))
```
Additional information:
This patch is needed, just adding -net user,hostfwd=tcp::10022-:22 at the end
didn't work for me.
```diff
```
You can use this command to connect to dropbear:
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no test@localhost -p 10022
I'm currently having an issue with all guix operations after commit 4ee96a7 but I
tested it with previous commits. I'm assuming that the problem is related to nixos
and that it shouldn't affect people using guixsd.
David Craven (2):
gnu: lsh: Move to (gnu packages ssh)
services: Add 'dropbear-service'.
doc/guix.texi | 18 +++++-
gnu/local.mk | 1 -
gnu/packages/lsh.scm | 159 ---------------------------------------------------
gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
gnu/services/ssh.scm | 83 +++++++++++++++++++++++++--
5 files changed, 242 insertions(+), 177 deletions(-)
delete mode 100644 gnu/packages/lsh.scm
--
2.9.0
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 676e89d..68aab5d 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -468,7 +468,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS." "") " -no-reboot -net nic,model=virtio \ " #$@(map virtfs-option shared-fs) " \ - -net user \ + -net user,hostfwd=tcp::10022-:22 \ -vga std \ -drive file=" #$image ",if=virtio,cache=writeback,werror=report,readonly \