summaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2022-03-10 22:33:58 +0100
committerLudovic Courtès <ludo@gnu.org>2022-03-10 23:46:50 +0100
commit0691ab67797ff94daf73bc816a46ae507775d0e2 (patch)
treeba2db3503bef38fa5c5e5067d5e8d18ad267cff7 /gnu/services
parent5e34e873af088ef9aa417290bcddf5b095501614 (diff)
services: openssh: Add 'generate-host-keys?' field.
* gnu/services/ssh.scm (<openssh-configuration>)[generate-host-keys?]: New field. (openssh-activation): Honor it. * doc/guix.texi (Networking Services): Document it.
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/ssh.scm13
1 files changed, 9 insertions, 4 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 97f74a00f7..433a0e8f91 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014-2019, 2022 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
@@ -352,6 +352,10 @@ The other options should be self-descriptive."
(default '()))
;; Boolean
+ (generate-host-keys? openssh-configuration-generate-host-keys?
+ (default #t))
+
+ ;; Boolean
;; XXX: This should really be handled in an orthogonal way, for instance as
;; proposed in <https://bugs.gnu.org/27155>. Keep it internal/undocumented
;; for now.
@@ -402,9 +406,10 @@ The other options should be self-descriptive."
(unless (file-exists? lastlog)
(touch lastlog))))
- ;; Generate missing host keys.
- (system* (string-append #$(openssh-configuration-openssh config)
- "/bin/ssh-keygen") "-A"))))
+ (when #$(openssh-configuration-generate-host-keys? config)
+ ;; Generate missing host keys.
+ (system* (string-append #$(openssh-configuration-openssh config)
+ "/bin/ssh-keygen") "-A")))))
(define (authorized-key-directory keys)
"Return a directory containing the authorized keys specified in KEYS, a list