diff options
author | Ludovic Courtès <ludo@gnu.org> | 2022-03-10 22:33:58 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2022-03-10 23:46:50 +0100 |
commit | 0691ab67797ff94daf73bc816a46ae507775d0e2 (patch) | |
tree | ba2db3503bef38fa5c5e5067d5e8d18ad267cff7 /gnu/services | |
parent | 5e34e873af088ef9aa417290bcddf5b095501614 (diff) |
services: openssh: Add 'generate-host-keys?' field.
* gnu/services/ssh.scm (<openssh-configuration>)[generate-host-keys?]:
New field.
(openssh-activation): Honor it.
* doc/guix.texi (Networking Services): Document it.
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/ssh.scm | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 97f74a00f7..433a0e8f91 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014-2019, 2022 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016 David Craven <david@craven.ch> ;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> @@ -352,6 +352,10 @@ The other options should be self-descriptive." (default '())) ;; Boolean + (generate-host-keys? openssh-configuration-generate-host-keys? + (default #t)) + + ;; Boolean ;; XXX: This should really be handled in an orthogonal way, for instance as ;; proposed in <https://bugs.gnu.org/27155>. Keep it internal/undocumented ;; for now. @@ -402,9 +406,10 @@ The other options should be self-descriptive." (unless (file-exists? lastlog) (touch lastlog)))) - ;; Generate missing host keys. - (system* (string-append #$(openssh-configuration-openssh config) - "/bin/ssh-keygen") "-A")))) + (when #$(openssh-configuration-generate-host-keys? config) + ;; Generate missing host keys. + (system* (string-append #$(openssh-configuration-openssh config) + "/bin/ssh-keygen") "-A"))))) (define (authorized-key-directory keys) "Return a directory containing the authorized keys specified in KEYS, a list |