[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Avoiding the need to set user passwords for 'guix system vm-image'
From: |
Leo Famulari |
Subject: |
Re: Avoiding the need to set user passwords for 'guix system vm-image' |
Date: |
Thu, 1 Feb 2018 15:23:14 -0500 |
User-agent: |
Mutt/1.9.2 (2017-12-15) |
On Wed, Jan 31, 2018 at 08:41:44PM -0500, George myglc2 Clemmer wrote:
> How do I avoid the need to set user passwords for vm-images created with
> 'guix system vm-image'?
It's possible to put the encrypted user passwords in the GuixSD configuration
file:
"password (default: #f)
You would normally leave this field to #f, initialize user passwords
as root with the passwd command, and then let users change it with
passwd. Passwords set with passwd are of course preserved across
reboot and reconfiguration.
If you do want to have a preset password for an account, then this
field must contain the encrypted password, as a string. See crypt in
The GNU C Library Reference Manual, for more information on password
encryption, and Encryption in GNU Guile Reference Manual, for
information on Guileās crypt procedure."
https://www.gnu.org/software/guix/manual/html_node/User-Accounts.html#User-Accounts
> Is there a way to pre-populate user accounts with public keys?
And, at least with the OpenSSH service, to include the public keys:
(service openssh-service-type
(openssh-configuration
(x11-forwarding? #t)
(permit-root-login 'without-password)
(authorized-keys
`(("alice" ,(local-file "alice.pub"))
("bob" ,(local-file "bob.pub"))))))
I haven't tried it, but I think it should be possible to pass the public
key as a string instead of using local-file if necessary.
https://www.gnu.org/software/guix/manual/html_node/Networking-Services.html#index-openssh_002dservice_002dtype
> A sample config sure would be appreciated ;-)
Sorry, I've never tried either of these things before :)
signature.asc
Description: PGP signature
- Re: Avoiding the need to set user passwords for 'guix system vm-image',
Leo Famulari <=