help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Avoiding the need to set user passwords for 'guix system vm-image'


From: myglc2
Subject: Re: Avoiding the need to set user passwords for 'guix system vm-image'
Date: Fri, 02 Feb 2018 16:55:10 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

On 02/01/2018 at 15:23 Leo Famulari writes:

> On Wed, Jan 31, 2018 at 08:41:44PM -0500, George myglc2 Clemmer wrote:
>> How do I avoid the need to set user passwords for vm-images created with
>> 'guix system vm-image'?
>
> It's possible to put the encrypted user passwords in the GuixSD configuration 
> file:
>
> "password (default: #f)
>
>     You would normally leave this field to #f, initialize user passwords
>     as root with the passwd command, and then let users change it with
>     passwd. Passwords set with passwd are of course preserved across
>     reboot and reconfiguration.
>
>     If you do want to have a preset password for an account, then this
>     field must contain the encrypted password, as a string. See crypt in
>     The GNU C Library Reference Manual, for more information on password
>     encryption, and Encryption in GNU Guile Reference Manual, for
>     information on Guileā€™s crypt procedure."
>
> https://www.gnu.org/software/guix/manual/html_node/User-Accounts.html#User-Accounts
>
>> Is there a way to pre-populate user accounts with public keys?
>
> And, at least with the OpenSSH service, to include the public keys:
>
> (service openssh-service-type
>          (openssh-configuration
>            (x11-forwarding? #t)
>            (permit-root-login 'without-password)
>            (authorized-keys
>              `(("alice" ,(local-file "alice.pub"))
>                ("bob" ,(local-file "bob.pub"))))))
>
> I haven't tried it, but I think it should be possible to pass the public
> key as a string instead of using local-file if necessary.
>
> https://www.gnu.org/software/guix/manual/html_node/Networking-Services.html#index-openssh_002dservice_002dtype
>
>> A sample config sure would be appreciated ;-)
>
> Sorry, I've never tried either of these things before :)

Many thanks. Duh! dunno how I missed that in the doc ;-)  - George



reply via email to

[Prev in Thread] Current Thread [Next in Thread]