[Nix-dev] [PATCH] authorized_keys in users.extraUsers
Nicolas Pierron
nicolas.b.pierron at gmail.com
Mon Oct 17 14:04:46 CEST 2011
Hi,
On Sun, Oct 16, 2011 at 21:28, Rickard Nilsson
<rickard.nilsson at telia.com> wrote:
> I've written a patch to users-groups.nix that allows me to specify the
> contents of a users ~/.ssh/authorized_keys file like this:
>
> users.extraUsers = [
> { name = "myuser";
> description = "";
> group = "users";
> home = "/home/myuser";
> createHome = true;
> useDefaultShell = true;
> authorizedKeyFiles = [
> "/etc/secrets/someotheruser.id_dsa.pub"
> ];
> }
> ];
>
>
> I can also specify keys directly with the authorizedKeys attribute, instead
> of referring files. If there are existing keys in authorized_keys they will
> be left alone.
>
> Is this something that others find useful? Does it make sense to put it in
> users.extraUsers, or is it too messy? Maybe there is a place for a more
> general home.<username>.authorizedKeys configuration? What do you think?
I think users.<name?>.authorizedKeys is good place for configuring it.
But I guess you did not put the modifications into sshd.nix
expression. So you will have to extend the users option from another
module because the .ssh/authorized_keys is related to sshd. (see
loaOf/attrsOf in nixpkgs/pkgs/lib/types.nix) Upstart & filesystems are
already doing such a thing.
--
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
More information about the nix-dev
mailing list