[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] openssh service
From: |
Julien Lepiller |
Subject: |
Re: [PATCH] openssh service |
Date: |
Mon, 26 Sep 2016 18:42:19 +0200 |
On Fri, 26 Aug 2016 12:51:56 +0200
Andy Wingo <address@hidden> wrote:
> Hi Julien,
>
> Thanks for the documentation update!
>
> On Fri 19 Aug 2016 16:31, Julien Lepiller <address@hidden> writes:
>
> > address@hidden {Scheme Procedure} openssh-service [#:pidfile
> > "/var/run/sshd.pid"] @
> > + [#:port-number 22] [#:root-login "without-password"] @
> > + [#:allow-empty-passwords #f] [#:password-authentication?
> > #t] @
> > + [#:pubkey-authentication? #t] [#:rsa-authentication? #t] @
> > + [#:x11-forwarding? #f] [#:protocol-number "2"]
> > +"Run the @command{sshd} program from @var{openssh} on port
> > @var{port-number}. address@hidden runs an ssh daemon and writes
> > its PID to @var{pidfile}. It +understands ssh protocol
> > @var{protocol-number}. The @var{protocol-number} can +be one of
> > \"1\", \"2\" or \"1,2\". +
> > address@hidden takes one of @var{yes},
> > @var{without-password} and address@hidden It is used to allow root
> > login through ssh. @var{without-password} +means that root login is
> > allowed, except when loging with a password (eg: a +public key).
>
> The variable needs to be changed to @var{root-login} (and I think
> probably @var{permit-root-login} would be more expected), and probably
> "without-password" should be a symbol rather than a string. In
> general I think naming the keywords after the upstream options is
> going to be the least confusing thing for users. Consider changing
> from yes/no/without-password to #t/#f/without-password, and renaming
> the option to #:permit-root-login?. Consider requiring that the
> protocol number be either 1 or 2. In general we want to make errors
> happen early, when building the OS, rather than when the OS is booted.
Sorry for the delay, here is a new version of the patch.
Meanwhile, sysconfdir was set to /etc, but I changed this for /etc/ssh,
because openssh looks for its configuration and other files (about 10)
directly in sysconfdir, not a subdirectory. Also, I fixed a mistake in
openssh-service (it was not following what the doc said).
>
> WDYT?
>
> Andy
0001-services-Add-openssh.patch
Description: Text Data
- Re: [PATCH] openssh service,
Julien Lepiller <=