nixpkgs/nixos/doc/manual/configuration/ssh.xml

<section xmlns="http://docbook.org/ns/docbook"
         xmlns:xlink="http://www.w3.org/1999/xlink"
         xmlns:xi="http://www.w3.org/2001/XInclude"
         version="5.0"
         xml:id="sec-ssh">

<title>Secure Shell Access</title>

<para>Secure shell (SSH) access to your machine can be enabled by
setting:

<programlisting>
services.openssh.enable = true;
</programlisting>

By default, root logins using a password are disallowed.  They can be
disabled entirely by setting
<literal>services.openssh.permitRootLogin</literal> to
<literal>"no"</literal>.</para>

<para>You can declaratively specify authorised RSA/DSA public keys for
a user as follows:

<!-- FIXME: this might not work if the user is unmanaged. -->
<programlisting>
users.extraUsers.alice.openssh.authorizedKeys.keys =
  [ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
</programlisting>

</para>

</section>
Chunk NixOS manual [Squashed commits to make git blame etc. more likely to work. -ED] 2014-08-24 19:18:18 +02:00			`<section xmlns="http://docbook.org/ns/docbook"`
			`xmlns:xlink="http://www.w3.org/1999/xlink"`
			`xmlns:xi="http://www.w3.org/2001/XInclude"`
			`version="5.0"`
			`xml:id="sec-ssh">`

			`<title>Secure Shell Access</title>`

			`<para>Secure shell (SSH) access to your machine can be enabled by`
			`setting:`

			`<programlisting>`
			`services.openssh.enable = true;`
			`</programlisting>`

			`By default, root logins using a password are disallowed. They can be`
			`disabled entirely by setting`
			`<literal>services.openssh.permitRootLogin</literal> to`
			`<literal>"no"</literal>.</para>`

			`<para>You can declaratively specify authorised RSA/DSA public keys for`
			`a user as follows:`

			`<!-- FIXME: this might not work if the user is unmanaged. -->`
			`<programlisting>`
			`users.extraUsers.alice.openssh.authorizedKeys.keys =`
			`[ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];`
			`</programlisting>`

			`</para>`

			`</section>`