public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added PermitRootLogin option for sshd

Browse Source 
svn path=/nixos/trunk/; revision=11121
This commit is contained in:
Sander van der Burg 2008-03-14 12:53:14 +00:00
parent 95d41d5e27
commit 6c8bae53c1
3 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
system/options.nix
View File

@ -797,6 +797,15 @@
"; ";
}; };
permitRootLogin = mkOption {
default = "yes";
description = "
Whether the root user can login using ssh. Valid options
are <command>yes</command>, <command>without-password</command>,
<command>forced-commands-only</command> or
<command>no</command>
";
};
}; };
lshd = { lshd = {

1
upstart-jobs/default.nix
View File

@ -137,6 +137,7 @@ let
inherit nssModulesPath; inherit nssModulesPath;
forwardX11 = config.services.sshd.forwardX11; forwardX11 = config.services.sshd.forwardX11;
allowSFTP = config.services.sshd.allowSFTP; allowSFTP = config.services.sshd.allowSFTP;
permitRootLogin = config.services.sshd.permitRootLogin;
}) })
# GNU lshd SSH2 deamon. # GNU lshd SSH2 deamon.

9
upstart-jobs/sshd.nix
View File

@ -1,8 +1,13 @@
{ writeText, openssh, glibc, xauth { writeText, openssh, glibc, xauth
, nssModulesPath , nssModulesPath
, forwardX11, allowSFTP , forwardX11, allowSFTP, permitRootLogin
}: }:
assert permitRootLogin == "yes" ||
permitRootLogin == "without-password" ||
permitRootLogin == "forced-commands-only" ||
permitRootLogin == "no";
let let
sshdConfig = writeText "sshd_config" '' sshdConfig = writeText "sshd_config" ''
@ -21,6 +26,8 @@ let
" else " " else "
"} "}
PermitRootLogin ${permitRootLogin}
''; '';
sshdUid = (import ../system/ids.nix).uids.sshd; sshdUid = (import ../system/ids.nix).uids.sshd;