public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #126986 from NixOS/backport-126922-to-release-21.05 

[Backport release-21.05] nixos/ssh: Add an example of verbatim keys
This commit is contained in:
Robert Hensing 2021-06-15 22:50:37 +02:00 committed by GitHub
parent cf267b0e40 91d03cd360
commit 6dc9b7d832
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -41,6 +41,10 @@ let
Warning: If you are using <literal>NixOps</literal> then don't use this Warning: If you are using <literal>NixOps</literal> then don't use this
option since it will replace the key required for deployment via ssh. option since it will replace the key required for deployment via ssh.
''; '';
example = [
"ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host"
"ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar"
];
}; };
keyFiles = mkOption { keyFiles = mkOption {
@ -243,7 +247,17 @@ in
authorizedKeysFiles = mkOption { authorizedKeysFiles = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
description = "Files from which authorized keys are read."; description = ''
Specify the rules for which files to read on the host.
This is an advanced option. If you're looking to configure user
keys, you can generally use <xref linkend="opt-users.users._name_.openssh.authorizedKeys.keys"/>
or <xref linkend="opt-users.users._name_.openssh.authorizedKeys.keyFiles"/>.
These are paths relative to the host root file system or home
directories and they are subject to certain token expansion rules.
See AuthorizedKeysFile in man sshd_config for details.
'';
}; };
authorizedKeysCommand = mkOption { authorizedKeysCommand = mkOption {