pyrox.dev
1<section xmlns="http://docbook.org/ns/docbook"
2 xmlns:xlink="http://www.w3.org/1999/xlink"
3 xmlns:xi="http://www.w3.org/2001/XInclude"
4 version="5.0"
5 xml:id="sec-ssh">
6
7<title>Secure Shell Access</title>
8
9<para>Secure shell (SSH) access to your machine can be enabled by
10setting:
11
12<programlisting>
13services.openssh.enable = true;
14</programlisting>
15
16By default, root logins using a password are disallowed. They can be
17disabled entirely by setting
18<literal>services.openssh.permitRootLogin</literal> to
19<literal>"no"</literal>.</para>
20
21<para>You can declaratively specify authorised RSA/DSA public keys for
22a user as follows:
23
24<!-- FIXME: this might not work if the user is unmanaged. -->
25<programlisting>
26users.extraUsers.alice.openssh.authorizedKeys.keys =
27 [ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
28</programlisting>
29
30</para>
31
32</section>