pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #26605 from mayflower/disable-ssh-agent

ssh module: disable agent by default

Franz Pletz ba1330b1 f8d79426

options
unified split
Changed files
+10 -1
nixos
doc
manual
release-notes
rl-1709.xml
modules
programs
ssh.nix
+9
nixos/doc/manual/release-notes/rl-1709.xml 
···

       
104

       
 

       
      <literal>dataDir</literal>.


     

       
105

       
 

       
    </para>


     

       
106

       
 

       
  </listitem>


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
107

       
 

       
</itemizedlist>


     

       
108

       
 

       



     

       
109

       
 

       



     
···

       
104

       
 

       
      <literal>dataDir</literal>.


     

       
105

       
 

       
    </para>


     

       
106

       
 

       
  </listitem>


     

       
107

       
+

       
  <listitem>


     

       
108

       
+

       
    <para>


     

       
109

       
+

       
      The <literal>ssh-agent</literal> user service is not started by default


     

       
110

       
+

       
      anymore. Use <literal>programs.ssh.startAgent</literal> to enable it if


     

       
111

       
+

       
      needed. There is also a new <literal>programs.gnupg.agent</literal>


     

       
112

       
+

       
      module that creates a <literal>gpg-agent</literal> user service. It can


     

       
113

       
+

       
      also serve as a SSH agent if <literal>enableSSHSupport</literal> is set.


     

       
114

       
+

       
    </para>


     

       
115

       
+

       
  </listitem>


     

       
116

       
 

       
</itemizedlist>


     

       
117

       
 

       



     

       
118
+1 -1
nixos/modules/programs/ssh.nix 
···

       
74

       
 

       



     

       
75

       
 

       
      startAgent = mkOption {


     

       
76

       
 

       
        type = types.bool;


     

       
77

       
-

       
        default = true;


     

       
78

       
 

       
        description = ''


     

       
79

       
 

       
          Whether to start the OpenSSH agent when you log in.  The OpenSSH agent


     

       
80

       
 

       
          remembers private keys for you so that you don't have to type in


     
···

       
74

       
 

       



     

       
75

       
 

       
      startAgent = mkOption {


     

       
76

       
 

       
        type = types.bool;


     

       
77

       
+

       
        default = false;


     

       
78

       
 

       
        description = ''


     

       
79

       
 

       
          Whether to start the OpenSSH agent when you log in.  The OpenSSH agent


     

       
80

       
 

       
          remembers private keys for you so that you don't have to type in