forked from mirrors/nixpkgs
33 lines
882 B
XML
33 lines
882 B
XML
|
<section xmlns="http://docbook.org/ns/docbook"
|
||
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||
|
version="5.0"
|
||
|
xml:id="sec-ssh">
|
||
|
|
||
|
<title>Secure Shell Access</title>
|
||
|
|
||
|
<para>Secure shell (SSH) access to your machine can be enabled by
|
||
|
setting:
|
||
|
|
||
|
<programlisting>
|
||
|
services.openssh.enable = true;
|
||
|
</programlisting>
|
||
|
|
||
|
By default, root logins using a password are disallowed. They can be
|
||
|
disabled entirely by setting
|
||
|
<literal>services.openssh.permitRootLogin</literal> to
|
||
|
<literal>"no"</literal>.</para>
|
||
|
|
||
|
<para>You can declaratively specify authorised RSA/DSA public keys for
|
||
|
a user as follows:
|
||
|
|
||
|
<!-- FIXME: this might not work if the user is unmanaged. -->
|
||
|
<programlisting>
|
||
|
users.extraUsers.alice.openssh.authorizedKeys.keys =
|
||
|
[ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
|
||
|
</programlisting>
|
||
|
|
||
|
</para>
|
||
|
|
||
|
</section>
|