mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 20:21:14 +00:00
Code Issues Wiki Activity
nixpkgs/nixos/doc/manual
History
Emily d930466b77 nixos/initrd-ssh: switch from Dropbear to OpenSSH 
Dropbear lags behind OpenSSH significantly in both support for modern
key formats like `ssh-ed25519`, let alone the recently-introduced
U2F/FIDO2-based `sk-ssh-ed25519@openssh.com` (as I found when I switched
my `authorizedKeys` over to it and promptly locked myself out of my
server's initrd SSH, breaking reboots), as well as security features
like multiprocess isolation. Using the same SSH daemon for stage-1 and
the main system ensures key formats will always remain compatible, as
well as more conveniently allowing the sharing of configuration and
host keys.

The main reason to use Dropbear over OpenSSH would be initrd space
concerns, but NixOS initrds are already large (17 MiB currently on my
server), and the size difference between the two isn't huge (the test's
initrd goes from 9.7 MiB to 12 MiB with this change). If the size is
still a problem, then it would be easy to shrink sshd down to a few
hundred kilobytes by using an initrd-specific build that uses musl and
disables things like Kerberos support.

This passes the test and works on my server, but more rigorous testing
and review from people who use initrd SSH would be appreciated!
2020-03-25 08:26:50 +00:00
..
administration Revert "nixos/doc: re-format" 2019-09-19 19:17:30 +02:00
configuration nixos/doc/matrix-synapse: refactor 2020-03-16 10:39:42 +01:00
development nixos release process: use rev-list --count like Hydra does. 2020-02-22 09:28:03 -05:00
installation services/misc/nixos-manual.nix: Remove 2020-03-24 15:25:20 +01:00
release-notes nixos/initrd-ssh: switch from Dropbear to OpenSSH 2020-03-25 08:26:50 +00:00
.gitignore
default.nix nixos manual: have a toc for each part and chapter 2019-10-30 10:25:09 +01:00
Makefile nixos/doc/manual: Fix Makefile 2019-09-06 12:40:06 +02:00
man-configuration.xml nixos/doc: fix manpage format 2019-10-05 15:55:49 +00:00
man-nixos-build-vms.xml nixos/doc: fix manpage format 2019-10-05 15:55:49 +00:00
man-nixos-enter.xml nixos/doc: fix manpage format 2019-10-05 15:55:49 +00:00
man-nixos-generate-config.xml nixos/doc: fix manpage format 2019-10-05 15:55:49 +00:00
man-nixos-install.xml nixos/docs: Fix nixos-install --system command 2020-01-15 05:39:12 +01:00
man-nixos-option.xml Merge pull request #75439 from Ma27/submodule-fixes-for-nixos-option 2020-02-01 10:00:59 +01:00
man-nixos-rebuild.xml nixos-{rebuild,container}: Use flakeref#attrpath syntax 2020-02-05 23:15:18 +01:00
man-nixos-version.xml nixos-version: Add --json flag and show system.configurationRevision 2020-02-05 23:15:18 +01:00
man-pages.xml nixos/doc+manual: update copyright year range end 2019->2020 2020-01-14 07:01:39 -06:00
manual.xml nixos manual: move preface into own file 2019-10-30 10:25:09 +01:00
preface.xml nixos manual: refer to nix and nixpkgs manuals 2019-10-30 10:25:09 +01:00
README
shell.nix

README 

To build the manual, you need Nix installed on your system (no need
for NixOS). To install Nix, follow the instructions at

    https://nixos.org/nix/download.html

When you have Nix on your system, in the root directory of the project
(i.e., `nixpkgs`), run:

    nix-build nixos/release.nix -A manual.x86_64-linux

When this command successfully finishes, it will tell you where the
manual got generated.