2014-08-24 18:18:18 +01:00
<section xmlns= "http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-ssh">
2018-05-02 00:57:09 +01:00
<title > Secure Shell Access</title>
2014-08-24 18:18:18 +01:00
2018-05-02 00:57:09 +01:00
<para >
Secure shell (SSH) access to your machine can be enabled by setting:
2014-08-24 18:18:18 +01:00
<programlisting >
2018-04-05 09:43:56 +01:00
<xref linkend= "opt-services.openssh.enable" /> = true;
2014-08-24 18:18:18 +01:00
</programlisting>
2019-09-18 21:13:35 +01:00
By default, root logins using a password are disallowed. They can be disabled entirely by setting <xref linkend= "opt-services.openssh.permitRootLogin" /> to <literal > "no"</literal> .
2018-05-02 00:57:09 +01:00
</para>
<para >
2019-09-18 21:13:35 +01:00
You can declaratively specify authorised RSA/DSA public keys for a user as follows:
2014-08-24 18:18:18 +01:00
<!-- FIXME: this might not work if the user is unmanaged. -->
<programlisting >
2018-06-28 22:48:38 +01:00
<link linkend= "opt-users.users._name__.openssh.authorizedKeys.keys" > users.users.alice.openssh.authorizedKeys.keys</link> =
2014-08-24 18:18:18 +01:00
[ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
</programlisting>
2018-05-02 00:57:09 +01:00
</para>
2014-08-24 18:18:18 +01:00
</section>