aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-12-11 17:26:03 +0100
committerLudovic Courtès <ludo@gnu.org>2020-12-11 19:06:53 +0100
commitd8051557aee9fa252b015ff67cc15681e8540777 (patch)
treea597aab9159aca50c89eb727d55357ac9161ce28
parent26b1030012837ff3f91d2a39971358180324d730 (diff)
downloadguix-d8051557aee9fa252b015ff67cc15681e8540777.tar
guix-d8051557aee9fa252b015ff67cc15681e8540777.tar.gz
Revert "services: openssh: Warn about 'password-authentication?' default."
This reverts commit aecd2a13cbd8301d0fdeafcacbf69e12cc3f6138 for two reasons: 1. The warning would fire every time (gnu services ssh) is loaded; 2. There's still no clear consensus on the approach to follow as discussed in <https://issues.guix.gnu.org/44808>.
-rw-r--r--gnu/installer/services.scm8
-rw-r--r--gnu/services/ssh.scm18
2 files changed, 4 insertions, 22 deletions
diff --git a/gnu/installer/services.scm b/gnu/installer/services.scm
index 14a3bb9be6..ec5ea30594 100644
--- a/gnu/installer/services.scm
+++ b/gnu/installer/services.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2018 Mathieu Othacehe <m.othacehe@gmail.com>
-;;; Copyright © 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
;;;
;;; This file is part of GNU Guix.
@@ -93,11 +93,7 @@
(system-service
(name (G_ "OpenSSH secure shell daemon (sshd)"))
(type 'networking)
- (snippet '((service openssh-service-type
- (openssh-configuration
- ;; Currently the default is #t but it's considered
- ;; unsafe. Explicitly pass #f.
- (password-authentication? #f))))))
+ (snippet '((service openssh-service-type))))
(system-service
(name (G_ "Tor anonymous network router"))
(type 'networking)
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 1e45495e1b..1891db0487 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
@@ -33,9 +33,6 @@
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (guix modules)
- #:use-module ((guix i18n) #:select (G_))
- #:use-module ((guix diagnostics) #:select (warning source-properties->location))
- #:use-module ((guix memoization) #:select (mlambda))
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match)
@@ -279,16 +276,6 @@ The other options should be self-descriptive."
;;; OpenSSH.
;;;
-(define true-but-soon-false
- (mlambda (loc)
- ;; The plan is to change the default 'password-authentication?' to #f in
- ;; Guix 1.3.0 or so. See <https://issues.guix.gnu.org/44808>.
- (warning (source-properties->location loc)
- (G_ "The default value of the 'password-authentication?'
-field of 'openssh-configuration' will change from #true to #false in the
-future. Explicitly set it to #true to allow password authentication.~%"))
- #t))
-
(define-record-type* <openssh-configuration>
openssh-configuration make-openssh-configuration
openssh-configuration?
@@ -309,8 +296,7 @@ future. Explicitly set it to #true to allow password authentication.~%"))
(default #f))
;; Boolean
(password-authentication? openssh-configuration-password-authentication?
- (default (true-but-soon-false
- (current-source-location))))
+ (default #t))
;; Boolean
(public-key-authentication? openssh-configuration-public-key-authentication?
(default #t))