aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/services/ssh.scm12
-rw-r--r--gnu/system/install.scm5
2 files changed, 14 insertions, 3 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index b33ec946c6..301ba74041 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -304,7 +304,14 @@ The other options should be self-descriptive."
;; list of user-name/file-like tuples
(authorized-keys openssh-authorized-keys
- (default '())))
+ (default '()))
+
+ ;; Boolean
+ ;; XXX: This should really be handled in an orthogonal way, for instance as
+ ;; proposed in <https://bugs.gnu.org/27155>. Keep it internal/undocumented
+ ;; for now.
+ (%auto-start? openssh-auto-start?
+ (default #t)))
(define %openssh-accounts
(list (user-group (name "sshd") (system? #t))
@@ -445,7 +452,8 @@ of user-name/file-like tuples."
(provision '(ssh-daemon))
(start #~(make-forkexec-constructor #$openssh-command
#:pid-file #$pid-file))
- (stop #~(make-kill-destructor)))))
+ (stop #~(make-kill-destructor))
+ (auto-start? (openssh-auto-start? config)))))
(define (openssh-pam-services config)
"Return a list of <pam-services> for sshd with CONFIG."
diff --git a/gnu/system/install.scm b/gnu/system/install.scm
index 78f2bf3a13..0dd7688634 100644
--- a/gnu/system/install.scm
+++ b/gnu/system/install.scm
@@ -264,7 +264,10 @@ You have been warned. Thanks for being so brave.\x1b[0m
;; The root account is passwordless, so make sure
;; a password is set before allowing logins.
(allow-empty-passwords? #f)
- (password-authentication? #t)))
+ (password-authentication? #t)
+
+ ;; Don't start it upfront.
+ (%auto-start? #f)))
;; Since this is running on a USB stick with a overlayfs as the root
;; file system, use an appropriate cache configuration.