diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-12-11 17:26:03 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-12-11 19:06:53 +0100 |
commit | d8051557aee9fa252b015ff67cc15681e8540777 (patch) | |
tree | a597aab9159aca50c89eb727d55357ac9161ce28 /gnu | |
parent | 26b1030012837ff3f91d2a39971358180324d730 (diff) | |
download | guix-d8051557aee9fa252b015ff67cc15681e8540777.tar.gz |
Revert "services: openssh: Warn about 'password-authentication?' default."
This reverts commit aecd2a13cbd8301d0fdeafcacbf69e12cc3f6138 for two reasons: 1. The warning would fire every time (gnu services ssh) is loaded; 2. There's still no clear consensus on the approach to follow as discussed in <https://issues.guix.gnu.org/44808>.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/installer/services.scm | 8 | ||||
-rw-r--r-- | gnu/services/ssh.scm | 18 |
2 files changed, 4 insertions, 22 deletions
diff --git a/gnu/installer/services.scm b/gnu/installer/services.scm index 14a3bb9be6..ec5ea30594 100644 --- a/gnu/installer/services.scm +++ b/gnu/installer/services.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Mathieu Othacehe <m.othacehe@gmail.com> -;;; Copyright © 2019, 2020 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> ;;; ;;; This file is part of GNU Guix. @@ -93,11 +93,7 @@ (system-service (name (G_ "OpenSSH secure shell daemon (sshd)")) (type 'networking) - (snippet '((service openssh-service-type - (openssh-configuration - ;; Currently the default is #t but it's considered - ;; unsafe. Explicitly pass #f. - (password-authentication? #f)))))) + (snippet '((service openssh-service-type)))) (system-service (name (G_ "Tor anonymous network router")) (type 'networking) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 1e45495e1b..1891db0487 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016 David Craven <david@craven.ch> ;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> @@ -33,9 +33,6 @@ #:use-module (guix gexp) #:use-module (guix records) #:use-module (guix modules) - #:use-module ((guix i18n) #:select (G_)) - #:use-module ((guix diagnostics) #:select (warning source-properties->location)) - #:use-module ((guix memoization) #:select (mlambda)) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (ice-9 match) @@ -279,16 +276,6 @@ The other options should be self-descriptive." ;;; OpenSSH. ;;; -(define true-but-soon-false - (mlambda (loc) - ;; The plan is to change the default 'password-authentication?' to #f in - ;; Guix 1.3.0 or so. See <https://issues.guix.gnu.org/44808>. - (warning (source-properties->location loc) - (G_ "The default value of the 'password-authentication?' -field of 'openssh-configuration' will change from #true to #false in the -future. Explicitly set it to #true to allow password authentication.~%")) - #t)) - (define-record-type* <openssh-configuration> openssh-configuration make-openssh-configuration openssh-configuration? @@ -309,8 +296,7 @@ future. Explicitly set it to #true to allow password authentication.~%")) (default #f)) ;; Boolean (password-authentication? openssh-configuration-password-authentication? - (default (true-but-soon-false - (current-source-location)))) + (default #t)) ;; Boolean (public-key-authentication? openssh-configuration-public-key-authentication? (default #t)) |