summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi98
1 files changed, 64 insertions, 34 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 1edbad33c6..9c30e97466 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -20725,41 +20725,71 @@ Furthermore, @code{(gnu services ssh)} provides the following services.
 @cindex SSH
 @cindex SSH server
 
-@deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @
-       [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @
-       [#:allow-empty-passwords? #f] [#:root-login? #f] @
-       [#:syslog-output? #t] [#:x11-forwarding? #t] @
-       [#:tcp/ip-forwarding? #t] [#:password-authentication? #t] @
-       [#:public-key-authentication? #t] [#:initialize? #t]
-Run the @command{lshd} program from @var{lsh} to listen on port @var{port-number}.
-@var{host-key} must designate a file containing the host key, and readable
-only by root.
-
-When @var{daemonic?} is true, @command{lshd} will detach from the
-controlling terminal and log its output to syslogd, unless one sets
-@var{syslog-output?} to false.  Obviously, it also makes lsh-service
-depend on existence of syslogd service.  When @var{pid-file?} is true,
-@command{lshd} writes its PID to the file called @var{pid-file}.
-
-When @var{initialize?} is true, automatically create the seed and host key
-upon service activation if they do not exist yet.  This may take long and
-require interaction.
-
-When @var{initialize?} is false, it is up to the user to initialize the
-randomness generator (@pxref{lsh-make-seed,,, lsh, LSH Manual}), and to create
-a key pair with the private key stored in file @var{host-key} (@pxref{lshd
-basics,,, lsh, LSH Manual}).
-
-When @var{interfaces} is empty, lshd listens for connections on all the
-network interfaces; otherwise, @var{interfaces} must be a list of host names
-or addresses.
-
-@var{allow-empty-passwords?} specifies whether to accept log-ins with empty
-passwords, and @var{root-login?} specifies whether to accept log-ins as
-root.
+@defvar lsh-service-type
+Type of the service that runs the GNU@tie{}lsh secure shell (SSH)
+daemon, @command{lshd}.  The value for this service is a
+@code{<lsh-configuration>} object.
+@end defvar
 
-The other options should be self-descriptive.
-@end deffn
+@deftp {Data Type} lsh-configuration
+Data type representing the configuration of @command{lshd}.
+
+@table @asis
+@item @code{lsh} (default: @code{lsh}) (type: file-like)
+The package object of the GNU@tie{}lsh secure shell (SSH) daemon.
+
+@item @code{daemonic?} (default: @code{#t}) (type: boolean)
+Whether to detach from the controlling terminal.
+
+@item @code{host-key} (default: @code{"/etc/lsh/host-key"}) (type: string)
+File containing the @dfn{host key}.  This file must be readable by
+root only.
+
+@item @code{interfaces} (default: @code{()}) (type: list)
+List of host names or addresses that @command{lshd} will listen on.
+If empty, @command{lshd} listens for connections on all the network
+interfaces.
+
+@item @code{port-number} (default: @code{22}) (type: integer)
+Port to listen on.
+
+@item @code{allow-empty-passwords?} (default: @code{#f}) (type: boolean)
+Whether to accept log-ins with empty passwords.
+
+@item @code{root-login?} (default: @code{#f}) (type: boolean)
+Whether to accept log-ins as root.
+
+@item @code{syslog-output?} (default: @code{#t}) (type: boolean)
+Whether to log @command{lshd} standard output to syslogd.
+This will make the service depend on the existence of a syslogd service.
+
+@item @code{pid-file?} (default: @code{#f}) (type: boolean)
+When @code{#t}, @command{lshd} writes its PID to the file specified in
+@var{pid-file}.
+
+@item @code{pid-file} (default: @code{"/var/run/lshd.pid"}) (type: string)
+File that @command{lshd} will write its PID to.
+
+@item @code{x11-forwarding?} (default: @code{#t}) (type: boolean)
+Whether to enable X11 forwarding.
+
+@item @code{tcp/ip-forwarding?} (default: @code{#t}) (type: boolean)
+Whether to enable TCP/IP forwarding.
+
+@item @code{password-authentication?} (default: @code{#t}) (type: boolean)
+Whether to accept log-ins using password authentication.
+
+@item @code{public-key-authentication?} (default: @code{#t}) (type: boolean)
+Whether to accept log-ins using public key authentication.
+
+@item @code{initialize?} (default: @code{#t}) (type: boolean)
+When @code{#f}, it is up to the user to initialize the randomness
+generator (@pxref{lsh-make-seed,,, lsh, LSH Manual}), and to create
+a key pair with the private key stored in file @var{host-key}
+(@pxref{lshd basics,,, lsh, LSH Manual}).
+
+@end table
+@end deftp
 
 @cindex SSH
 @cindex SSH server