From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 03 16:10:29 2019 Received: (at submit) by debbugs.gnu.org; 3 Dec 2019 21:10:29 +0000 Received: from localhost ([127.0.0.1]:41127 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1icFRF-0006ud-6N for submit@debbugs.gnu.org; Tue, 03 Dec 2019 16:10:29 -0500 Received: from lists.gnu.org ([209.51.188.17]:44079) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1icFRC-0006uT-8d for submit@debbugs.gnu.org; Tue, 03 Dec 2019 16:10:27 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:54432) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1icFR4-0006Mc-E9 for guix-patches@gnu.org; Tue, 03 Dec 2019 16:10:21 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_20 autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:470:142:3::e]:35957) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1icFQy-0002QS-4o; Tue, 03 Dec 2019 16:10:12 -0500 Received: from [102.78.164.116] (port=18354 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1icFQu-0000lr-Da; Tue, 03 Dec 2019 16:10:08 -0500 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: guix-patches@gnu.org Subject: [PATCH 0/4] "guix deploy" authenticates SSH servers [security] Date: Tue, 3 Dec 2019 22:09:58 +0100 Message-Id: <20191203210958.20936-1-ludo@gnu.org> X-Mailer: git-send-email 2.24.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi! This series allow users to specify the remote host key in used for “guix deploy”, so you can have that under version control and entirely managed by Guix, like “guix offload” does. The second patch fixes a security issue: ‘open-ssh-session’ from (guix ssh), which is used by “guix deploy” and support for “GUIX_DAEMON_SOCKET=ssh://…” in (guix store ssh), would not authenticate the server it’s talking to. Feedback welcome! Ludo’. Ludovic Courtès (4): ssh: Add 'authenticate-server*' and use it for offloading. ssh: Always authenticate the server [security fix]. ssh: 'open-ssh-session' can be passed the expected host key. machine: ssh: can include the host key. doc/guix.texi | 12 +++++++ gnu/machine/ssh.scm | 9 ++++-- guix/scripts/offload.scm | 30 ++--------------- guix/ssh.scm | 69 ++++++++++++++++++++++++++++++++++++++-- 4 files changed, 87 insertions(+), 33 deletions(-) -- 2.24.0