elitak / nixos-infect

[GPLv3+] install nixos over the existing OS in a DigitalOcean droplet (and others with minor modifications)
GNU General Public License v3.0
1.37k stars 221 forks source link

No ssh keys installed if /root/.ssh/authorized_keys is an empty file #138

Open aequitas opened 1 year ago

aequitas commented 1 year ago

When /root/.ssh/authorized_keys is an empty file the infect script will look no further and not install any ssh keys for root in the new NixOS.

ghost commented 1 year ago

@aequitas it appears to be a prerequisite to have a rsa/ed25519 key already provisioned under /root/.ssh/authorized_keys

How do I use it?

    Read and understand the [the script](https://github.com/elitak/nixos-infect/blob/master/nixos-infect)
    Deploy any custom configuration you want on your host
    Deploy your host as non-Nix Operating System.
    Deploy an SSH key for the root user.

    NB: This step is important. The root user will not have a password when nixos-infect runs to completion. To enable root login, you must have an SSH key configured.
aequitas commented 1 year ago

Correct. However there are 3 locations where keys should be searched (https://github.com/elitak/nixos-infect/blob/master/nixos-infect#L21), but the other 2 are skipped if the first location contains an empty file or does not contain valid keys. I made a PR that should fix the issue: https://github.com/elitak/nixos-infect/pull/148

ghost commented 1 year ago

@aequitas thanks for explaining this further. patch looks good