movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-09 11:03:15 +03:00
Code Issues Projects Releases Packages Wiki Activity

doc/rl-2505: document systemd-ssh-generator changes

Browse source
This commit is contained in:
Marie Ramlow 2025-01-11 16:06:03 +01:00
parent 8a641ddffe
commit a0962df902
2 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
doc/manpage-urls.json
View file

@ -228,6 +228,8 @@
"systemd-socket-activate(1)": "https://www.freedesktop.org/software/systemd/man/systemd-socket-activate.html",
"systemd-socket-proxyd(8)": "https://www.freedesktop.org/software/systemd/man/systemd-socket-proxyd.html",
"systemd-soft-reboot.service(8)": "https://www.freedesktop.org/software/systemd/man/systemd-soft-reboot.service.html",
"systemd-ssh-generator(8)": "https://www.freedesktop.org/software/systemd/man/systemd-ssh-generator.html",
"systemd-ssh-proxy(1)": "https://www.freedesktop.org/software/systemd/man/systemd-ssh-proxy.html",
"systemd-stdio-bridge(1)": "https://www.freedesktop.org/software/systemd/man/systemd-stdio-bridge.html",
"systemd-stub(7)": "https://www.freedesktop.org/software/systemd/man/systemd-stub.html",
"systemd-suspend-then-hibernate.service(8)": "https://www.freedesktop.org/software/systemd/man/systemd-suspend-then-hibernate.service.html",

13
nixos/doc/manual/release-notes/rl-2505.section.md
View file

@ -457,6 +457,19 @@
- GOverlay has been updated to 1.2, please check the [upstream changelog](https://github.com/benjamimgois/goverlay/releases) for more details.
- systemd's {manpage}`systemd-ssh-generator(8)` now works out of the box on NixOS.
- You can ssh into VMs without any networking configuration if your hypervisor configures the vm to support AF_VSOCK.
It still requires the usual ssh authentication methods.
- An SSH key for the root user can be provisioned using the `ssh.authorized_keys.root` systemd credential.
This can be useful for booting an installation image and providing the SSH key with an smbios string.
- SSH can be used for suid-less privilege escalation on the local system without having to rely on networking:
```shell
ssh root@.host
```
- systemd's {manpage}`systemd-ssh-proxy(1)` is enabled by default. It can be disabled using [`programs.ssh.systemd-ssh-proxy.enable`](#opt-programs.ssh.systemd-ssh-proxy.enable).
- SSH host key generation has been separated into the dedicated systemd service sshd-keygen.service.
- [`services.mongodb`](#opt-services.mongodb.enable) is now compatible with the `mongodb-ce` binary package. To make use of it, set [`services.mongodb.package`](#opt-services.mongodb.package) to `pkgs.mongodb-ce`.
- [`services.jupyter`](#opt-services.jupyter.enable) is now compatible with `Jupyter Notebook 7`. See [the migration guide](https://jupyter-notebook.readthedocs.io/en/latest/migrate_to_notebook7.html) for details.