ssh: use symlinks for authorizedKeys
options
#976
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a security fix over a year in the making; I wish I had been able to get it out sooner. Anyone using
AuthorizedKeysCommand
for something else will need to ensure they set it in a later file than101-authorized-keys.conf
, but hopefully anyone with that customized an SSH setup knows what they’re doing, and I’m not sure how we could better signal that; I doubt anyone reads the changelog but not merged PRs.This does mean that the Nix store failing to mount could lead to an SSH lock‐out; I’m not sure how we could handle that elegantly and it seems difficult to recover from without direct access anyway (what if your shell is in the Nix store anyway?). It’s possible we could do an ad‐hoc recreation of
copy
here that operates unconditionally on the entire directory, I guess.