Official NixOS Wiki

Distributed build: Difference between revisions

← Older editNewer edit →
VisualWikitext
imported>Katyo
Fixed user's ssh config filename
imported>Lheckemann
Remove insecure options from sample and document when they're appropriate below
Line 28: Line 28:


         # Prevent using ssh-agent or another keyfile, useful for testing
         # Prevent using ssh-agent or another keyfile, useful for testing
         IdentitiesOnly=yes
         IdentitiesOnly yes
         IdentityFile /root/.ssh/nix_remote
         IdentityFile /root/.ssh/nix_remote
        # There must not be any user interaction for logging in
        # Disable the annoying prompt when ssh-ing for the first time
        StrictHostKeyChecking=no
        UserKnownHostsFile=/dev/null
</nowiki>
</nowiki>
}}
}}
{{Tip|Some options presented here like <code>StrictHostKeyChecking no</code> weaken security and are not strictly speaking necessary  but make things easier. Adapt to your taste.}}
 
{{Tip|You can add the <code>StrictHostKeyChecking no</code> and <code>UserKnownHostsFile /dev/null</code> options to disable host authentication for the remote builder, which can be convenient for instance when working with frequently replaced VMs. Do not use this for machines accessed via any network you do not trust, especially the internet!}}


SSH connection must be non-interactive so we use a public key '''without a passphrase'''.
SSH connection must be non-interactive so we use a public key '''without a passphrase'''.
Retrieved from "https://wiki.nixos.org/wiki/Distributed_build"