diff options
| author | Maciej Krüger <mkg20001@gmail.com> | 2024-01-07 13:54:27 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-07 13:54:27 +0100 |
| commit | c931d73fba96e8efc7378c6a24ccb25f4440c9e3 (patch) | |
| tree | ccb9dedb175d5c3b7980c0972253a521ecfc3c82 /nixos/modules/security | |
| parent | c7efe762fe3abd0f465d13641382ee622956034d (diff) | |
| parent | 607679c6d3ff1c18b28f9cc61356d0c4d95378f3 (diff) | |
Merge pull request #276499 from nbraud/nixos/pam/ssh-agent-auth
nixos/pam: Add assertion for SSH-agent auth
Diffstat (limited to 'nixos/modules/security')
| -rw-r--r-- | nixos/modules/security/pam.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index c99615d5a6362..2f777f874f23e 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -1456,6 +1456,13 @@ in `security.pam.zfs.enable` requires enabling ZFS (`boot.zfs.enabled` or `boot.zfs.enableUnstable`). ''; } + { + assertion = config.security.pam.enableSSHAgentAuth -> config.services.openssh.authorizedKeysFiles != []; + message = '' + `security.pam.enableSSHAgentAuth` requires `services.openssh.authorizedKeysFiles` to be a non-empty list. + Did you forget to set `services.openssh.enable` ? + ''; + } ]; environment.systemPackages = |