diff options
| author | Clombrong <cromblong@egregore.fun> | 2025-10-02 01:51:08 +0200 |
|---|---|---|
| committer | Giacomo Leidi <therewasa@fishinthecalculator.me> | 2026-01-27 11:46:03 +0100 |
| commit | 8dc57904e385b9219f548601afc6dc9b26dadd68 (patch) | |
| tree | 866724a0b98f37af9fc6959533777b444401158f /doc | |
| parent | 3f5ebde420695b932c8c797cc238d5f1426f9dee (diff) | |
services: Add endlessh-service-type.
* docs/guix.texi: Document EndleSSH service and configuration.
* gnu/services/ssh.scm: New service.
* gnu/services/ssh.scm: Define shepherd service.
Merges: https://codeberg.org/guix/guix/pulls/5910
Co-Authored-By: Giacomo Leidi <therewasa@fishinthecalculator.me>
Change-Id: Ief4520b536276b88f2e5027ef0897bf84b2835df
Signed-off-by: Giacomo Leidi <therewasa@fishinthecalculator.me>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/guix.texi | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 436ae588784..0d57b516ba1 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -24321,6 +24321,58 @@ Whether to enable password-based authentication. @end table @end deftp +@cindex EndleSSH +@defvar endlessh-service-type +This is the type for the +@uref{https://github.com/skeeto/endlessh,EndleSSH} program that runs an +SSH tar pit. By very slowly sending an SSH banner, this program keeps +unwanted visitors locked away from the actual SSH daemon. + +For example, to specify a service running Endlessh on port @code{2222}, add +this call to the operating system's @code{services} field: + +@lisp +(service endlessh-service-type + (endlessh-configuration + (port-number 2222))) +@end lisp +@end defvar + +@deftp {Data Type} endlessh-configuration +This data type represents the configuration of an EndleSSH service. + +@table @asis +@item @code{endlessh} (default: @var{endlessh}) +The EndleSSH package to use. + +@item @code{port-number} (default: @code{22}) +The TCP port where the daemon waits for incoming connections. + +@item @code{log-level} (default: @code{1}) +The log level. @code{0} is quiet, @code{2} is very noisy. + +@item @code{syslog-output?} (default: @code{#t}) +Whether to enable syslog output. + +@item @code{pid-file} (default: @code{"/var/run/endlessh.pid"}) +File name of the daemon's PID file. + +@item @code{message-delay} (default: @code{10000}) +The endless banner is sent one line at a time. This is the delay in +milliseconds between individual lines. + +@item @code{max-banner-length} (default: @code{32}) +The length of each line is randomized. This controls the maximum length +of each line. Shorter lines may keep clients on for longer if they give +up after a certain number of bytes. + +@item @code{max-clients} (default: @code{4096}) +Maximum number of connections to accept at a time. Connections beyond +this are not immediately rejected, but will wait in the queue. + +@end table +@end deftp + @cindex AutoSSH @defvar autossh-service-type This is the type for the @uref{https://www.harding.motd.ca/autossh, |