In this brief tutorial, we will walk you through the steps to install openSSH on NixOS. Unlike the traditional Linux systems (like Debian or RHEL), setting up openSSH in NixOS is entirely different. But it is not that difficult.
Table of Contents
Introduction
Installing SSH and enabling sshd
service in NixOS follows a different approach compared to traditional Linux distributions due to NixOS's unique package management system and immutable infrastructure.
In traditional Linux distributions like Debian or RHEL, you would typically use package managers like apt
or dnf
to install packages from centralized repositories. These package managers resolve dependencies and install packages along with their dependencies on the running system.
However, in NixOS, the package management is more declarative and atomic. Instead of directly installing packages on the running system, NixOS builds a new configuration from the specified packages and their dependencies in an isolated environment. This new configuration is then switched to, effectively making the entire operating system immutable.
The main reasons for this different approach in NixOS are:
- Reproducibility: NixOS aims to provide a reproducible and reliable way of building the entire system from source. The same configuration will produce an identical system, regardless of the machine it's built on.
- Atomic upgrades and rollbacks: By building a new configuration instead of modifying the running system, NixOS allows for atomic upgrades and rollbacks. If an upgrade fails or introduces issues, you can easily roll back to the previous configuration.
- Avoiding dependency hell: NixOS's package management resolves dependencies in a way that avoids conflicts between packages requiring different versions of the same dependency.
- Declarative configuration: NixOS encourages a declarative approach to system configuration, where the desired state of the system is described in a single configuration file (
/etc/nixos/configuration.nix
).
Install openSSH on NixOS
To install OpenSSH on NixOS, you need to add it to your system configuration and then rebuild the system.
1. Edit your configuration.nix
file using your favorite text editor:
$ sudo nano /etc/nixos/configuration.nix
2. Find and uncomment the following line. If it doesn't exist, simply add it.
{ [...] # Enable OpenSSH daemon services.openssh.enable = true; [...] }
Optionally, you can add the following lines. Do not forget uncomment your preferred setting.
# Optional: Customize OpenSSH configuration # services.openssh.permitRootLogin = "no"; # services.openssh.passwordAuthentication = true; # services.openssh.port = 22; # services.openssh.protocol = "2";
Save the changes and exit the text editor.
3. Rebuild your NixOS system configuration:
$ sudo nixos-rebuild switch
This command will rebuild your NixOS system with the changes you've made in the configuration.nix
file.
4. After the rebuild process is complete, OpenSSH should be installed and running on your NixOS system.
5. Let us check openSSH service status using command:
$ sudo systemctl sshd status
Example Output:
Yes, sshd
service is enabled and running!
6. You can then connect to it using an SSH client.
For instance, I connected to NixOS via SSH from my Debian system using command:
$ ssh ostechnix@192.168.1.23
Here, ostechnix
is the username and 192.168.1.23
is the IP address of my NixOS system.
It will prompt you to enter your NixOS user's password. That's it. Start using your NixOS.
Check NixOS Version
Verify if you're really logged in the NixOS by checking its version. To check the installed NixOS version, run the following command from your Terminal:
$ nixos-version
This command will print the NixOS version information, including the NixOS release version, the codename, and the Git revision hash.
Example Output:
23.11.5541.56528ee42526 (Tapir)
In this example, the NixOS version is 23.11
(the release version), 5541.56528ee42526
is the Git revision hash, and Tapir
is the codename for this release.
Conclusion
In this article, we explained how to install and configure openSSH in NixOS. While the NixOS approach may seem more complex initially, it provides advantages in terms of reliability, reproducibility, and system integrity.
Related Read: